Report - bestsafelink.com/get/CysqcqsTyh

Report Overview

Submitted URL
bestsafelink.com/get/CysqcqsTyh
IP
104.21.28.222
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-05 12:33:40
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
bannerflow-feed-builder.azurewebsites.net	659103	2017-11-23T14:27:15Z	2023-03-13T08:06:58Z	553 B	2.6 kB	104.40.147.180
use.fontawesome.com	942	2017-01-30T05:43:25Z	2023-03-13T05:09:17Z	432 B	1.0 kB	172.64.132.15
withenvisagehurt.com	unknown	2023-02-04T03:23:37Z	2023-03-11T04:03:55Z	2.8 kB	4.5 kB	192.243.61.227
secure.adnxs.com	396	2012-05-22T18:37:37Z	2023-03-13T05:28:06Z	405 B	991 B	37.252.171.53
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	367 B	1.1 kB	216.58.207.228
trolleydryerfunds.com	unknown	2022-08-29T13:08:01Z	2023-03-06T05:26:23Z	800 B	27 kB	192.243.59.13
solitudearbitrary.com	unknown	2023-02-02T02:39:19Z	2023-03-10T02:13:07Z	5.2 kB	8.5 kB	173.233.139.164
script.crazyegg.com	1992	2014-10-23T19:42:31Z	2023-03-13T05:27:09Z	405 B	3.1 kB	104.19.148.8
bestsafelink.com	50889	2020-09-02T15:14:45Z	2023-01-07T14:30:05Z	822 B	1.5 kB	188.114.96.1
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
cdn.bannerflow.com	23819	2018-02-22T13:57:21Z	2023-03-13T06:55:22Z	1.3 kB	3.7 kB	104.16.170.188
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	443 B	165 kB	216.58.211.3
adserving.unibet.com	98000	2015-05-26T08:56:53Z	2023-03-13T07:24:32Z	1.9 kB	2.2 kB	23.36.79.11
www.unibet.nu	unknown	2022-11-04T12:13:23Z	2023-03-13T07:24:33Z	3.0 kB	5.8 kB	85.184.96.0
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	384 B	82 kB	142.250.74.40
dpm.demdex.net	204	2012-05-22T07:45:05Z	2023-03-13T05:18:25Z	665 B	1.3 kB	3.248.113.235
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	786 B	63 kB	142.250.74.138
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	162 kB	34.120.237.76
jennyvisits.com	unknown	2023-01-06T11:51:25Z	2023-03-13T07:45:59Z	2.4 kB	3.7 kB	173.233.137.60
welcome.unibet.com	242429	2017-01-30T06:39:28Z	2023-03-13T08:06:55Z	37 kB	273 kB	104.18.25.188
a1s-cdn.unibet.com	283505	2014-04-23T17:07:51Z	2023-03-13T07:24:33Z	2.0 kB	1.7 kB	85.184.96.5
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	4.7 kB	12 kB	23.36.77.32
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.1 kB	4.2 kB	142.250.74.131
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.200.77.111
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	944 B	54.230.245.100
simplewebanalysis.com	unknown	2022-02-25T05:06:25Z	2023-03-13T08:33:39Z	786 B	818 B	3.120.47.42
a1s.unibet.com	297625	2017-01-30T01:44:42Z	2023-03-13T08:06:57Z	2.0 kB	2.0 kB	85.184.96.5
unibet.demdex.net	338024	2017-01-30T06:50:24Z	2023-03-13T06:55:23Z	488 B	3.4 kB	54.72.53.159
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	799 B	1.3 kB	142.250.74.74
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	2.0 kB	3.4 kB	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-05	medium	withenvisagehurt.com	Sinkholed
2023-02-05	medium	solitudearbitrary.com	Sinkholed
2023-02-05	medium	withenvisagehurt.com	Sinkholed
2023-02-05	medium	solitudearbitrary.com	Sinkholed
2023-02-05	medium	jennyvisits.com	Sinkholed
2023-02-05	medium	solitudearbitrary.com	Sinkholed
2023-02-05	medium	jennyvisits.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (75)

	URL	Size	First Seen	Last Seen
	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908	59 kB	2023-03-07	2023-10-02
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908 IP 104.18.25.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1702 Hash b7fb41ed89500bb6a8f482f91216cfac caf092ff1935a3a13e8608d56ce60c008b498d68 4a2dbda07d552ad5d425033fcd10ccb1addc5140a177cbb0d11bb3f2f7974a8c Loading...

	bestsafelink.com/dist/js/init.js	18 kB	2023-03-13	2023-08-10
Pretty URL bestsafelink.com/dist/js/init.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:37:50 Last Seen2023-08-10 07:30:28 Times Seen5 Hash 7c509655af4c33edb7abf5c09a095176 86c3a8ccba469858dafa721b7386f5bb1eb15845 13c71c0e28d72eea627fc297e4e50eb946f84093237549ece59e3317639ac282 Loading...

	bestsafelink.com/vendors/click.js	1.2 kB	2023-03-13	2023-08-10
Pretty URL bestsafelink.com/vendors/click.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:37:50 Last Seen2023-08-10 07:30:28 Times Seen5 Hash 35c9ab25f969d7e886ec0de592912d0f 75e333ed7aab128fa3930942203969ad9d6dba17 459bcb4c863cf9b431bc363156af8a916a5d48562972c922f335c1bb065f040c Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js	5.4 kB	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js IP 104.18.25.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen8425 Hash ac64b59c98bbe50cf69b6c98fa39585c 0a5cc9fb43b8a208481baaf752dbd504078a764b 28ac02c7302149814ed1c1b8a31b96e1ea94247c3b64888a598f66955d28312c Loading...

	a1s.unibet.com/orval/tracking/lastclick.min.js	1.8 kB	2023-03-07	2024-02-01
Pretty URL a1s.unibet.com/orval/tracking/lastclick.min.js IP 85.184.96.5 ASN #47171 Unibet Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen5726 Hash 8027969a31091dd0d3a7813f95ee7e10 591677c488b8b98532778e11adc9348253a014a4 5166be250f7de7d316b5fb9778843cc3268ce3e00f917530f65e99dcdb355b60 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908	364 B	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908 IP 104.18.25.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6836 Hash b7207d294237fb810195b41fdd3cac28 ff7ef257957cbc2074fa5814177bb7cbbac44eb2 12f39122cef3c11903118c0f4769199ddc1e0e5ba13d7dbe8373e5c77391baf5 Loading...

	bestsafelink.com/dist/js/jquery.slimscroll.js	17 kB	2023-03-13	2023-08-10
Pretty URL bestsafelink.com/dist/js/jquery.slimscroll.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:37:50 Last Seen2023-08-10 07:30:28 Times Seen7 Hash 2e846544902417f3372fbacb28e1b7c2 e0f63a162ad7f48e04f56251a669b0360897ebf3 04a8efb74126bf0b594f150d725c19222bfbc7b7731ad9173330b36f7cff2f31 Loading...

	bestsafelink.com/dist/js/widgets-data.js	468 B	2023-03-13	2023-08-10
Pretty URL bestsafelink.com/dist/js/widgets-data.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:37:50 Last Seen2023-08-10 07:30:28 Times Seen5 Hash 0e073eed59343564d7bd81a4020d6cc3 68604b1eb36c86a53d39754d5e295d880912395f 4e23cb5609dd57ae45df7f400cc762fa13ae5c6542f5c95095402439d3a767a7 Loading...

	welcome.unibet.com/custom.js	5.9 kB	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/custom.js IP 104.18.25.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen8697 Hash 7bf01e92dd55d5fa298f55fbcb9afd30 4db58eaa64d33bce2d1ae88d5ed6919d8986f8dc 2c13bba84b390447c18343fd8319ca7aea45208f53fb3143ed27c354fd5b2b1f Loading...

	bestsafelink.com/dist/js/twitterFetcher.js	16 kB	2023-03-13	2023-08-10
Pretty URL bestsafelink.com/dist/js/twitterFetcher.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:37:50 Last Seen2023-08-10 07:30:28 Times Seen5 Hash 2242359022ca620e9ecdc56355a8bb27 b3f86c9dd408a337b3c3a2aaaed828bd79454c5c c26349bdba764e9b34b1bcdf3df19ebd2059f124c29a4f3fc3e681f48d033962 Loading...

	bestsafelink.com/vendors/jquery-toggles/toggles.min.js	2.4 kB	2023-03-13	2024-01-15
Pretty URL bestsafelink.com/vendors/jquery-toggles/toggles.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:37:50 Last Seen2024-01-15 14:42:40 Times Seen9 Hash 3ecfad102e58c3dfa56c961bf537d230 3f3f64d7bdb660fc7765ea123ce5d935a1b78735 dc466d0d963b3c7da4886bfcf7c5a884cf718395b48527d23974f3eef12af953 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908	307 B	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908 IP 104.18.25.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6858 Hash 5633bd464ac4d5c3fab4b6c6db04c743 e9b255450e7612595382082329b0fe88904abcee ca8576fcf8d4ca2350c9fe2a7976729e6e3c6b42ca948060a509a1eed46e93fd Loading...

	welcome.unibet.com/widget/betslip/betslip.js	15 kB	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/widget/betslip/betslip.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen13385 Hash 5770dc60397ffb834d1280aa7bcebbd0 f0bbf2136b83babe5a8f70eeff2308279e9a0d3a 42e08e8d4858e610d87679ab66e8a7cf4b575614c0aa1423d8a1c0245bda9a52 Loading...

	bestsafelink.com/get/CysqcqsTyh	31 B	2023-03-13	2023-03-13
Pretty URL bestsafelink.com/get/CysqcqsTyh IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:37:50 Last Seen2023-03-13 17:37:50 Times Seen1 Hash 419668ddb29099ea38b420db20e24db2 0abbdc8868621326e1aff098fb5aa01f51656a52 bee6b88dfa3fc81172bd20425473b3951874b28a438a5180d2879aed12cee935 Loading...

	script.crazyegg.com/pages/scripts/0012/9242.js	6.1 kB	2023-03-08	2023-03-13
Pretty URL script.crazyegg.com/pages/scripts/0012/9242.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:29 Last Seen2023-03-13 18:10:20 Times Seen1 Hash 946921b8d60d7a78753f012bc08e1839 c4e4a57a66468574b1c2c676775c75b3ff23fbbf 764977a345624aa95b09b69269aba4cc20d26a715fae0c0f395394008afc0e1a Loading...

	trolleydryerfunds.com/200b02289541c62fe5bc10c0b9729682/invoke.js	27 kB	2023-03-13	2023-03-13
Pretty URL trolleydryerfunds.com/200b02289541c62fe5bc10c0b9729682/invoke.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:26:53 Last Seen2023-03-13 18:01:51 Times Seen1 Hash 0f7acffebf24598d2261ede23e8aee28 47add8fc503241d42eda9edadc3c343ad0f68c89 3f4a3647481b675f84ddfde62ea396f598c103a51dff3e78dad987a7e7c952a5 Loading...

	jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17579507	357 B	2023-03-07	2023-04-05
Pretty URL jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17579507 IP 173.233.137.60 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:21:39 Last Seen2023-04-05 02:08:58 Times Seen138 Hash 7901f5d3ff7ad16e7c532afe4cbd0fdc 7f923233aa6f62ef5897c7700f4d57e0a4c3ead1 fa514b84f8c6fdfcac78e966f7bcf5834de5f364862494cf608d2f637c824db6 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908	235 B	2023-03-07	2023-06-27
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908 IP 104.18.25.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-06-27 14:28:54 Times Seen842 Hash d7e6cfa80c6d4f83e56972a515a7bc87 54da9ec648815ef2ef225e69c698f4d8a21363bf 94782f5573acd5c9f8a8131ea8ec3e313d02f077e9766508af6aecd952572c58 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908	277 B	2023-03-07	2023-09-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908 IP 104.18.25.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-09-21 14:18:09 Times Seen1576 Hash a06048fa305b7e3bd9b89366aee69071 05699ca86b944c67a0fc3240aeace995d9563200 4bdeff956fa33cb08c22fb884ba60fbb1f06c137b1df07e5f493ae4e3d6f88ff Loading...

	bestsafelink.com/dist/js/inputspinner-data.js	358 B	2023-03-13	2023-03-13
Pretty URL bestsafelink.com/dist/js/inputspinner-data.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:37:50 Last Seen2023-03-13 17:37:50 Times Seen1 Hash da802c04bd5aaaa0a556adefc127847d 2f36588645dd859a450ff9733fe9ee515253fce8 d209579a8d42fd43561b35b5ff2d6cbca4412478bd8d82120682567aa95aadc7 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LclfrsUAAAAAIpIdmcuRXq_EmsE6Nktz0JVjx8u&co=aHR0cHM6Ly9iZXN0c2FmZWxpbmsuY29tOjQ0Mw..&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=normal&cb=g7q3dho3275j	37 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LclfrsUAAAAAIpIdmcuRXq_EmsE6Nktz0JVjx8u&co=aHR0cHM6Ly9iZXN0c2FmZWxpbmsuY29tOjQ0Mw..&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=normal&cb=g7q3dho3275j IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:37:50 Last Seen2023-03-13 17:37:50 Times Seen1 Hash 6357b723516e975e4b05705c70eb42c0 830f547703a6d9d40005ba6481525670112df574 c165f6cce37a184d45c723b0d1a561d408fea2ca97eb2c2a593d524d92f56c62 Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6LclfrsUAAAAAIpIdmcuRXq_EmsE6Nktz0JVjx8u	178 B	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6LclfrsUAAAAAIpIdmcuRXq_EmsE6Nktz0JVjx8u IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:37:50 Last Seen2023-03-13 17:37:50 Times Seen1 Hash 16bd9aecaadf61ef040361b9a3b62720 58c72b2918a122c8d6f039f0ebd422e1d6968337 0750989f1d6610057fc1000c34130307fc8bcd6821121416ed8640eb92040528 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908	2.2 kB	2023-03-07	2023-10-02
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908 IP 104.18.25.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1647 Hash c0f99959e76a9ae3302a785606121738 b7121b4e8dfd06a376a210933831917cf22131a7 8635426cb6fbc3d728559ba093c8aa5455f2d5338aefb695ef68aa88a406f615 Loading...

	bestsafelink.com/dist/js/owl-data.js	1.5 kB	2023-03-13	2023-03-13
Pretty URL bestsafelink.com/dist/js/owl-data.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:37:50 Last Seen2023-03-13 17:37:50 Times Seen1 Hash d7b2e2344e1c62bf4a9fed6a1238e7a2 37fb89491e90a210d85e6450af4a2b7b48e6cfbf 4e58327ec0df296b050679343bc7749c807b33addac8ec2a73456535e6b1af23 Loading...

	trolleydryerfunds.com/200b02289541c62fe5bc10c0b9729682/invoke.js	27 kB	2023-03-13	2023-03-13
Pretty URL trolleydryerfunds.com/200b02289541c62fe5bc10c0b9729682/invoke.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:17:59 Last Seen2023-03-13 17:47:16 Times Seen1 Hash 8e3fe1ca6c370769c8b64463b8a08f1d d63cafd8800dca86e8f984b0c3c66fb3c8fdda27 98f122b141a0a41c2c9be6c320611b5bce1649088ff01562e07ed97314532339 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908	147 B	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908 IP 104.18.25.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6862 Hash 1d18cffe3fc76896ca02254b5879b535 1a8fec7049c5644eaab6f7aecf8672f3f858d037 cb934bad0e7cb0b0b2edbc619a28b2d7ee4960dba893c3c2ce2a63e458d8af5b Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908	92 B	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908 IP 104.18.25.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6846 Hash 7f0f3c1a6218ba26e0a2303513a4b789 a8d06c9a0d0b367220509b18213f6b102f4b4fc0 faffe243fd7f581af68fd7dafdf86ff1e5c0824831f03d5758cb309da65fddda Loading...

	bestsafelink.com/vendors/popper.js/dist/umd/popper.min.js	19 kB	2023-03-07	2024-04-19
Pretty URL bestsafelink.com/vendors/popper.js/dist/umd/popper.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-19 21:13:26 Times Seen110445 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	www.google.com/recaptcha/api.js	850 B	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api.js IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:36:21 Last Seen2023-03-13 20:50:27 Times Seen1 Hash 70aab65851791173878a53cd9897bd90 a15efa7ce5eac1436fd05215a1a540ab3a4529b7 cad6dc25a593ca6887a2698a08246928b73f9d4dd714976a4990886d8b6dadce Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 21:40:56 Times Seen36967518 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js	957 B	2023-03-07	2024-02-01
Pretty URL a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js IP 85.184.96.5 ASN #47171 Unibet Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 01:39:23 Times Seen1064 Hash e19225e3eb562a3b6a86f7b8b47c38fb ce3eb55448afd8fc9dfa4ac82f8743a009d5e142 c152526a02cb050650847e999ae141eae985472fbf73c5a843160b3b6bb06f79 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js	4.5 kB	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js IP 104.18.25.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen8257 Hash 04fc48de78cbfc5d1557e9df399c7733 e1bf77a4fef1943b0eab404c4abbe9477cb373e0 4c6d70ebaf667a642560297cdca94fa760d3624e1f4cab0da08711f0c492fed6 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC	240 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:37:50 Last Seen2023-03-13 17:37:50 Times Seen1 Hash add5d3c1045f205d93128cc2edf32829 5af0f1129d908d7db1a81ff7f370fcd29adea14c bf14e3b7c28d122ac85cb06bb8e8bb28698cb91b7fb415099849eca5cd5a91c0 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908	37 kB	2023-03-07	2023-11-06
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908 IP 104.18.25.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-11-06 09:27:16 Times Seen2374 Hash 93db3dee4c43b7d39a245c49591ba4b5 e22687abedfc3b2496fa1b3ba61a2f567f1211b8 0dc951e8d75c93a7d625da52744fcecb22b197c2f92783dd71f1cfead1b9b043 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908	2.7 kB	2023-03-07	2023-06-27
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908 IP 104.18.25.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-06-27 14:28:54 Times Seen838 Hash 4f81620c61dcee3796fd3363a5338651 1739f9bd67e9cb64b61159e14a698c4ace82fe69 b7b20a7ae40fdd82ac83c2ed9064230801e050eaccfa28c2c5cc847d34dec6a9 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908	2.6 kB	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908 IP 104.18.25.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6831 Hash cd03538fc58df8693fe9af9337788f0f 408a15551710117d0538fc9442a55b5678bb85a5 cc933dd733a6db1a1a9ff1d7c0adb26717fa27d4d177b7a5a2cab0bfdb353562 Loading...

	bestsafelink.com/vendors/bootstrap-input-spinner/src/bootstrap-input-spinner.js	8.7 kB	2023-03-13	2023-08-10
Pretty URL bestsafelink.com/vendors/bootstrap-input-spinner/src/bootstrap-input-spinner.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:37:50 Last Seen2023-08-10 07:30:28 Times Seen5 Hash e0e343150eae5360d8c19e28c0bd5aac 3c99d0427e3ee327ae4bc01012dc21fdd8443e50 aa7decc4be981c80b7efaec308cf07b89413b5df08f8e222cd5bf7fb26ec3930 Loading...

	bestsafelink.com/dist/js/toggle-data.js	5.5 kB	2023-03-13	2023-08-10
Pretty URL bestsafelink.com/dist/js/toggle-data.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:37:50 Last Seen2023-08-10 07:30:28 Times Seen5 Hash 59c5d2b37081519848136e54d83800ba db5814ac828f4d8b819d3c435b2b8dc740df129b b84473ecdec2097bdf09f4cfaed84ecbd8382cc9d561fa383eefd6ed38c33f8b Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908	5.4 kB	2023-03-07	2023-08-08
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908 IP 104.18.25.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-08-08 14:09:19 Times Seen1025 Hash 26c5eb641d4b8e7a86948e5a397d4203 9bf9b195284806ae56e32f7a0531ad91ad7bf731 aee310721d3d1cb60cdb3e4d714451c5ef94b93e820d0f08bdbb1b04f00d9b73 Loading...

	bestsafelink.com/vendors/bootstrap/dist/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-16
Pretty URL bestsafelink.com/vendors/bootstrap/dist/js/bootstrap.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:49 Last Seen2024-04-16 15:44:10 Times Seen2415 Hash eb5fac582a82f296aeb74900b01a2fa3 fffea98e12e63b66693d567315a2f32392b780b0 c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef Loading...

	bestsafelink.com/dist/js/feather.min.js	65 kB	2023-03-09	2024-02-25
Pretty URL bestsafelink.com/dist/js/feather.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:08:01 Last Seen2024-02-25 01:28:36 Times Seen69 Hash cf168d93f85186a42f21732b10385468 bc41adc0077cc9c5a9f9c093f183ff0818ffe6b1 926f558840e0da360c448577220be1664ac6217b7b7be4f4cd87b3f450b4eb87 Loading...

	bestsafelink.com/get/CysqcqsTyh	339 B	2023-03-13	2023-03-13
Pretty URL bestsafelink.com/get/CysqcqsTyh IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:37:50 Last Seen2023-03-13 17:37:50 Times Seen1 Hash e58cf2227c570951c0d59f8179cca9fa 71626718850e3d6e7113b9b67bb838d87158f493 ff1773d147e961bdc10b22ff1d5fa1f4e989c7f403f8838106588cb568c6b1f8 Loading...

	jennyvisits.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660	2.1 kB	2023-03-07	2023-04-05
Pretty URL jennyvisits.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-04-05 02:12:07 Times Seen388 Hash 4fd91164aa79d34ae401150b9f112bbe a09fe46ece27e06c82f059c481090481804461bc e717b18eba32145b270f89fb30d50c51c6fdd7060deff6f467fc8621973123f8 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	87 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 21:13:26 Times Seen105353 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	bestsafelink.com/vendors/v.js	2.1 kB	2023-03-13	2023-03-13
Pretty URL bestsafelink.com/vendors/v.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:37:50 Last Seen2023-03-13 17:37:50 Times Seen1 Hash 2d4709083142f23688040c5a7e896701 5450115d86cba5b15e6d04168d0399d43566eab0 f862879129034385bc793479f85b3022f8791cafbb3b44d224918a162a086fde Loading...

	www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js	412 kB	2023-03-13	2023-03-14
Pretty URL www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js IP 216.58.211.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:35:27 Last Seen2023-03-14 08:38:41 Times Seen1 Hash d2aff4cd4e40d9bfa2c1f818bcad7ce2 4cc960f771819bccd4783520506e3909e8ec0fcd d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908	217 B	2023-03-08	2023-09-13
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908 IP 104.18.25.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:43:36 Last Seen2023-09-13 11:50:24 Times Seen1474 Hash ddd6d3f3c95f65d092f39f7d6c806fff 1d9a1a9cf8ca546de93e144d1145643409166a14 e7aec5887920ea12c56a256725793a33d45749a0499c0780c9c9b99d2914222f Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908	721 B	2023-03-07	2023-06-27
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908 IP 104.18.25.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-06-27 14:28:54 Times Seen839 Hash 9c83e2435e1e8d72ce6b63ef2ff44894 bd04a958ae23aaf1b3d427b9bffaf4d041956be1 3c5e987ccf5ca2a1dbf43e2d257bf114e113add7d384d433055c1261722b06fb Loading...

	unibet.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwelcome.unibet.com	6.7 kB	2023-03-07	2024-03-23
Pretty URL unibet.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwelcome.unibet.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-03-23 05:26:10 Times Seen1169 Hash bea2f42512935b636558e81988e2d51f 2c9772b62f6eb8a3cec9c3a6fb9c0b22c927e59d 0cc5ff21c24654308609656ebcfda2d792d15f6fda17c0a88b551fcf8e456fdb Loading...

	bestsafelink.com/vendors/owl.carousel/dist/owl.carousel.min.js	44 kB	2023-03-07	2024-04-19
Pretty URL bestsafelink.com/vendors/owl.carousel/dist/owl.carousel.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-19 15:49:50 Times Seen19835 Hash f416f9031fef25ae25ba9756e3eb6978 e2a600e433df72b4cfde93d7880e3114917a3cbe a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d Loading...

	bestsafelink.com/get/CysqcqsTyh	1.4 kB	2023-03-13	2023-03-13
Pretty URL bestsafelink.com/get/CysqcqsTyh IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:37:50 Last Seen2023-03-13 17:37:50 Times Seen1 Hash 37ad9127a492bc64614d9aa0f221a3f4 8a7654640c1cc18dea6fde92d48d1ee71ed23554 09c6db5ee57f20a3f990d8793ea379fdd5e52628df4265ed0eaa14c61a2af3fe Loading...

	solitudearbitrary.com/watch.1422874973108?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1	2.2 kB	2023-03-13	2023-03-13
Pretty URL solitudearbitrary.com/watch.1422874973108?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1 IP 173.233.139.164 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:37:50 Last Seen2023-03-13 17:37:50 Times Seen1 Hash 8cc2f388842c58183e26505f8e80f4e4 4d42fb021c4d3c09fae9c7a9f1529685701457dc 7d20d4d19d7224db85c7917cdbf0b6a207d43c9c42e7fc99d409edac0d3d9774 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908	294 B	2023-03-08	2023-09-13
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908 IP 104.18.25.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:43:36 Last Seen2023-09-13 11:50:24 Times Seen1476 Hash fe53926e4255981329b5ccf0739441e1 e7317f10b43129fdfd0c9c8faa8d004753cdfaef be6b672647d775c29253e5653d707f3fa6fbed94c5ebb00eb543fc76f13d6dbb Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908	667 B	2023-03-07	2023-09-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908 IP 104.18.25.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-09-21 14:18:09 Times Seen1578 Hash 2d41aac452b14ef4b388a79a47791b35 cee1071dcf7b8095fe214afc02177dc39bd4f973 44ed144c670270401a2ba9d624c2d98dc2e31c3df30ce612a7c94041cb2210de Loading...

	bestsafelink.com/dist/js/dropdown-bootstrap-extended.js	3.1 kB	2023-03-13	2023-08-10
Pretty URL bestsafelink.com/dist/js/dropdown-bootstrap-extended.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:37:50 Last Seen2023-08-10 07:30:28 Times Seen6 Hash 53a71883585ef244a81fe1d8ee65bbf2 924c5682bb08636aa62dec362e0edbc906a2b9b9 2b6a23f37105a2b9989ca6762853c645ab1226fe28afc0ab5182c668c1df5e7b Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908	7.5 kB	2023-03-07	2023-04-27
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908 IP 104.18.25.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-04-27 00:24:56 Times Seen338 Hash f11aa08db800dc0e89f963fb3043f461 565fea671f23ae5189aa25ffcc5d0f2e548f72b2 b494d197c2e32274ca7543dd7828afb81a72db96a88da514f5f8ec45f73649ac Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LclfrsUAAAAAIpIdmcuRXq_EmsE6Nktz0JVjx8u&co=aHR0cHM6Ly9iZXN0c2FmZWxpbmsuY29tOjQ0Mw..&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=normal&cb=g7q3dho3275j	69 B	2023-03-07	2024-04-19
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LclfrsUAAAAAIpIdmcuRXq_EmsE6Nktz0JVjx8u&co=aHR0cHM6Ly9iZXN0c2FmZWxpbmsuY29tOjQ0Mw..&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=normal&cb=g7q3dho3275j IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-19 19:49:33 Times Seen99083 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

		Size	First Seen	Last Seen
	#1 Eval - af72b91f44a63027ce6a3360baee8a43	22 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 21:10:41 Last Seen2023-03-13 21:02:57 Times Seen1 Hash af72b91f44a63027ce6a3360baee8a43 030a8bdf4fc642af17e60f7942b4e7db0b395ef9 3767d5321b4ae282cd6bc77966b15645f99a332b0c28e8bdd6ffd6bfa9cb2104 Loading...

	#2 Eval - cdb8f5789b376b67f7efeda96ebbd0f8	22 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 21:10:41 Last Seen2023-03-13 21:02:57 Times Seen1 Hash cdb8f5789b376b67f7efeda96ebbd0f8 906bf65532f9e9f29bb1df8bfb222515be0cb5fc d896ad7d50d378b59b9d1be3c4950cbc057ad6cc83f9cdef522454929cc9f301 Loading...

	#3 Eval - 84b2cd04a3e6a53dd1e2d2281b4ec9d0	55 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash 84b2cd04a3e6a53dd1e2d2281b4ec9d0 453fd8561e4859d9adbbe37e66110d2584bc2c1d 14986cbd70f8b8a1770adf9800c113847daf392c2999dfff9dc71d2be98f3282 Loading...

	#4 Eval - dddc8519e9834ad5d3074584ccf9f8b7	132 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash dddc8519e9834ad5d3074584ccf9f8b7 829d5d1a21eff85f38994e567322cc3bcce9c9cd 0a23e511994a2c03a725773de07810ff171878b9c0177f40a663038e4e251168 Loading...

	#5 Eval - add2d829cf386f4838b0cdef5348451c	71 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1710 Hash add2d829cf386f4838b0cdef5348451c c8295463ce81113f7396d77c108349f473285c49 dcdd7e7e286c45c94638f28053384616d6ca9a1b396b0109cb51f1298ba342bb Loading...

	#6 Eval - d66a51311c2681be9b2814403d8e8308	60 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash d66a51311c2681be9b2814403d8e8308 284b626b87d046fe1adfc6899ade214d57f09655 9d51544cc513110b130345a977b1e9e630b5a7aa01518f7f7898758b79a9699f Loading...

	#7 Eval - 0df47f7ec8a7025bea46266133fe90c1	54 B	2023-03-07	2024-04-17
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2024-04-17 03:22:10 Times Seen1724 Hash 0df47f7ec8a7025bea46266133fe90c1 407aeb860ef834517df3dfa568905e7c95d42d9f fc490a09c28110ae2a7c965801ebeb5c572587f55c3524889f547dbcc34c1d81 Loading...

	#8 Eval - a2bcebb48aaee0300030cf8123020f69	135 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash a2bcebb48aaee0300030cf8123020f69 365d67c7f5ce945805339efb40c083cc97d1f9b2 fc7b851f30df68c5cc6d1fb3f06c300b2b1d7271f76cc187224050270141f0ed Loading...

	#9 Eval - 596da5f7bb09f22c58c4073eb41d604e	62 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash 596da5f7bb09f22c58c4073eb41d604e 66603b30823c3a560dae4f1b6afb92ab5a0f91d5 adf0ca592504ef680d5ea02d5161b15be0572fd3e5b41d152b74f0c76aea6c42 Loading...

	#10 Eval - 4b4768884dd164bcabacb4edf182609a	61 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash 4b4768884dd164bcabacb4edf182609a 881cdbd84f94dc256c40f2ee489d83f956c1b36b 9259355921509ced00b4d7d3e76c151037a06c88a646cd7d47d5d9c96984697c Loading...

	#11 Eval - 3f841452f9e6005363c2d8ef6a750b14	20 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 17:37:50 Last Seen2023-03-13 17:37:50 Times Seen1 Hash 3f841452f9e6005363c2d8ef6a750b14 d59e9e767c6a2e6a867d71bc37c182391dc9d3fa 62d79d8ce523c0668298007acc80f139937467adcf5f8af0cda50a3d26f74b4b Loading...

	#12 Eval - f4bf22269e41be9e3a92808f5d0f2201	16 kB	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 21:10:41 Last Seen2023-03-13 21:02:57 Times Seen1 Hash f4bf22269e41be9e3a92808f5d0f2201 597b026bf76f9a647e1d16d8532d9ddd5f0de46b 276096740107abb4b5b058985713ac9e81f2fcb100010356b47be556e300d790 Loading...

	#13 Eval - eab8313bda5bcf457e3960dd870ec986	64 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 21:10:41 Last Seen2023-03-13 21:02:57 Times Seen1 Hash eab8313bda5bcf457e3960dd870ec986 2040c44ca623657a7842ed109aa1ff376784968c 6ddb568813476781555dc007dbf68364ac4237de77158b4a2b8906396d564da3 Loading...

	#14 Eval - 127ac839a41bdd9ab92ad47b7411cdaf	29 B	2023-03-08	2024-01-15
Pretty Observations First Seen2023-03-08 14:23:53 Last Seen2024-01-15 00:09:04 Times Seen889 Hash 127ac839a41bdd9ab92ad47b7411cdaf c2f81b12778c909f055c3967caa638b643c4916a b2ebc210c5c379879d07a4a9e046a4ea803d56dcc91d533db817ec272cbcfaf4 Loading...

	#15 Eval - 9c41b0b6b21290dbfc0be28506462889	449 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 17:37:50 Last Seen2023-03-13 17:37:50 Times Seen1 Hash 9c41b0b6b21290dbfc0be28506462889 c3f65e6a21480266ea9505ddf2bfee4a7c57f69d 705a873e4a1670096aaf069d38bec42cef1b6427ab33005d2cc987b06e768b3e Loading...

	#16 Eval - 52a838bf9957f0cff2021c034f169cb0	88 B	2023-03-07	2023-11-06
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-11-06 09:27:16 Times Seen2384 Hash 52a838bf9957f0cff2021c034f169cb0 30a7327c54334eb310944b6fd01ddf34b4e2ad9d 5e05e2cf30322e8f71d65a22aa5f4a095923b67286a61d83b7787e3468f42f62 Loading...

		Size	First Seen	Last Seen
	#1 Write - c3ab8cab161b0bf357ce845c3f4dd869	119 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 17:37:50 Last Seen2023-03-13 17:37:50 Times Seen1 Hash c3ab8cab161b0bf357ce845c3f4dd869 e32daa7984f31560c546aab23c3c63c9247ac075 7307b7d58cec2b61724f271948de7bfb5370b8a8efe02b485a233aa849eaf1e1 Loading...

	#2 Write - ac798ac2b2c9559c3e64b701f845c78e	50 B	2023-03-07	2024-02-01
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6876 Hash ac798ac2b2c9559c3e64b701f845c78e 288602cbfebecea88ca238ce32c92d133bf59bff a2b051fa7d206df6e4eeee27678781de0752c1ac7adcfd359c1a2fc7ff507449 Loading...

HTTP Transactions (89)

URL IP Response Size

bestsafelink.com/get/CysqcqsTyh

188.114.96.1

301 Moved Permanently

0 B

URL HTTP/1.1
bestsafelink.com/get/CysqcqsTyh
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /get/CysqcqsTyh HTTP/1.1
Host: bestsafelink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 12:33:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 05 Feb 2023 13:33:29 GMT
Location: https://bestsafelink.com/get/CysqcqsTyh
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssrYOZcvkgldYirpsN3aioHNNvsBl3ihu3gOOsT8BmPILQBx8%2B4K%2FI5dEuh2wPK%2BZXM9sbt8Fe%2Bl%2BNEZypX5Eg9zH1dONW4BEd47Kqcqoc842xI7RG9uHbX62RiIe9mLy9yZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794bacc11d94b4f4-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8926
Expires: Sun, 05 Feb 2023 15:02:16 GMT
Date: Sun, 05 Feb 2023 12:33:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5638
Expires: Sun, 05 Feb 2023 14:07:28 GMT
Date: Sun, 05 Feb 2023 12:33:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16345
Expires: Sun, 05 Feb 2023 17:05:55 GMT
Date: Sun, 05 Feb 2023 12:33:30 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 11:36:17 GMT
content-type: application/json
age: 3433
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: OEZ86DsJUn/GgE6wJqPrjnA7W7DXNX/+Li9xQ1sd2CTz+14Ox4E3KYN/T4Z6FIc4JUPsttvCYqU=
x-amz-request-id: F5RS491AJAG20RDH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 12:24:28 GMT
age: 542
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 12:33:30 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
7a7037fecc63712eb3a4d3f9e90a1fc5
4468341003c78acb05f8d389d4f3f2340488e713
e8a904096870845a902c92247b0f7e65e7ad3ff40903ba8fb70c92ecde54f1ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:30 GMT
Server: ECS (amb/6BA5)
Content-Length: 279

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 11:49:07 GMT
age: 2663
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4814
Expires: Sun, 05 Feb 2023 13:53:44 GMT
Date: Sun, 05 Feb 2023 12:33:30 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
7a7037fecc63712eb3a4d3f9e90a1fc5
4468341003c78acb05f8d389d4f3f2340488e713
e8a904096870845a902c92247b0f7e65e7ad3ff40903ba8fb70c92ecde54f1ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:30 GMT
Last-Modified: Sun, 05 Feb 2023 12:33:30 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a78b06ca527ce7542b24b349e0485d8b
6f5e5126c1c9d40c9ba09d58e1755d2ca39d02ab
bc7dc156ab8b2b33422fff0922e219246eb1d12469d10ac8007416fed41ac473

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.138

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestsafelink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:28:50 GMT
expires: Thu, 01 Feb 2024 22:28:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 309880
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/api.js

216.58.207.228

200 OK

553 B

URL HTTP/2
www.google.com/recaptcha/api.js
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (850), with no line terminators
Size
553 B (553 bytes)
Hash
c40fb3e99bdf4c051379206b381f995b
3cf6ce4a866abbd13ce857357061a1cfa3a27690
0c45a6582686059e9d82919355c239be284c5740680f56332419ce0516280183

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestsafelink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Sun, 05 Feb 2023 12:33:30 GMT
date: Sun, 05 Feb 2023 12:33:30 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

54.200.77.111

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.200.77.111:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: u2A5WyAcao0yHbGnePIIWw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NT4BFmVBmZLN+7UynMou5U4u9WE=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10819
Expires: Sun, 05 Feb 2023 15:33:51 GMT
Date: Sun, 05 Feb 2023 12:33:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10819
Expires: Sun, 05 Feb 2023 15:33:51 GMT
Date: Sun, 05 Feb 2023 12:33:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10819
Expires: Sun, 05 Feb 2023 15:33:51 GMT
Date: Sun, 05 Feb 2023 12:33:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10819
Expires: Sun, 05 Feb 2023 15:33:51 GMT
Date: Sun, 05 Feb 2023 12:33:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10819
Expires: Sun, 05 Feb 2023 15:33:51 GMT
Date: Sun, 05 Feb 2023 12:33:32 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12967 bytes)
Hash
8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 38c58626-f4ad-4e2b-ad71-a628519d2ea2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmEdHFwCoAMFhxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8b453-7da6d0c1093468d320caaa1e;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 06:25:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t8dZTwod1-pZr8ACfp-6gfEu0TA3kGpfJrQeF8VgLg2tlrt03sa6Bg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:40:08 GMT
age: 32004
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

69 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
69 kB (68725 bytes)
Hash
1fd5b5d2bb5fb47fe75160b35358063f
fb9ebc99df4c29cdeb39da5d596f072dc876a433
999c9b4b964257ab48d34b7569c2f67e1e29e543a1b2b3aa59c31b754a5b5542

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 280f7003-2696-4a82-bd50-82b0a2b66faf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsSpoEA0oAMFSBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db3170-35dcb9513c891af201b973d1;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 03:43:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 00Sp1Thtp-YIGYmu7qIB6GtKBxOGLgcAse2SusryA8xaBrnWQDD-Hg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:04:01 GMT
age: 52171
etag: "67e7c49ea7648fc6d1dffc22588862c993b785b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (5014 bytes)
Hash
5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 14:53:45 GMT
age: 77987
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

37 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b593b5-5093-4504-8ab7-492c62b14ca7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
37 kB (37082 bytes)
Hash
97658bb10ce28c1dee6b105d03d2ce09
17bcf027f9a68ff65614982189b221d34517fe08
3da6ce84562b8c52ba5d3ce48ebc609323d5b80e095606dfe5cd0099f0341254

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b593b5-5093-4504-8ab7-492c62b14ca7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5801
x-amzn-requestid: 441284a8-923a-4b22-b39f-95dec713c292
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fjj9jHu_IAMFZ-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d7b389-788174a773fcd695540cc95e;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 12:09:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DgvqiQwdytO2caPNzg2OhGcv8ly9N_YeQTzpuf6iwAVt8AQZEXRLqw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:52 GMT
age: 53380
etag: "48c408d37a7bd7f96653174359178eed46ddf298"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

25 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
25 kB (25269 bytes)
Hash
ad6bbd9de9e376c3fb0f8a96e06521e6
86aa55994beb2803ddfadf0ade6934b9d27adb11
171691c747db5e43262d56a1908ad19165fbdaba096f34434021ac2d55067f00

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jIvBQjGh9JzWQM0YpEYiqP5CcBrkwqLVjAYhMWJ1P1H0MRkm7kpnpg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:12:06 GMT
age: 51686
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
6.5 kB (6529 bytes)
Hash
b8e46e108718a5c4e332dad12923f2ac
125a26009c2b169311b205e1f94af1b8a41a66db
9d20650f7d009cad162409d88bed340a05cd8a5799e464f89b70f6e9a5905d8f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 13:05:46 GMT
age: 84466
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0d7c477713e790f3ef98dc674f3222fc
a2382b9e416fe9643097bc20eac5d731a04d74aa
695b092fde1c5da6fabcca568dbd8bd41eae8023f92e8ea020a8850010aa171d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "695B092FDE1C5DA6FABCCA568DBD8BD41EAE8023F92E8EA020A8850010AA171D"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10284
Expires: Sun, 05 Feb 2023 15:24:56 GMT
Date: Sun, 05 Feb 2023 12:33:32 GMT
Connection: keep-alive

trolleydryerfunds.com/200b02289541c62fe5bc10c0b9729682/invoke.js

192.243.59.13

200 OK

16 kB

URL HTTP/1.1
trolleydryerfunds.com/200b02289541c62fe5bc10c0b9729682/invoke.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
16 kB (15680 bytes)
Hash
37eaf5150b6f8ede9c93de229375326b
e60731b556bdbbb072f4de96fb6bbac7eb8bb0bf
946cb74d30909dcb8d407f1c946d47b604f7afa26bad90c6304930083637ea58

HTTP Headers

GET /200b02289541c62fe5bc10c0b9729682/invoke.js HTTP/1.1
Host: trolleydryerfunds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestsafelink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 12:33:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 891101001be02aca3ccef85406a4f6ca
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

trolleydryerfunds.com/200b02289541c62fe5bc10c0b9729682/invoke.js

192.243.59.13

200 OK

9.8 kB

URL HTTP/1.1
trolleydryerfunds.com/200b02289541c62fe5bc10c0b9729682/invoke.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Size
9.8 kB (9782 bytes)
Hash
8d50f411f1c3c20de2dd475152fb1b1b
fc1257b6c4d7cba33ae0302aa1bdd27e42c28a51
39cfce50414fb8d7daea83b1a2bf0e3a86bb5582c05d9361cddbf22398279455

HTTP Headers

GET /200b02289541c62fe5bc10c0b9729682/invoke.js HTTP/1.1
Host: trolleydryerfunds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestsafelink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 12:33:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3934d1a37cec61fa7b877e54554124cb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
dccebcfaad6c97d820364ec92d4a511b
a1adef127bad0f85751b5a7b47025c33d40083c4
6be12cee36873a68c71f277876470b5a3807acf44b39a92b575595e9aa95c973

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 12:33:33 GMT
Last-Modified: Sun, 05 Feb 2023 11:19:18 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BhgWbcJZcVz4CugX1unnrTJAbdx3jN50BIiDyh0ZnK9uiOj6xQo1XQ==
Age: 4455

simplewebanalysis.com/stats

3.120.47.42

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
3.120.47.42:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
453a7e64b413866677aac5eff65414c1
fea9d47bea7ad80b9c66ada91b1d247fb6e94323
f1014ccaef4ff93b14489e89ab8a29584801a7a9f38a13099bc424216fba646f

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestsafelink.com
Connection: keep-alive
Referer: https://bestsafelink.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://bestsafelink.com
access-control-allow-credentials: true
set-cookie: uid_id2=7f98c11f-d9c9-42b8-bb8b-b0cbe4c3a185:2:1; expires=Wed, 02 Feb 2033 12:33:33 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

3.120.47.42

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
3.120.47.42:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
67655f4a019a423eefb942ba6548da84
bec5b3652535e67fb6196dc3c6fff591b378731d
9be33fe6ca56141548a6bc13273112a33165b5e1fe69bd7e961a99ecf085be84

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestsafelink.com
Connection: keep-alive
Referer: https://bestsafelink.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://bestsafelink.com
access-control-allow-credentials: true
set-cookie: uid_id2=f5a2a330-7a6c-466f-a296-263734b9ae05:3:1; expires=Wed, 02 Feb 2033 12:33:33 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js

216.58.211.3

200 OK

164 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (633)
Size
164 kB (163841 bytes)
Hash
fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a

HTTP Headers

GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestsafelink.com
Connection: keep-alive
Referer: https://bestsafelink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 08:53:11 GMT
expires: Wed, 31 Jan 2024 08:53:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 445222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
79e65fc8bd6082f7b42e9235efec43f9
f9a2b2c14c1fa6aa4d832c77066452c72b209274
0266d380456e97ee19ae84c54858fc37d227d79292fb731015a874b3d954eb5e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0266D380456E97EE19AE84C54858FC37D227D79292FB731015A874B3D954EB5E"
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9096
Expires: Sun, 05 Feb 2023 15:05:09 GMT
Date: Sun, 05 Feb 2023 12:33:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aeeefd2d41311d21e58a79216388b8ec
61b6224aed9721be9b600640073c26f91fe2566b
70abf72a66f3491630ee6d380cd655a33489aa411b1bac80319190f31d2a6295

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "70ABF72A66F3491630EE6D380CD655A33489AA411B1BAC80319190F31D2A6295"
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8781
Expires: Sun, 05 Feb 2023 14:59:54 GMT
Date: Sun, 05 Feb 2023 12:33:33 GMT
Connection: keep-alive

192.243.61.227

307 Temporary Redirect

0 B

URL HTTP/1.1
withenvisagehurt.com/watch.733173449693.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=7f98c11f-d9c9-42b8-bb8b-b0cbe4c3a185%3A2%3A1
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.733173449693.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=7f98c11f-d9c9-42b8-bb8b-b0cbe4c3a185%3A2%3A1 HTTP/1.1
Host: withenvisagehurt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestsafelink.com
Connection: keep-alive
Referer: https://bestsafelink.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 12:33:33 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://bestsafelink.com
Access-Control-Allow-Origin: https://bestsafelink.com
Access-Control-Allow-Credentials: true
Location: https://withenvisagehurt.com/watch.733173449693.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=7f98c11f-d9c9-42b8-bb8b-b0cbe4c3a185%3A2%3A1&shu=acc56654475f5be261aa57f18a5c828d516c3dc50395800fb823a4e6959d9dee70d8d90e54ecb0afd74e4647d4b2dd8cf31e9d85cb050181ec7840195478966737652b4f0d63b34834c149b381faf7f8d3a0dd8e9c15f5cb5b74e312e9ecbb&pst=1675600473&rmtc=t
Set-Cookie: u_pl=17579507; expires=Mon, 06 Feb 2023 12:33:33 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3OTUwNywiayI6IjIwMGIwMjI4OTU0MWM2MmZlNWJjMTBjMGI5NzI5NjgyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MzM0LCJwaWQiOjUxODY2MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoidDB3c2IyYXciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9iZXN0c2FmZWxpbmsuY29tL2dldC9DeXNxY3FzVHloIn19.-uf3PLmuHa4ae1u6JNglXsaVog3RjzyNUNeezsEWRfo; expires=Sun, 05 Feb 2023 12:34:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: edea9a4e24e8532c4ac5c8b99b4327ef
Strict-Transport-Security: max-age=0; includeSubdomains

solitudearbitrary.com/watch.1422874973108.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1

173.233.139.164

307 Temporary Redirect

0 B

URL HTTP/1.1
solitudearbitrary.com/watch.1422874973108.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.1422874973108.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1 HTTP/1.1
Host: solitudearbitrary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestsafelink.com
Connection: keep-alive
Referer: https://bestsafelink.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 12:33:33 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://bestsafelink.com
Access-Control-Allow-Origin: https://bestsafelink.com
Access-Control-Allow-Credentials: true
Location: https://solitudearbitrary.com/watch.1422874973108.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1&shu=c554a5c4ea7e00bb2c97dc840b5466b90153d4416624999bd88a6a19778364e22cc18115c56d523b10e9a0849e3091dc5bb969ac1987751a87a982f1c6009804fb43787dec081a644832dcbfc83e973e0a5c068350718c334d3e23c2a4318e&pst=1675600473&rmtc=t
Set-Cookie: u_pl=17579507; expires=Mon, 06 Feb 2023 12:33:33 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3OTUwNywiayI6IjIwMGIwMjI4OTU0MWM2MmZlNWJjMTBjMGI5NzI5NjgyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MzM0LCJwaWQiOjUxODY2MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoidDB3c2IyYXciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9iZXN0c2FmZWxpbmsuY29tL2dldC9DeXNxY3FzVHloIn19.-uf3PLmuHa4ae1u6JNglXsaVog3RjzyNUNeezsEWRfo; expires=Sun, 05 Feb 2023 12:34:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 69c57d3c92201deffec66f5c22b39fc8
Strict-Transport-Security: max-age=0; includeSubdomains

withenvisagehurt.com/watch.733173449693.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=7f98c11f-d9c9-42b8-bb8b-b0cbe4c3a185%3A2%3A1&shu=acc56654475f5be261aa57f18a5c828d516c3dc50395800fb823a4e6959d9dee70d8d90e54ecb0afd74e4647d4b2dd8cf31e9d85cb050181ec7840195478966737652b4f0d63b34834c149b381faf7f8d3a0dd8e9c15f5cb5b74e312e9ecbb&pst=1675600473&rmtc=t

192.243.61.227

200 OK

635 B

URL HTTP/1.1
withenvisagehurt.com/watch.733173449693.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=7f98c11f-d9c9-42b8-bb8b-b0cbe4c3a185%3A2%3A1&shu=acc56654475f5be261aa57f18a5c828d516c3dc50395800fb823a4e6959d9dee70d8d90e54ecb0afd74e4647d4b2dd8cf31e9d85cb050181ec7840195478966737652b4f0d63b34834c149b381faf7f8d3a0dd8e9c15f5cb5b74e312e9ecbb&pst=1675600473&rmtc=t
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (581)
Size
635 B (635 bytes)
Hash
27628c32b231f04e52a923a2c5717d5f
b01f945f924cf13242da8756fb8770a4e1fa42dc
0d127373c2b3d20f12237a4b444ff3392c4fe0b30146ef03f013f5816515a13a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.733173449693.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=7f98c11f-d9c9-42b8-bb8b-b0cbe4c3a185%3A2%3A1&shu=acc56654475f5be261aa57f18a5c828d516c3dc50395800fb823a4e6959d9dee70d8d90e54ecb0afd74e4647d4b2dd8cf31e9d85cb050181ec7840195478966737652b4f0d63b34834c149b381faf7f8d3a0dd8e9c15f5cb5b74e312e9ecbb&pst=1675600473&rmtc=t HTTP/1.1
Host: withenvisagehurt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestsafelink.com
Referer: https://bestsafelink.com/
Connection: keep-alive
Cookie: u_pl=17579507; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3OTUwNywiayI6IjIwMGIwMjI4OTU0MWM2MmZlNWJjMTBjMGI5NzI5NjgyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MzM0LCJwaWQiOjUxODY2MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoidDB3c2IyYXciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9iZXN0c2FmZWxpbmsuY29tL2dldC9DeXNxY3FzVHloIn19.-uf3PLmuHa4ae1u6JNglXsaVog3RjzyNUNeezsEWRfo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 12:33:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://bestsafelink.com
Access-Control-Allow-Origin: https://bestsafelink.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=7f98c11f-d9c9-42b8-bb8b-b0cbe4c3a185:2:1; expires=Sun, 12 Feb 2023 12:33:33 GMT; secure; SameSite=None
iprc23028be5b35d37bed7b93c91e6773c91=2717343; expires=Mon, 06 Feb 2023 14:33:33 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Feb 2023 12:33:33 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Feb 2023 12:33:33 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 06 Feb 2023 12:33:33 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 06 Feb 2023 12:33:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4da2759ef086daeb58491a6d2806d3e2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b7a276cc2dd7702e41c8cb504052743
ad22cf4130abcc28cc5375d53f869d6660290d28
4c30703e963824fe0e0e3adcac647939a81fb68586cf1e816ab408c5abbc661c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C30703E963824FE0E0E3ADCAC647939A81FB68586CF1E816AB408C5ABBC661C"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5839
Expires: Sun, 05 Feb 2023 14:10:53 GMT
Date: Sun, 05 Feb 2023 12:33:34 GMT
Connection: keep-alive

solitudearbitrary.com/watch.1422874973108?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1

173.233.139.164

200 OK

1.2 kB

URL HTTP/1.1
solitudearbitrary.com/watch.1422874973108?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (739)
Size
1.2 kB (1244 bytes)
Hash
73e7110968d27561d709fc5ef8c21125
700e06e8558f15573d4ca8a1245a408b7283f711
ec2c06f7acfcde69e15209fb7b1a19d3cbeb304538c72f7defba0cd5977f95fd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.1422874973108?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1 HTTP/1.1
Host: solitudearbitrary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestsafelink.com/
Cookie: u_pl=17579507; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3OTUwNywiayI6IjIwMGIwMjI4OTU0MWM2MmZlNWJjMTBjMGI5NzI5NjgyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MzM0LCJwaWQiOjUxODY2MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoidDB3c2IyYXciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9iZXN0c2FmZWxpbmsuY29tL2dldC9DeXNxY3FzVHloIn19.-uf3PLmuHa4ae1u6JNglXsaVog3RjzyNUNeezsEWRfo
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 12:33:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3OTUwNywiayI6IjIwMGIwMjI4OTU0MWM2MmZlNWJjMTBjMGI5NzI5NjgyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MzM0LCJwaWQiOjUxODY2MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoidDB3c2IyYXciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vYmVzdHNhZmVsaW5rLmNvbS9nZXQvQ3lzcWNxc1R5aCJ9fQ.Q8JtQ5cKzsDJ8IHchrDqOA62-rA7CjrQ1CDtGqyxZoI; expires=Sun, 05 Feb 2023 12:34:34 GMT; secure; SameSite=None
uid_id2=f5a2a330-7a6c-466f-a296-263734b9ae05:3:1; expires=Sun, 12 Feb 2023 12:33:34 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 853f5c5afdeacbce1d13029443526162
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17579507

173.233.137.60

200 OK

1.3 kB

URL HTTP/1.1
jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17579507
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
1.3 kB (1265 bytes)
Hash
f7b22d5908159669397e0fd6395bb881
53281dd70ae1015cb0ee5ea42f6693fb68a374a9
06f6e6b05925b540aaddffc0efb00156a7cbe275c3419a0b65eaca1956ad02e2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17579507 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestsafelink.com/
Cookie: u_pl=16122935; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 12:33:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122935,16122660; expires=Mon, 06 Feb 2023 12:33:34 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc1Nzk1MDciLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9iZXN0c2FmZWxpbmsuY29tLyJ9fQ.4h14NTQB2nT9hmZEe21MfUuBvyDJz96_ROpLxHKdD7o; expires=Sun, 05 Feb 2023 12:34:34 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5ac47aa954a4c25a4e0b95931cbe899a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

solitudearbitrary.com/watch.1422874973108?shu=a598579b6b101cffdcb515e5f32e9ec7ced3f09fa1684d61b107548dfbd574be4889fc611ccdecfd0a6d606116327a1d8ae1b17023e10bb619dd57336dd1882b96c89f23991d23656061c0177061bf6bc5163e35a3006dc5c9fdf65430d8e0c6af33cc&pst=1675600474&rmtc=t&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1&pii=&in=false&key=200b02289541c62fe5bc10c0b9729682&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&dev=e&res=12.1055&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&tz=0

173.233.139.164

200 OK

1.8 kB

URL HTTP/1.1
solitudearbitrary.com/watch.1422874973108?shu=a598579b6b101cffdcb515e5f32e9ec7ced3f09fa1684d61b107548dfbd574be4889fc611ccdecfd0a6d606116327a1d8ae1b17023e10bb619dd57336dd1882b96c89f23991d23656061c0177061bf6bc5163e35a3006dc5c9fdf65430d8e0c6af33cc&pst=1675600474&rmtc=t&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1&pii=&in=false&key=200b02289541c62fe5bc10c0b9729682&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&dev=e&res=12.1055&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&tz=0
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2509)
Size
1.8 kB (1810 bytes)
Hash
7b6a1077085ad5ad16c80930a99d2ecd
ed1402944e49b8974cd965528c5be8d5bcebe247
478053141aa1863543b547e094526343dd494873162312a7b294a2296069dda5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.1422874973108?shu=a598579b6b101cffdcb515e5f32e9ec7ced3f09fa1684d61b107548dfbd574be4889fc611ccdecfd0a6d606116327a1d8ae1b17023e10bb619dd57336dd1882b96c89f23991d23656061c0177061bf6bc5163e35a3006dc5c9fdf65430d8e0c6af33cc&pst=1675600474&rmtc=t&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1&pii=&in=false&key=200b02289541c62fe5bc10c0b9729682&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&dev=e&res=12.1055&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&tz=0 HTTP/1.1
Host: solitudearbitrary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solitudearbitrary.com/watch.1422874973108?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1
Cookie: u_pl=17579507; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3OTUwNywiayI6IjIwMGIwMjI4OTU0MWM2MmZlNWJjMTBjMGI5NzI5NjgyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MzM0LCJwaWQiOjUxODY2MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoidDB3c2IyYXciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vYmVzdHNhZmVsaW5rLmNvbS9nZXQvQ3lzcWNxc1R5aCJ9fQ.Q8JtQ5cKzsDJ8IHchrDqOA62-rA7CjrQ1CDtGqyxZoI; uid_id2=f5a2a330-7a6c-466f-a296-263734b9ae05:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 12:33:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://bestsafelink.com/get/CysqcqsTyh
Access-Control-Allow-Origin: https://bestsafelink.com/get/CysqcqsTyh
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=f5a2a330-7a6c-466f-a296-263734b9ae05:3:1; expires=Sun, 12 Feb 2023 12:33:34 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Feb 2023 12:33:34 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Feb 2023 12:33:34 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 06 Feb 2023 12:33:34 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 06 Feb 2023 12:33:34 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 37678a8d103a3d6726dbc4216a1cf860
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

jennyvisits.com/dyfc1k09?shu=b120ef2ff3b5873fe45e76f62beb4eff16911221298efeb99123ac93b3f84fab51e2acec825235102ee8a75b9bd7d61c5367b50ca01a162c20d3c75cb277ec4ae23985ce1e452e6c72d51f16f59a6c69a592db716ca50ae32ce0e22bfdfdb6fa93&pst=1675600474&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fbestsafelink.com%2F&psid=17579507

173.233.137.60

302 Found

0 B

URL HTTP/1.1
jennyvisits.com/dyfc1k09?shu=b120ef2ff3b5873fe45e76f62beb4eff16911221298efeb99123ac93b3f84fab51e2acec825235102ee8a75b9bd7d61c5367b50ca01a162c20d3c75cb277ec4ae23985ce1e452e6c72d51f16f59a6c69a592db716ca50ae32ce0e22bfdfdb6fa93&pst=1675600474&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fbestsafelink.com%2F&psid=17579507
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dyfc1k09?shu=b120ef2ff3b5873fe45e76f62beb4eff16911221298efeb99123ac93b3f84fab51e2acec825235102ee8a75b9bd7d61c5367b50ca01a162c20d3c75cb277ec4ae23985ce1e452e6c72d51f16f59a6c69a592db716ca50ae32ce0e22bfdfdb6fa93&pst=1675600474&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fbestsafelink.com%2F&psid=17579507 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jennyvisits.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122935,16122660; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc1Nzk1MDciLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9iZXN0c2FmZWxpbmsuY29tLyJ9fQ.4h14NTQB2nT9hmZEe21MfUuBvyDJz96_ROpLxHKdD7o; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 12:33:34 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
Set-Cookie: uncs=2; expires=Mon, 06 Feb 2023 12:33:34 GMT
uncs28=2; expires=Mon, 06 Feb 2023 12:33:34 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 07dc159db10d477e3376a601a249ef7d
Strict-Transport-Security: max-age=0; includeSubdomains

adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660

23.36.79.11

307 Temporary Redirect

0 B

URL HTTP/2
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
IP
23.36.79.11:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%5d; btag=127656177_F04CDB337B3E4781904687671EFE274D; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_949F2539E9934124BA8849011E6C22DB&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sun, 05 Feb 2023 12:33:36 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 05 Feb 2023 12:33:36 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; domain=.unibet.com; expires=Tue, 05-Feb-3022 12:33:36 GMT; path=/; secure; SameSite=Strict
server-timing: edge; dur=1, origin; dur=1429, cdn-cache; desc=MISS
X-Firefox-Spdy: h2

www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_949F2539E9934124BA8849011E6C22DB&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950

85.184.96.0

301 Moved Permanently

0 B

URL HTTP/2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_949F2539E9934124BA8849011E6C22DB&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
IP
85.184.96.0:0
ASN
#47171 Unibet Services Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_949F2539E9934124BA8849011E6C22DB&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: __ucbt=node0b01d5mkrmald1h13et8f9j2lg; uniattr=ST.0.T; uniattr_ref="https://jennyvisits.com/"; btag=320669908_D3208AF7FE244693B33F08ADD9FF6FC8; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C73046778393046018704499180147423593324%7CMCAAMLH-1676192731%7C6%7CMCAAMB-1676192731%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675595131s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Sun, 05 Feb 2023 12:33:36 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_949F2539E9934124BA8849011E6C22DB&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
set-cookie: JSESSIONID=node01hv4q6puhjjq21wqg8jwj9tw2i2439582.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node0b01d5mkrmald1h13et8f9j2lg; Path=/; Domain=.unibet.nu; Expires=Tue, 04-Feb-2025 12:33:36 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Tue, 04-Feb-2025 12:33:36 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://jennyvisits.com/"; Path=/; Domain=.unibet.nu; Expires=Tue, 04-Feb-2025 12:33:36 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_949F2539E9934124BA8849011E6C22DB; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68246908; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fjennyvisits.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_949F2539E9934124BA8849011E6C22DB%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://jennyvisits.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Sun, 05 Feb 2023 12:33:36 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2

www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_949F2539E9934124BA8849011E6C22DB&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950

85.184.96.0

301 Moved Permanently

0 B

URL HTTP/2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_949F2539E9934124BA8849011E6C22DB&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
IP
85.184.96.0:0
ASN
#47171 Unibet Services Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_949F2539E9934124BA8849011E6C22DB&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: __ucbt=node0b01d5mkrmald1h13et8f9j2lg; uniattr=ST.0.T; uniattr_ref="https://jennyvisits.com/"; btag=320669908_D3208AF7FE244693B33F08ADD9FF6FC8; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C73046778393046018704499180147423593324%7CMCAAMLH-1676192731%7C6%7CMCAAMB-1676192731%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675595131s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_949F2539E9934124BA8849011E6C22DB; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fjennyvisits.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_949F2539E9934124BA8849011E6C22DB%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
date: Sun, 05 Feb 2023 12:33:36 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Sun, 05 Feb 2023 12:33:36 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b5c6eae7356c7c117d75d88d84420f61
ef1bf1756057d56ff2070537f5cff02827ced62b
96e9d535daeb01ba5cb4409ac40f2d74540db1505510a5ddbe9e9090ec772cc4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96E9D535DAEB01BA5CB4409AC40F2D74540DB1505510A5DDBE9E9090EC772CC4"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15719
Expires: Sun, 05 Feb 2023 16:55:35 GMT
Date: Sun, 05 Feb 2023 12:33:36 GMT
Connection: keep-alive

welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css

104.18.25.188

200 OK

5.7 kB

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP
104.18.25.188:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
5.7 kB (5741 bytes)
Hash
873b1dc55b5f354e692945bdc2e82bd6
e926e270a3f6cfd6638081fde05f4adec0670d3b
0d1f8ed619e45110e90f1aa2f3e97f7f961344e585e4d4c251d73993d84f34f7

HTTP Headers

GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914DE94BB"
x-ms-request-id: 580bcb77-701e-0034-8081-3121ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259384
vary: Accept-Encoding
server: cloudflare
cf-ray: 794baceccc89b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png

104.18.25.188

404 Not Found

642 B

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
104.18.25.188:0
ASN
#13335 CLOUDFLARENET

File type
XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Size
642 B (642 bytes)
Hash
0693c299d4ca92d2c4ca7f406c76cd06
bd4a7bef64ee8f7d98900c444157e1270992928a
01f2a0fd579f3b24d8477d0378865085d00af7331a963b94c6d8c8d251da93b2

HTTP Headers

GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: application/xml
x-ms-request-id: bb85fc14-201e-0039-1e5e-39e91e000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 16
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacecdcbbb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.138

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:28:50 GMT
expires: Thu, 01 Feb 2024 22:28:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 309886
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js

85.184.96.5

200 OK

957 B

URL HTTP/2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP
85.184.96.5:0
ASN
#47171 Unibet Services Limited

File type
ASCII text
Size
957 B (957 bytes)
Hash
e19225e3eb562a3b6a86f7b8b47c38fb
ce3eb55448afd8fc9dfa4ac82f8743a009d5e142
c152526a02cb050650847e999ae141eae985472fbf73c5a843160b3b6bb06f79

HTTP Headers

GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: application/javascript
content-length: 957
last-modified: Mon, 25 Apr 2022 12:18:31 GMT
etag: "3bd-5dd799309c310"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg

104.18.25.188

200 OK

98 kB

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP
104.18.25.188:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Size
98 kB (98453 bytes)
Hash
8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407

HTTP Headers

GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: image/jpeg
content-length: 98453
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: jm2a9e8brf6Slbj8lnk8KA==
etag: "0x8DAFF991565B252"
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 3cf155d6-101e-000d-3081-31dad6000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 259388
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacedfe23b4f7-OSL
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908

104.18.25.188

200 OK

19 kB

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
IP
104.18.25.188:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2392)
Size
19 kB (19191 bytes)
Hash
287e156fb58cc8b3757a36891edb453d
1330a2f2255e8726e6a986fbae37b3a5db7ff88d
8516630c1004efb719dc3bc815194878c815bb8628c58ad48c25e014a19db867

HTTP Headers

GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; btag=127656177_F04CDB337B3E4781904687671EFE274D; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: djoKeCzytkLU3NSdQsOPbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
x-ms-request-id: 02753de2-c01e-0031-045e-39f311000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
set-cookie: btag=127656177_949F2539E9934124BA8849011E6C22DB;max-age=2592000; domain=.unibet.com;path=/;secure;samesite=none;httponly
server: cloudflare
cf-ray: 794bacec0bacb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js

104.18.25.188

200 OK

2.0 kB

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP
104.18.25.188:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, Unicode text, UTF-8 text
Size
2.0 kB (1973 bytes)
Hash
1096291940d9ee5de248f31974afe697
c1725e008c655d32add69fa81220c4fba25e798f
fd080f6be6087453b40eec82f1e7315a668541db159bc56f19d393f21018edc6

HTTP Headers

GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF99188E686E"
x-ms-request-id: fae4441f-101e-0040-4d81-31153a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259390
vary: Accept-Encoding
server: cloudflare
cf-ray: 794baceccc92b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg

104.18.25.188

200 OK

1.2 kB

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP
104.18.25.188:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1481), with no line terminators
Size
1.2 kB (1228 bytes)
Hash
8ed7845a354b40c3b4a41dbe4aa045db
e5fbfa56c871c9326bc79ee2bcb2d1150c647a7f
c98ee866ced833f89f998d3cfe356f5bc0e6777c3283e99a72a40f96b83dc7e1

HTTP Headers

GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF9917716257"
x-ms-request-id: 78c0b78e-401e-0000-7881-311202000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259389
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacecdcb4b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg

104.18.25.188

200 OK

16 kB

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP
104.18.25.188:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (966), with no line terminators
Size
16 kB (16269 bytes)
Hash
34a06d132177602307228cf04eea017b
c4b31b0a2b7b7a8fa7a7e951e31a832d0b538bd1
7a921e925a77b6c596db6658486a9e3fc01efffb63441dd1fe8a91960510bc2b

HTTP Headers

GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99174612EA"
x-ms-request-id: 82c2bcc2-201e-0029-1081-312c76000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259389
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacecdcb8b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg

104.18.25.188

200 OK

84 kB

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP
104.18.25.188:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
84 kB (84392 bytes)
Hash
94382f15ee170feff784a00e471a5f3b
68629c2ec16edb7d68ecb3ae4fb52404ad369592
5a9745b315148f62a6bd697e3f727714e4e8fd9d23c02da3f7711b68d4df2cd8

HTTP Headers

GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915D02464"
x-ms-request-id: 9ee27f41-c01e-000e-3881-313bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259388
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacececbfb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg

104.18.25.188

200 OK

16 kB

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP
104.18.25.188:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1066), with no line terminators
Size
16 kB (16349 bytes)
Hash
eb6d47c6f2fd5da94745814ea3170f70
337cc8fac9100cba36d94a64f5a4992e6da72d95
2b3cf7431e3f699143032649b1ec476d358580e298a15a4ccfb7d06bb11b6e16

HTTP Headers

GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99173FAB3F"
x-ms-request-id: af16bb2e-701e-0046-1c81-312685000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259389
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacecdcaeb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js

104.18.25.188

200 OK

18 kB

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP
104.18.25.188:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
18 kB (17502 bytes)
Hash
cc3fdbee6e59ca509687f75217f7b20f
e322d2c44bbac8f60a393e610457fe10b5185aad
581906f75e8e02089c1651437f557591e496db64506d287bbad09a98dbdcf94d

HTTP Headers

GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF991898A021"
x-ms-request-id: e9253db8-601e-0075-8081-31792e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259384
vary: Accept-Encoding
server: cloudflare
cf-ray: 794baceccc93b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC

142.250.74.40

200 OK

81 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (62112)
Size
81 kB (81074 bytes)
Hash
01f67c7659249aa8cb0c971223b57423
4f9f3f80f1069fc5fc32c151e9a47fe419afb75c
37cf469e3c7ac02424c23b1b04ab2263b4bad58ea33e83a0ae26ae38a4baf69a

HTTP Headers

GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 12:33:37 GMT
expires: Sun, 05 Feb 2023 12:33:37 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81074
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

a1s.unibet.com/orval/tracking/lastclick.min.js

85.184.96.5

200 OK

1.3 kB

URL HTTP/2
a1s.unibet.com/orval/tracking/lastclick.min.js
IP
85.184.96.5:0
ASN
#47171 Unibet Services Limited

File type
data
Size
1.3 kB (1286 bytes)
Hash
8795fd8ec778cfd94198ffc944ad6436
9d4f606e8aedc259b38e65d4e9f721d38b231496
0649e3b211d39e7da60e0e7510c4d4d884b4311a2e57cac8eaa268597cd30e83

HTTP Headers

GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
bc97b827347d82cbe1159a5ec9145b98
2b4586146583d06e1c4ef3a6e2410bce3852b1fe
243b64e36dfa29f8f19a74536c9a2e7ef8ac8d58862154fbff03b1ab33993174

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6143
Cache-Control: max-age=170120
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:37 GMT
Etag: "63df7faa-116"
Expires: Tue, 07 Feb 2023 11:48:57 GMT
Last-Modified: Sun, 05 Feb 2023 10:06:34 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278

script.crazyegg.com/pages/scripts/0012/9242.js?465444

104.19.148.8

200 OK

2.6 kB

URL HTTP/2
script.crazyegg.com/pages/scripts/0012/9242.js?465444
IP
104.19.148.8:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (6791), with no line terminators
Size
2.6 kB (2576 bytes)
Hash
61c37325114de0f34959fee9f903f375
9971c5e90cf8a4689e87bf4c2c9338e7cea0cdcd
fba565565fffbfa1c422a82884ec6706ea6745282ddb7839a6d6ad0049114482

HTTP Headers

GET /pages/scripts/0012/9242.js?465444 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:37 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.22
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Fri, 03 Feb 2023 18:01:45 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 153112
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacef3a8bb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg

104.18.25.188

200 OK

462 B

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP
104.18.25.188:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (807), with no line terminators
Size
462 B (462 bytes)
Hash
22128655a2b8e20065831904ec794b0b
81e3f163e26bf088a4d7423050c7a044c32d15f2
e3c2c89b56ca630f80eb1af1ced778c97e5e9d9d38e700a5ed5444a4b997127c

HTTP Headers

GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF99157C1D3C"
x-ms-request-id: ec6073d8-501e-0051-6881-318f8e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259390
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacecdc9eb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599

37.252.171.53

200 OK

43 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP
37.252.171.53:0
ASN
#29990 ASN-APPNEX

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

HTTP Headers

GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 12:33:37 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 6a1c8184-c4c3-4094-a1aa-4d6acbfb7942
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E>zo9u>v!@wnf-Te9(>wL5L!!'Vp$leTS; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 12:33:37 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico

104.18.25.188

200 OK

897 B

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP
104.18.25.188:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 33 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size
897 B (897 bytes)
Hash
79e0825d3d21bcf973f37678ef4afbf9
63dca472a4de9e3a3feceded860e068a616efe82
7d03a9fd59819e0d1632474b3f5f92b2c9d7bbbdbbe58e449c5a19c9678ea3da

HTTP Headers

GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:37 GMT
content-type: image/x-icon
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914F4D898"
x-ms-request-id: e6735b96-c01e-0021-0381-313679000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259382
vary: Accept-Encoding
server: cloudflare
cf-ray: 794baceedf55b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
84ef8393ce301b5508e43ec38e9d1f12
9f73770d7a4644127a9568e99064b35998760879
fc05624198f16470dec69830b59cff9f67224ce42c1ce7bae25c1904d9f458a2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4516
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:37 GMT
Last-Modified: Sun, 05 Feb 2023 11:18:21 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
84ef8393ce301b5508e43ec38e9d1f12
9f73770d7a4644127a9568e99064b35998760879
fc05624198f16470dec69830b59cff9f67224ce42c1ce7bae25c1904d9f458a2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4516
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:37 GMT
Last-Modified: Sun, 05 Feb 2023 11:18:21 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280

dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&d_mid=79658794349493118473981932278432696210&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1675600457544

3.248.113.235

200 OK

499 B

URL HTTP/1.1
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&d_mid=79658794349493118473981932278432696210&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1675600457544
IP
3.248.113.235:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Size
499 B (499 bytes)
Hash
9ec7c757f86b2d69a4870d0a3b4cdb85
9bfe551bcfaae7c0aa6df786b0e1eb07f968eacf
a61f070b2e3ea1a8ec98dfabbaf74b3f980f0f67bb8c723bc1b341736aedd9be

HTTP Headers

GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&d_mid=79658794349493118473981932278432696210&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1675600457544 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-017f03edc.edge-irl1.demdex.com 3 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=78834692375096391864341846129728013668; Max-Age=15552000; Expires=Fri, 04 Aug 2023 12:33:37 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: g3khL+6vQh8=
Content-Length: 499
Connection: keep-alive

bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no

104.40.147.180

200 OK

1.8 kB

URL HTTP/2
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP
104.40.147.180:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.8 kB (1834 bytes)
Hash
6447ef74cb074645b435c312b0e705da
9d48f351fc71cc3b3c698416bf424010f52419dd
7e0a6a19c36957f02b83fa16a6fabd74db41430a80bb8e28213e6780009ed812

HTTP Headers

GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Sun, 05 Feb 2023 12:33:37 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=b834706014e0312bbd5ac92e619aa9e536e81381d39f99045f3680752b2c0199;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=b834706014e0312bbd5ac92e619aa9e536e81381d39f99045f3680752b2c0199;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
baeed5ecca34118b9471a9f7a9f3fe98
efbc52d00192e76a22c5808299adbbff9ae59018
4b62a4da3f4f33db038870a3d97a39c592a02bfb46c034fae1e96fce0cf6f11f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3869
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:37 GMT
Last-Modified: Sun, 05 Feb 2023 11:29:08 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg

104.16.170.188

200 OK

1.9 kB

URL HTTP/2
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP
104.16.170.188:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.9 kB (1937 bytes)
Hash
6cc413149786c4a1f002286ae228b75b
1aee1239410d0d1b8a0adb1b1a6c4ff4f09f1de1
9cc9a2a5d1ff33527b1b99d22060fe18c881d9834d01c3b2c33b8fbbd545b9fb

HTTP Headers

GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:37 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 36
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacf19a77b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

unibet.demdex.net/dest5.html?d_nsid=0

54.72.53.159

200 OK

2.8 kB

URL HTTP/1.1
unibet.demdex.net/dest5.html?d_nsid=0
IP
54.72.53.159:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Size
2.8 kB (2791 bytes)
Hash
ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12

HTTP Headers

GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sun, 5 Feb 2023 12:33:37 GMT
DCS: dcs-prod-irl1-2-v045-0b398da67.edge-irl1.demdex.com 1 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:22:24 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: po3hmgiUQHM=
Content-Length: 2791
Connection: keep-alive

bestsafelink.com/get/CysqcqsTyh

188.114.96.1

200 OK

0 B

URL HTTP/2
bestsafelink.com/get/CysqcqsTyh
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /get/CysqcqsTyh HTTP/1.1
Host: bestsafelink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:30 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT, Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache, no-cache
set-cookie: PHPSESSID=f1b67b02871b94e1a5c1d728d38cedf4; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCfFRzFr8%2BK7tdWJ4SnGYp%2FuaxhO6rrw%2FMEgkCqjp9wlGlKY00v2KLifXy4YXrWpsCF1wKCmiRgmw1QI20X5c3I2rLdZCkEnvgHsmpalQ3ik68WO4Rs096epqY9wcFaa6cfA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794bacc47a671c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,500

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 12:33:36 GMT
date: Sun, 05 Feb 2023 12:33:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg

104.16.170.188

200 OK

0 B

URL HTTP/2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP
104.16.170.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:37 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 214
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacf18a5eb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestsafelink.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 12:33:31 GMT
date: Sun, 05 Feb 2023 12:33:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg

104.18.25.188

200 OK

0 B

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP
104.18.25.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915A7459F"
x-ms-request-id: e677fb13-901e-0061-5581-313141000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259390
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacecdc9fb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg

104.18.25.188

200 OK

0 B

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP
104.18.25.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99184AD9A4"
x-ms-request-id: fa9ed380-a01e-0027-7f81-3105c6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259389
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacecdca4b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.7.1/css/all.css

172.64.132.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.7.1/css/all.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: text/css
x-amz-id-2: kIWUcp4/gRprxrhG4Bo7YL49QfCfoJzgcb+lBni7kDeALpU6YcOHbXZK3Ce3+VKgInDBPr7yuoA=
x-amz-request-id: GQJ6HHGYZ6JW9X6Q
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 746474
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqSwVTr6LPNeI4v6cgm9Mq1GVfGMH3RDs4Qp3JppZUuRE4vhay9rgmcKH0yXBdq8%2Bci8hkVF8Vjb4VsQ6urhLym1yqYhpCjKibAU6pqdqqV6KDwokkCBPGHqM%2Bk4F%2F76yUeXJncw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794baced5a3a88aa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg

104.18.25.188

200 OK

0 B

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP
104.18.25.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99183CF8FA"
x-ms-request-id: d4160c8c-201e-0016-7481-31e4d5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259389
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacecdca2b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg

104.16.170.188

200 OK

0 B

URL HTTP/2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP
104.16.170.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:37 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 214
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacf1aa98b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/custom.js

104.18.25.188

200 OK

0 B

URL HTTP/2
welcome.unibet.com/custom.js
IP
104.18.25.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 532861
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacecdc9bb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg

104.18.25.188

200 OK

0 B

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP
104.18.25.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF991835F51F"
x-ms-request-id: 1328b90b-701e-0024-5c81-31e4a2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259390
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacecdca0b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (75)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML