| poptrr.com/track/click/zcidDPz6Ab8bvrOwUPMzE_1NGGFaAr0-GyDRPmUQko1hQ3OAUDts54WErNZzAfKOlReTKKwcrHXoGZGGj4FgMXBQzBxI0kEB7CF82aGBzpBIzK27eZP5cBxeMvLkdMf4P0rUbYTeQnf5sP2XgqUjF0f6xojayyEH8EXzuwsCpSvQuWmfJrqmhHhCCDf2qAujcvcIw26dnrLqXPeEmLulTmjgjMZNCU8t4QX-9f1khjOGadqi1I-ElzG6KsxJqCCUqHLlngvwbdRnw-g-D2Peewtg-Gh1UpB1Q501hWvTZqSSH79O4wdCjuNcrVPj0NMPlPUGablbJa6UlOk3-is-KqdQMKkn0mwv7Janx1cdNA3rjP09PaQW6jXrJKF8SX_3X7vkME78IdANsJQZ1zMO2xdsdej0dDx04LnqjsC8PtP3HsnFTi1UsS3usFFmEf0FPttMxAqKxRy-fRD0t7xmp3QxwdAnQAjOIihQ_ToEKoCJ2ac-H7RX9WBLZDWoEtxk4yvwpLlFDQ9CbLFzYk_XkMjvg_scwO905P6azyZlRSf-z92Rs186l8Fpg8vvmQerY1o4?ur=https://analytics.ozlinedsp.com/tracking/click.gif?token=1bvyaskl84ywk16zfjgzmlcm24 | 46.4.101.109 | | 0 B |
URL poptrr.com/track/click/zcidDPz6Ab8bvrOwUPMzE_1NGGFaAr0-GyDRPmUQko1hQ3OAUDts54WErNZzAfKOlReTKKwcrHXoGZGGj4FgMXBQzBxI0kEB7CF82aGBzpBIzK27eZP5cBxeMvLkdMf4P0rUbYTeQnf5sP2XgqUjF0f6xojayyEH8EXzuwsCpSvQuWmfJrqmhHhCCDf2qAujcvcIw26dnrLqXPeEmLulTmjgjMZNCU8t4QX-9f1khjOGadqi1I-ElzG6KsxJqCCUqHLlngvwbdRnw-g-D2Peewtg-Gh1UpB1Q501hWvTZqSSH79O4wdCjuNcrVPj0NMPlPUGablbJa6UlOk3-is-KqdQMKkn0mwv7Janx1cdNA3rjP09PaQW6jXrJKF8SX_3X7vkME78IdANsJQZ1zMO2xdsdej0dDx04LnqjsC8PtP3HsnFTi1UsS3usFFmEf0FPttMxAqKxRy-fRD0t7xmp3QxwdAnQAjOIihQ_ToEKoCJ2ac-H7RX9WBLZDWoEtxk4yvwpLlFDQ9CbLFzYk_XkMjvg_scwO905P6azyZlRSf-z92Rs186l8Fpg8vvmQerY1o4?ur=https://analytics.ozlinedsp.com/tracking/click.gif?token=1bvyaskl84ywk16zfjgzmlcm24 IP46.4.101.109:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track/click/zcidDPz6Ab8bvrOwUPMzE_1NGGFaAr0-GyDRPmUQko1hQ3OAUDts54WErNZzAfKOlReTKKwcrHXoGZGGj4FgMXBQzBxI0kEB7CF82aGBzpBIzK27eZP5cBxeMvLkdMf4P0rUbYTeQnf5sP2XgqUjF0f6xojayyEH8EXzuwsCpSvQuWmfJrqmhHhCCDf2qAujcvcIw26dnrLqXPeEmLulTmjgjMZNCU8t4QX-9f1khjOGadqi1I-ElzG6KsxJqCCUqHLlngvwbdRnw-g-D2Peewtg-Gh1UpB1Q501hWvTZqSSH79O4wdCjuNcrVPj0NMPlPUGablbJa6UlOk3-is-KqdQMKkn0mwv7Janx1cdNA3rjP09PaQW6jXrJKF8SX_3X7vkME78IdANsJQZ1zMO2xdsdej0dDx04LnqjsC8PtP3HsnFTi1UsS3usFFmEf0FPttMxAqKxRy-fRD0t7xmp3QxwdAnQAjOIihQ_ToEKoCJ2ac-H7RX9WBLZDWoEtxk4yvwpLlFDQ9CbLFzYk_XkMjvg_scwO905P6azyZlRSf-z92Rs186l8Fpg8vvmQerY1o4?ur=https://analytics.ozlinedsp.com/tracking/click.gif?token=1bvyaskl84ywk16zfjgzmlcm24 HTTP/1.1
Host: poptrr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302
location: https://ak.itponytaa.com/afu.php?zoneid=5917692
x-responded-by: cors-support-provider
access-control-expose-headers: set-cookie
access-control-allow-origin: *
access-control-request-headers: origin,accept,content-type,x-requested-with
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 86400
content-length: 0
date: Thu, 18 Apr 2024 20:12:42 GMT
|
|
| ak.itponytaa.com/afu.php?zoneid=5917692 | 23.36.76.250 | | 14 kB |
URL ak.itponytaa.com/afu.php?zoneid=5917692 IP23.36.76.250:0 ASN#20940 Akamai International B.V.
File typeHTML document, ASCII text, with very long lines (18491) Hash1448eb401f2ed6fcc83662153e3cc02f 592aa093d007f3ea6f7e193d851576559a2ef455 924781e90f3fefbb32363f5e62275ff7a81a9efcda194fe95d65577ea2775d00
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /afu.php?zoneid=5917692 HTTP/1.1
Host: ak.itponytaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: 1329691aaa9fe8660bb3f720ec3e954f
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
vary: Accept-Encoding
x-akamai-transformed: 9 13314 0 pmb=mRUM,1
content-encoding: gzip
expires: Thu, 18 Apr 2024 20:12:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 18 Apr 2024 20:12:43 GMT
content-length: 14139
set-cookie: OAID=008042c828f941e6eb41155707e9afcc; expires=Fri, 18 Apr 2025 20:12:43 GMT; path=/; secure; SameSite=None
oaidts=1713471163; expires=Fri, 18 Apr 2025 20:12:43 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=27, origin; dur=27, ak_p; desc="1713471163671_388254966_321500379_5389_1511_2_24_41";dur=1
X-Firefox-Spdy: h2
|
|
| ak.itponytaa.com/sftouch?userId=008042c828f941e6eb41155707e9afcc&z=5917692&p_rid=53e43a09-695b-40f0-b2ac-44796a28688b&p_src=sf&branchId=0&rb=E78MVxY-3knciJmrYPcDLSpNKcbw5EZmkhaR-b10u3pWftmBwQCeNkItvAV5yT7EIR05jfjGNR9ssx9mpo4XHSo01ZNlKRurPYewYBf-IV1JUPY_4u6bKB2twOfV9NazALN4RZqDIfZy3v2rYqzZqAlodpD8ZPC52nDn-ZIEj4_1FkB3_V9YcJ7ETpqzS3T6RYMBTOgrdODfqgTWO9UZeJcU4a0dVFyM8LdSMTmg1i4= | 23.36.76.250 | | 2 B |
URL ak.itponytaa.com/sftouch?userId=008042c828f941e6eb41155707e9afcc&z=5917692&p_rid=53e43a09-695b-40f0-b2ac-44796a28688b&p_src=sf&branchId=0&rb=E78MVxY-3knciJmrYPcDLSpNKcbw5EZmkhaR-b10u3pWftmBwQCeNkItvAV5yT7EIR05jfjGNR9ssx9mpo4XHSo01ZNlKRurPYewYBf-IV1JUPY_4u6bKB2twOfV9NazALN4RZqDIfZy3v2rYqzZqAlodpD8ZPC52nDn-ZIEj4_1FkB3_V9YcJ7ETpqzS3T6RYMBTOgrdODfqgTWO9UZeJcU4a0dVFyM8LdSMTmg1i4= IP23.36.76.250:0 ASN#20940 Akamai International B.V.
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sftouch?userId=008042c828f941e6eb41155707e9afcc&z=5917692&p_rid=53e43a09-695b-40f0-b2ac-44796a28688b&p_src=sf&branchId=0&rb=E78MVxY-3knciJmrYPcDLSpNKcbw5EZmkhaR-b10u3pWftmBwQCeNkItvAV5yT7EIR05jfjGNR9ssx9mpo4XHSo01ZNlKRurPYewYBf-IV1JUPY_4u6bKB2twOfV9NazALN4RZqDIfZy3v2rYqzZqAlodpD8ZPC52nDn-ZIEj4_1FkB3_V9YcJ7ETpqzS3T6RYMBTOgrdODfqgTWO9UZeJcU4a0dVFyM8LdSMTmg1i4= HTTP/1.1
Host: ak.itponytaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ak.itponytaa.com
DNT: 1
Connection: keep-alive
Referer: https://ak.itponytaa.com/afu.php?zoneid=5917692
Cookie: OAID=008042c828f941e6eb41155707e9afcc; oaidts=1713471163
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 2
x-trace-id: 8a1f899640dfea4df8884bc2dfe8b8ad
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ak.itponytaa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
expires: Thu, 18 Apr 2024 20:12:44 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 18 Apr 2024 20:12:44 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=19, origin; dur=29, ak_p; desc="1713471164186_388254966_321500834_4834_951_1_0_1";dur=1
X-Firefox-Spdy: h2
|
|
| ak.itponytaa.com/favicon.ico | 23.36.76.250 | | 0 B |
URL ak.itponytaa.com/favicon.ico IP23.36.76.250:0 ASN#20940 Akamai International B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: ak.itponytaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.itponytaa.com/afu.php?zoneid=5917692
Cookie: OAID=008042c828f941e6eb41155707e9afcc; oaidts=1713471163
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
pragma: public
cache-control: public, must-revalidate, proxy-revalidate, max-age=2592000
date: Thu, 18 Apr 2024 20:12:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=21, origin; dur=0, ak_p; desc="1713471164332_388254966_321500943_2046_632_1_0_21";dur=1
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/img.gif?f=merge&userId=008042c828f941e6eb41155707e9afcc&z=5917692&p_rid=53e43a09-695b-40f0-b2ac-44796a28688b&p_src=sf | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=merge&userId=008042c828f941e6eb41155707e9afcc&z=5917692&p_rid=53e43a09-695b-40f0-b2ac-44796a28688b&p_src=sf IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=008042c828f941e6eb41155707e9afcc&z=5917692&p_rid=53e43a09-695b-40f0-b2ac-44796a28688b&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.itponytaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:12:44 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008042c828f941e6eb41155707e9afcc; expires=Fri, 18 Apr 2025 20:12:44 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ak.itponytaa.com/?z=5917692&syncedCookie=true&rhd=false | 23.36.76.250 | 302 Found | 0 B |
URL User Request POST HTTP/2ak.itponytaa.com/?z=5917692&syncedCookie=true&rhd=false IP23.36.76.250:443 ASN#20940 Akamai International B.V.
CertificateIssuerLet's Encrypt Subjectak.hetaruwg.com Fingerprint25:F9:4E:BA:86:65:45:64:6B:96:B1:61:8C:D3:05:24:CD:CF:AD:8C ValidityMon, 15 Apr 2024 13:59:12 GMT - Sun, 14 Jul 2024 13:59:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /?z=5917692&syncedCookie=true&rhd=false HTTP/1.1
Host: ak.itponytaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 539
Origin: https://ak.itponytaa.com
DNT: 1
Connection: keep-alive
Referer: https://ak.itponytaa.com/afu.php?zoneid=5917692&var=5917692&rid=dqGdfktL4PWmomSE3WzGcA%3D%3D&rhd=false&ab2r=0&sf=1
Cookie: OAID=008042c828f941e6eb41155707e9afcc; oaidts=1713471163
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-length: 0
x-trace-id: a5564e283d79f40281fe31a416182cec
link: <https://adserving.unibet.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ak.itponytaa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
expires: Thu, 18 Apr 2024 20:12:44 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 18 Apr 2024 20:12:44 GMT
set-cookie: OAID=008042c828f941e6eb41155707e9afcc; expires=Fri, 18 Apr 2025 20:12:44 GMT; path=/; secure; SameSite=None
oaidts=1713471163; expires=Fri, 18 Apr 2025 20:12:44 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 25 Apr 2024 20:12:44 GMT; path=/; secure; SameSite=None
server-timing: cdn-cache; desc=MISS, edge; dur=19, origin; dur=169, ak_p; desc="1713471164566_388254966_321501150_18834_808_2_0_41";dur=1
X-Firefox-Spdy: h2
|
|
| adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB | 13.107.213.53 | 403 Forbidden | 409 B |
URL User Request GET HTTP/2adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerTrustwave Holdings, Inc. Subjectaffiliates.kindredplc.com Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
File typeASCII text, with CRLF line terminators Hash2326a9c3ea82b90857edd368f1eac404 094925a157e83c71ecb22ab7da32195f2b4f720a aa5a32d9cb1fa9fbf88657dc2036b50b412f2b5ad00d903f3ec0e200936b5663
GET /redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 18 Apr 2024 20:12:45 GMT
content-type: text/html
content-length: 409
x-azure-ref: 20240418T201245Z-17f9dd4c48b5st7ze9vsq76th0000000009g0000000005q3
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| adserving.unibet.com/favicon.ico | 13.107.213.53 | 403 Forbidden | 409 B |
URL GET HTTP/2adserving.unibet.com/favicon.ico IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB CertificateIssuerTrustwave Holdings, Inc. Subjectaffiliates.kindredplc.com Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
File typeASCII text, with CRLF line terminators Hash9f56f7c49f185cfd9f24a69ff2d18dd3 f3b82391277b87ef57e853e007506660225b48ec 5842492fd4f44eb964866152d86a2f4c0eefd82b240b50b93fd6d0bdcb57a88a
GET /favicon.ico HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 18 Apr 2024 20:12:45 GMT
content-type: text/html
content-length: 409
x-azure-ref: 20240418T201245Z-17f9dd4c48bvvrxgg4y6utwftn00000002tg000000000cw2
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|