Overview

URL 7ktpj.bemobtracks.com/go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3
IP3.70.16.242
ASNAMAZON-02
Location Germany
Report completed2022-11-24 21:07:03 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-24 2 gtoonfd.com Sinkholed
2022-11-24 2 datatechone.com Sinkholed
2022-11-24 2 gtoonfd.com Sinkholed
2022-11-24 2 gtoonfd.com Sinkholed


Files

No files detected



Passive DNS (31)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS 7ktpj.bemobtracks.com (1) 0 2020-08-31 05:26:56 UTC 2022-11-23 05:03:12 UTC 3.70.16.242 Domain (bemobtracks.com) ranked at: 393166
mnemonic passive DNS push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 44.242.3.166
mnemonic passive DNS secure.adnxs.com (1) 396 2012-05-22 16:37:37 UTC 2020-03-11 07:38:04 UTC 37.252.171.21
mnemonic passive DNS cdntechone.com (1) 64371 2021-12-24 17:09:58 UTC 2022-11-24 13:28:00 UTC 104.21.29.183
mnemonic passive DNS img-getpocket.cdn.mozilla.net (2) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.156
mnemonic passive DNS my.rtmark.net (1) 9054 2017-08-22 14:11:49 UTC 2022-11-24 08:54:46 UTC 139.45.195.8
mnemonic passive DNS ocsp.pki.goog (6) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
mnemonic passive DNS cm.everesttech.net (1) 996 2018-09-03 07:40:22 UTC 2020-04-29 11:27:39 UTC 99.80.65.0
mnemonic passive DNS a1s.unibet.com (1) 297625 2018-08-24 02:07:57 UTC 2020-04-28 05:20:01 UTC 85.184.96.5
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-09-09 00:40:21 UTC 2022-11-24 11:09:52 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS dpm.demdex.net (3) 204 2018-07-06 04:53:56 UTC 2020-04-29 23:04:31 UTC 52.50.158.189
mnemonic passive DNS r3.o.lencr.org (8) 344 No data No data 23.36.76.249
mnemonic passive DNS www.unibet.nu (2) 0 2022-11-04 11:13:23 UTC 2022-11-24 06:23:08 UTC 85.184.96.0 Unknown ranking
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-24 11:11:51 UTC 142.250.74.10
mnemonic passive DNS unibetlondonltd.d3.sc.omtrdc.net (2) 444877 2017-01-29 21:05:05 UTC 2022-11-24 08:56:51 UTC 13.36.218.177
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-24 05:36:55 UTC 34.102.187.140
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-24 05:30:55 UTC 34.117.237.239
mnemonic passive DNS ocsp.sectigo.com (1) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
mnemonic passive DNS adserving.unibet.com (1) 98000 2015-05-26 06:56:53 UTC 2020-04-28 07:38:51 UTC 23.36.79.11
mnemonic passive DNS a1s-cdn.unibet.com (1) 283505 2014-04-23 15:07:51 UTC 2020-04-04 05:20:05 UTC 85.184.96.5
mnemonic passive DNS ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-11-24 10:54:12 UTC 142.250.74.138
mnemonic passive DNS gtoonfd.com (3) 0 2022-07-25 06:24:53 UTC 2022-11-24 18:00:02 UTC 139.45.197.239 Unknown ranking
mnemonic passive DNS datatechone.com (1) 0 2015-06-17 13:52:19 UTC 2022-11-24 13:39:14 UTC 37.48.68.71 Unknown ranking
mnemonic passive DNS eu.can-get-so.me (1) 0 No data No data 157.90.33.71 Unknown ranking
mnemonic passive DNS welcome.unibet.nu (17) 0 No data No data 104.18.25.188 Unknown ranking
mnemonic passive DNS use.fontawesome.com (2) 942 2018-09-18 10:26:26 UTC 2020-03-18 00:09:30 UTC 172.64.132.15
mnemonic passive DNS unibet.demdex.net (1) 338024 2018-06-24 06:21:19 UTC 2019-11-02 03:04:11 UTC 18.203.240.21
mnemonic passive DNS ocsp.digicert.com (6) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
mnemonic passive DNS e1.o.lencr.org (2) 6159 No data No data 23.36.76.249


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 3.70.16.242

Date UQ / IDS / BL URL IP
2022-12-09 12:00:37 +0000
0 - 0 - 1 rezuke.gooredirect.xyz/go/65de1da4-9719-4740- (...) 3.70.16.242
2022-12-09 11:32:35 +0000
0 - 0 - 2 7xd2q.bemobtrcks.com/go/0c4540d1-638c-40ce-9d (...) 3.70.16.242
2022-12-09 09:08:14 +0000
0 - 0 - 1 trckprop.xyz/go/2e00fca6-a544-4aa7-aa2b-67bdf (...) 3.70.16.242
2022-12-09 08:59:04 +0000
0 - 0 - 2 www.mediacdnc.com/go/74346df3-79de-4938-a627- (...) 3.70.16.242
2022-12-09 08:58:04 +0000
0 - 0 - 1 rezuke.gooredirect.xyz/go/52a257bb-4572-4f58- (...) 3.70.16.242

Last 5 reports on ASN: AMAZON-02

Date UQ / IDS / BL URL IP
2022-12-09 12:49:16 +0000
6 - 0 - 3 httpverify.duckdns.org/wellsfargo/emailerror.htm 52.40.133.3
2022-12-09 12:48:53 +0000
6 - 0 - 3 httpverify.duckdns.org/wellsfargo/email.htm 52.40.133.3
2022-12-09 12:48:35 +0000
6 - 0 - 3 httpverify.duckdns.org/wellsfargo/card.htm 52.40.133.3
2022-12-09 12:48:12 +0000
13 - 0 - 1 httpverify.duckdns.org/wellsfargo/ 52.40.133.3
2022-12-09 12:37:14 +0000
7 - 0 - 5 httpverify.duckdns.org/wellsfargo/emailerror.htm 52.40.133.3

Last 5 reports on domain: bemobtracks.com

Date UQ / IDS / BL URL IP
2022-12-09 04:05:46 +0000
0 - 0 - 6 7ktpj.bemobtracks.com/go/75ef24d0-aa3e-4f3b-8 (...) 3.70.16.242
2022-12-07 08:45:07 +0000
0 - 0 - 4 7ktpj.bemobtracks.com/go/75ef24d0-aa3e-4f3b-8 (...) 3.70.16.242
2022-12-07 07:01:51 +0000
0 - 0 - 5 7ktpj.bemobtracks.com/go/75ef24d0-aa3e-4f3b-8 (...) 3.70.16.242
2022-12-06 06:26:07 +0000
0 - 0 - 3 7ktpj.bemobtracks.com/go/75ef24d0-aa3e-4f3b-8 (...) 3.70.16.242
2022-12-05 00:03:56 +0000
0 - 0 - 5 7ktpj.bemobtracks.com/go/75ef24d0-aa3e-4f3b-8 (...) 3.70.16.242

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-25 14:12:45 +0000
0 - 0 - 1 rouonixon.com/4/5151575/ 139.45.197.238
2022-11-25 14:12:17 +0000
0 - 0 - 1 rouonixon.com/4/5461320/ 139.45.197.238
2022-11-25 12:48:35 +0000
0 - 0 - 9 bg4nxu2u5t.com/1943785 62.122.171.6
2022-11-25 08:06:54 +0000
0 - 0 - 1 rouonixon.com/4/5020335/ 139.45.197.238
2022-11-25 06:48:17 +0000
0 - 0 - 5 gtoonfd.com/link?z=5450494&var=08e29a07-b84a- (...) 139.45.197.239


JavaScript

Executed Scripts (26)


Executed Evals (9)

#1 JavaScript::Eval (size: 55, repeated: 1) - SHA256: 14986cbd70f8b8a1770adf9800c113847daf392c2999dfff9dc71d2be98f3282

                                        (function() {
    return visitor.getAnalyticsVisitorID()
})();
                                    

#2 JavaScript::Eval (size: 132, repeated: 1) - SHA256: 0a23e511994a2c03a725773de07810ff171878b9c0177f40a663038e4e251168

                                        (function() {
    if (window.innerWidth) return window.innerWidth;
    d = screen.width + "x" + screen.height;
    return d.documentElement.offsetWidth
})();
                                    

#3 JavaScript::Eval (size: 60, repeated: 1) - SHA256: 9d51544cc513110b130345a977b1e9e630b5a7aa01518f7f7898758b79a9699f

                                        (function() {
    return visitor.getMarketingCloudVisitorID()
})();
                                    

#4 JavaScript::Eval (size: 54, repeated: 1) - SHA256: fc490a09c28110ae2a7c965801ebeb5c572587f55c3524889f547dbcc34c1d81

                                        (function() {
    return screen.width + "x" + screen.height
})();
                                    

#5 JavaScript::Eval (size: 61, repeated: 1) - SHA256: 9259355921509ced00b4d7d3e76c151037a06c88a646cd7d47d5d9c96984697c

                                        (function() {
    return window.functions.timeParting("n", "0")
})();
                                    

#6 JavaScript::Eval (size: 71, repeated: 1) - SHA256: dcdd7e7e286c45c94638f28053384616d6ca9a1b396b0109cb51f1298ba342bb

                                        (function() {
    return Math.round((new Date).getTime() / 1E3).toString()
})();
                                    

#7 JavaScript::Eval (size: 88, repeated: 1) - SHA256: 5e05e2cf30322e8f71d65a22aa5f4a095923b67286a61d83b7787e3468f42f62

                                        (function() {
    return "LP:" + BF_prop.LandingPageName.toString().replace(/:/ig, "").trim()
})();
                                    

#8 JavaScript::Eval (size: 135, repeated: 1) - SHA256: fc7b851f30df68c5cc6d1fb3f06c300b2b1d7271f76cc187224050270141f0ed

                                        (function() {
    if (window.innerHeight) return window.innerHeight;
    d = screen.width + "x" + screen.height;
    return d.documentElement.offsetHeight
})();
                                    

#9 JavaScript::Eval (size: 62, repeated: 1) - SHA256: adf0ca592504ef680d5ea02d5161b15be0572fd3e5b41d152b74f0c76aea6c42

                                        (function() {
    return window.functions.getPageNameOldEvar1()
})();
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 50, repeated: 1) - SHA256: a2b051fa7d206df6e4eeee27678781de0752c1ac7adcfd359c1a2fc7ff507449

                                        < script src = "/widget/betslip/betslip.js" > < /script>
                                    


HTTP Transactions (75)


Request Response
                                        
                                            GET /go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3 HTTP/1.1 
Host: 7ktpj.bemobtracks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         3.70.16.242
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Server: openresty
Date: Thu, 24 Nov 2022 21:06:52 GMT
Content-Length: 194
Connection: keep-alive
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
Access-Control-Allow-Origin: *
Location: https://gtoonfd.com/link?z=5450494&var=&ymid=W2Dh6TmqWij3T8JZB5pKjp
Set-Cookie: bemob-uniq-visit:75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3=1; Domain=7ktpj.bemobtracks.com; Path=/; Expires=Fri, 25 Nov 2022 21:06:52 GMT; HttpOnly bemob-rotation:75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3:random:b3bdcb17c859b1dac2f363c1749f5d62=0-0-2; Domain=7ktpj.bemobtracks.com; Path=/; Expires=Fri, 25 Nov 2022 21:06:52 GMT; HttpOnly bemob-click-id=W2Dh6TmqWij3T8JZB5pKjp; Domain=7ktpj.bemobtracks.com; Path=/; Expires=Fri, 25 Nov 2022 21:06:52 GMT; HttpOnly
Vary: Accept
X-Response-Time: 6.598ms
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   194
Md5:    5fcd735b95b3e588076910467dba5f59
Sha1:   0a2778bf45879b2382e1dffdfeaedd2969f0e452
Sha256: eb35e7005dd54b5bd75318ec25cddd608f548a742aed4e19659b4187b49182e9
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16041
Expires: Fri, 25 Nov 2022 01:34:13 GMT
Date: Thu, 24 Nov 2022 21:06:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3229
Cache-Control: max-age=137888
Date: Thu, 24 Nov 2022 21:06:52 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:25:00 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8494
Expires: Thu, 24 Nov 2022 23:28:26 GMT
Date: Thu, 24 Nov 2022 21:06:52 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 20:19:00 GMT
cache-control: public,max-age=3600
age: 2872
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    4d7e4eed097b9c4e5d509419f1cfc85a
Sha1:   290bb3d428a7c6330e2e3d73a952b16f820896c8
Sha256: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: nwxucuF2G3uucYn4oZj5OCNBYt1IeFOi/ZE/WgQezWvpxLQHsjVllkVp5fp3KDtu5LrIpgP3YjU=
x-amz-request-id: H9BBTWJRMTMRBX83
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 20:40:32 GMT
age: 1580
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 24 Nov 2022 21:06:52 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0B4150B11EDBC30F1A85181FF3F8005BE4722C7DF6775A9B250E474D5F7309ED"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11807
Expires: Fri, 25 Nov 2022 00:23:39 GMT
Date: Thu, 24 Nov 2022 21:06:52 GMT
Connection: keep-alive

                                        
                                            GET /link?z=5450494&var=&ymid=W2Dh6TmqWij3T8JZB5pKjp HTTP/1.1 
Host: gtoonfd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         139.45.197.239
HTTP/2 302 Found
                                        
server: nginx
date: Thu, 24 Nov 2022 21:06:52 GMT
content-length: 0
location: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=5450494&axcusid1=&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D5450494%26var%3D%26ymid%3DW2Dh6TmqWij3T8JZB5pKjp%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=7402
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 4a1da4c46ee18fbe76e749f22ae54961
link: <https://cdntechone.com>; rel="dns-prefetch preconnect"
set-cookie: OAID=ee8546f6eb194e6db3d3515e4b6bb73c; expires=Fri, 24 Nov 2023 21:06:52 GMT oaidts=1669324012; expires=Fri, 24 Nov 2023 21:06:52 GMT phpckd5450494=true; expires=Fri, 25 Nov 2022 21:06:52 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "1C54351546080EE0ABC8FAFF0B81A5EA222914F24FE4B200E267D2AB119BBC5D"
Last-Modified: Wed, 23 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2584
Expires: Thu, 24 Nov 2022 21:49:56 GMT
Date: Thu, 24 Nov 2022 21:06:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "1C54351546080EE0ABC8FAFF0B81A5EA222914F24FE4B200E267D2AB119BBC5D"
Last-Modified: Wed, 23 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2584
Expires: Thu, 24 Nov 2022 21:49:56 GMT
Date: Thu, 24 Nov 2022 21:06:52 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 20:08:53 GMT
cache-control: public,max-age=3600
age: 3479
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 134
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 21:06:53 GMT
Etag: "637f3429-1d7"
Last-Modified: Thu, 24 Nov 2022 21:04:39 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 21:06:53 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 16:52:35 GMT
Expires: Thu, 01 Dec 2022 16:52:34 GMT
Etag: "2ffaca360ca166595c22af6993fe09f828d94f2e"
Cache-Control: max-age=588940,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f51c69280cb524-OSL

                                        
                                            POST /log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853 HTTP/1.1 
Host: datatechone.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1140
Origin: https://cdntechone.com
Connection: keep-alive
Referer: https://cdntechone.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         37.48.68.71
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Thu, 24 Nov 2022 21:06:53 GMT
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://cdntechone.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: d8rYOGL30tOmtKypecoa7w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.242.3.166
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hmvyAWfULyG3BQ/U/EcpOMB2Up8=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4659
Expires: Thu, 24 Nov 2022 22:24:32 GMT
Date: Thu, 24 Nov 2022 21:06:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BB6C526736B4CECE515346D41F812BCE3BA2A45520126CED68AD07B951942AA0"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2204
Expires: Thu, 24 Nov 2022 21:43:37 GMT
Date: Thu, 24 Nov 2022 21:06:53 GMT
Connection: keep-alive

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: gtoonfd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: OAID=ee8546f6eb194e6db3d3515e4b6bb73c; oaidts=1669324012; phpckd5450494=true; allcnt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Thu, 24 Nov 2022 21:06:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /img.gif?f=merge&userId=ee8546f6eb194e6db3d3515e4b6bb73c HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Thu, 24 Nov 2022 21:06:53 GMT
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=ee8546f6eb194e6db3d3515e4b6bb73c; expires=Fri, 24 Nov 2023 21:06:53 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /pr?ids=qqytmvwroco&hash=8b420b2801d6ef7b&ext_req_id=619752430049178143&subid1=5450495&cost=0.003150&rdk=rk1 HTTP/1.1 
Host: eu.can-get-so.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         157.90.33.71
HTTP/2 302 Found
                                        
server: nginx
date: Thu, 24 Nov 2022 21:06:53 GMT
content-length: 0
x-trace: 259bbff4671854e30fdb882b4592b42a
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
referrer-policy: no-referrer
location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=73207837&sref=RLA&RLA=765595
set-cookie: rauid=MBoqGfOeT2ivBLvq2IgWjg; expires=Fri, 24 Nov 2023 21:06:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /redirect.aspx?bid=37950&pid=73207837&sref=RLA&RLA=765595 HTTP/1.1 
Host: adserving.unibet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.11
HTTP/2 307 Temporary Redirect
content-type: text/html
                                        
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2806377&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=320669583_09FFAE8C40DA435699995637FAFF3421&sref=RLA&RLA=765595&affiliateId=1&pid=86805880&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Thu, 24 Nov 2022 21:06:53 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 21:06:53 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86805880%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669324013851)%5c%2f%22%2c%22CookieTag%22%3a%223795086805880451240919C20221124216%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228460947559%7c1%22%7d%5d; domain=.unibet.com; expires=Sat, 24-Nov-3021 21:06:53 GMT; path=/; secure; SameSite=Strict
server-timing: edge; dur=1, origin; dur=200, cdn-cache; desc=MISS
X-Firefox-Spdy: h2

                                        
                                            GET /stan/campaign.do?cmpId=2806377&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=320669583_09FFAE8C40DA435699995637FAFF3421&sref=RLA&RLA=765595&affiliateId=1&pid=86805880&bid=37950 HTTP/1.1 
Host: www.unibet.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         85.184.96.0
HTTP/2 301 Moved Permanently
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2806377&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=320669583_09FFAE8C40DA435699995637FAFF3421&sref=RLA&RLA=765595&affiliateId=1&pid=86805880&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A320669583%3A86805880-37950
set-cookie: JSESSIONID=node0fxdw1wlklwym1fyn1m3bgvn7c6212231.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict __ucbt=node0fxdw1wlklwym1fyn1m3bgvn7c; Path=/; Domain=.unibet.nu; Expires=Sat, 23-Nov-2024 21:06:54 GMT; Max-Age=63072000; Secure; SameSite=None uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Sat, 23-Nov-2024 21:06:54 GMT; Max-Age=63072000; Secure; SameSite=None uniattr_ref=; Path=/; Domain=.unibet.nu; Expires=Sat, 23-Nov-2024 21:06:54 GMT; Max-Age=63072000; Secure; SameSite=None UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None campaignId=2806377; Path=/; Domain=.unibet.nu; Expires=Fri, 25-Nov-2022 18:59:59 GMT; Max-Age=78785; Secure; SameSite=None framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Thu, 24-Nov-2022 21:07:09 GMT; Max-Age=15; Secure; SameSite=None affiliateId=1; Path=/; Domain=.unibet.nu; Expires=Fri, 25-Nov-2022 18:59:59 GMT; Max-Age=78785; Secure; SameSite=None B-TAG=320669583_09FFAE8C40DA435699995637FAFF3421; Path=/; Domain=.unibet.nu; Expires=Fri, 25-Nov-2022 18:59:59 GMT; Max-Age=78785; Secure; SameSite=None REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None BID=37950; Path=/; Domain=.unibet.nu; Expires=Fri, 25-Nov-2022 18:59:59 GMT; Max-Age=78785; Secure; SameSite=None PID=86805880; Path=/; Domain=.unibet.nu; Expires=Fri, 25-Nov-2022 18:59:59 GMT; Max-Age=78785; Secure; SameSite=None CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None REFERER=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26sref%3DRLA%26RLA%3D765595%26affiliateId%3D1%26pid%3D86805880%26bid%3D37950; Path=/; Domain=.unibet.nu; Expires=Fri, 25-Nov-2022 18:59:59 GMT; Max-Age=78785; Secure; SameSite=None AFFILIATE_CAMPAIGN_ID=2806377; Path=/; Domain=.unibet.nu; Expires=Fri, 25-Nov-2022 18:59:59 GMT; Max-Age=78785; Secure; SameSite=None framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Thu, 24-Nov-2022 21:07:09 GMT; Max-Age=15; Secure; SameSite=None campaignId=2806377; Path=/; Domain=.unibet.nu; Expires=Fri, 25-Nov-2022 18:59:59 GMT; Max-Age=78785; Secure; SameSite=None framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Thu, 24-Nov-2022 21:07:09 GMT; Max-Age=15; Secure; SameSite=None clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 24 Nov 2022 21:06:54 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2

                                        
                                            GET /stan/redirecttocampaign.do?cmpId=2806377&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=320669583_09FFAE8C40DA435699995637FAFF3421&sref=RLA&RLA=765595&affiliateId=1&pid=86805880&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A320669583%3A86805880-37950 HTTP/1.1 
Host: www.unibet.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ucbt=node0fxdw1wlklwym1fyn1m3bgvn7c; uniattr=ST.0.T; uniattr_ref=; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_09FFAE8C40DA435699995637FAFF3421; BID=37950; PID=86805880; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26sref%3DRLA%26RLA%3D765595%26affiliateId%3D1%26pid%3D86805880%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         85.184.96.0
HTTP/2 301 Moved Permanently
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
content-length: 0
location: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320669583:86805880-37950&btag=320669583_09FFAE8C40DA435699995637FAFF3421&bid=37950&campaignId=2806377&pid=86805880
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 24 Nov 2022 21:06:54 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4542
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 21:06:54 GMT
Last-Modified: Thu, 24 Nov 2022 19:51:13 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1 
Host: a1s-cdn.unibet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.184.96.5
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   956
Md5:    fd48e87ecd4d06d9c5df490b91dc813e
Sha1:   a65a437db44444634e4f41732c590c1d14433b3f
Sha256: 2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
                                        
                                            GET /custom.js HTTP/1.1 
Host: welcome.unibet.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320669583:86805880-37950&btag=320669583_09FFAE8C40DA435699995637FAFF3421&bid=37950&campaignId=2806377&pid=86805880
Cookie: __ucbt=node0fxdw1wlklwym1fyn1m3bgvn7c; uniattr=ST.0.T; uniattr_ref=; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_09FFAE8C40DA435699995637FAFF3421; BID=37950; PID=86805880; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26sref%3DRLA%26RLA%3D765595%26affiliateId%3D1%26pid%3D86805880%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.18.25.188
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: 126f410e-701e-000b-2310-f9e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 188721
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f51c72cb660b61-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2527
Md5:    b1afa95a59dfaaaf6b534263dc0019ae
Sha1:   d749016014e63e751b812aaf50158f003447c5ec
Sha256: d6ef8121803e49d586105dc6edfcbf17944726b71d51a72a3dcde92de445dca0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 21:06:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2512
Cache-Control: max-age=142907
Date: Thu, 24 Nov 2022 21:06:54 GMT
Etag: "637f5e59-118"
Expires: Sat, 26 Nov 2022 12:48:41 GMT
Last-Modified: Thu, 24 Nov 2022 12:06:49 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.138
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 15:30:11 GMT
expires: Fri, 24 Nov 2023 15:30:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 20203
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30399
Md5:    0f83cadc148d2ad7e53c91f6c4ee05bb
Sha1:   90035c5fffedf4b0f099465f6b929a030b46c92b
Sha256: 3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10479
Expires: Fri, 25 Nov 2022 00:01:33 GMT
Date: Thu, 24 Nov 2022 21:06:54 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 21:06:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320669583:86805880-37950&btag=320669583_09FFAE8C40DA435699995637FAFF3421&bid=37950&campaignId=2806377&pid=86805880 HTTP/1.1 
Host: welcome.unibet.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ucbt=node0fxdw1wlklwym1fyn1m3bgvn7c; uniattr=ST.0.T; uniattr_ref=; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_09FFAE8C40DA435699995637FAFF3421; BID=37950; PID=86805880; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26sref%3DRLA%26RLA%3D765595%26affiliateId%3D1%26pid%3D86805880%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.18.25.188
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
cache-control: public, max-age=900, immutable
content-md5: z9wBcojvf/7eDR39nfDjGQ==
last-modified: Wed, 23 Nov 2022 09:41:24 GMT
x-ms-request-id: 9cee0982-d01e-0002-4448-00acba000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f51c70afba0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (493)
Size:   3621
Md5:    c5faaaf16e6fb638312ae5a8eb0183e7
Sha1:   7e78b8ac11e279db5aabfe70bfe45346ff0cb6cb
Sha256: 387fe4262ec7515cbabcf8996866c053badd14c540bc602f8a7a284f7b2ab366
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10479
Expires: Fri, 25 Nov 2022 00:01:33 GMT
Date: Thu, 24 Nov 2022 21:06:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10479
Expires: Fri, 25 Nov 2022 00:01:33 GMT
Date: Thu, 24 Nov 2022 21:06:54 GMT
Connection: keep-alive

                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/com-payments.svg HTTP/1.1 
Host: welcome.unibet.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320669583:86805880-37950&btag=320669583_09FFAE8C40DA435699995637FAFF3421&bid=37950&campaignId=2806377&pid=86805880
Cookie: __ucbt=node0fxdw1wlklwym1fyn1m3bgvn7c; uniattr=ST.0.T; uniattr_ref=; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_09FFAE8C40DA435699995637FAFF3421; BID=37950; PID=86805880; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26sref%3DRLA%26RLA%3D765595%26affiliateId%3D1%26pid%3D86805880%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.18.25.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Wed, 23 Nov 2022 09:41:25 GMT
etag: W/"0x8DACD36E3B02EBB"
x-ms-request-id: a2357d1a-b01e-0049-4f20-ff50e9000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 127335
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f51c72db7e0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   18065
Md5:    59792f0d5772ca89c122b241ef16be29
Sha1:   fba95498beeaac40bb8d0a9e15e2827a7740c915
Sha256: ae9e1ea74f6cc2a4f51ace7721ee7761c83d628f9ad1b9fb81af020d604d898b
                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/utv-logo.svg HTTP/1.1 
Host: welcome.unibet.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320669583:86805880-37950&btag=320669583_09FFAE8C40DA435699995637FAFF3421&bid=37950&campaignId=2806377&pid=86805880
Cookie: __ucbt=node0fxdw1wlklwym1fyn1m3bgvn7c; uniattr=ST.0.T; uniattr_ref=; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_09FFAE8C40DA435699995637FAFF3421; BID=37950; PID=86805880; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26sref%3DRLA%26RLA%3D765595%26affiliateId%3D1%26pid%3D86805880%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.18.25.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Wed, 23 Nov 2022 09:41:25 GMT
etag: W/"0x8DACD36E36045A2"
x-ms-request-id: ad0e1658-501e-0033-8020-ff4da9000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 127335
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f51c72cb690b61-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (807), with no line terminators
Size:   6888
Md5:    74ab1709c3292bcd088f4db22e90a4f9
Sha1:   8f19843fa5eff84381a0ca2dd04352526834c4c1
Sha256: 2ff8d775b61c20bfb53c4a79e1f4fbd16fee802febb1dbc9eb906ef34a93842f
                                        
                                            GET /css?family=Roboto:300,400,500 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 21:06:54 GMT
date: Thu, 24 Nov 2022 21:06:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5714
Md5:    431741651b63346d2a478637808d59df
Sha1:   f8fe806d81dc1be05482bd7915bb631a2b2c0f3b
Sha256: d91fc55c389bdffb5a2dba30aeff0a8a53865c233790f415c10fb1abcc928833
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 57746
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4309
Md5:    841a4b110022a99ddea6f7bf66df0fa1
Sha1:   126771b86638108050cf57c0d12faa27f80f0edb
Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/icon-expert.svg HTTP/1.1 
Host: welcome.unibet.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320669583:86805880-37950&btag=320669583_09FFAE8C40DA435699995637FAFF3421&bid=37950&campaignId=2806377&pid=86805880
Cookie: __ucbt=node0fxdw1wlklwym1fyn1m3bgvn7c; uniattr=ST.0.T; uniattr_ref=; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_09FFAE8C40DA435699995637FAFF3421; BID=37950; PID=86805880; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26sref%3DRLA%26RLA%3D765595%26affiliateId%3D1%26pid%3D86805880%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.18.25.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Wed, 23 Nov 2022 09:41:27 GMT
etag: W/"0x8DACD36E4DBD8DB"
x-ms-request-id: deea5553-401e-003f-1d20-ffdaa1000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 127335
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f51c72cb6e0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (966), with no line terminators
Size:   7314
Md5:    5a5e55f909fb559c50c4230220a32e36
Sha1:   89f58f5d9a3dff9ae768faa3fd494462786111a8
Sha256: ad66d2caabb269262cbd68769ecea8983e6f466d1f6782320c270ee0ceb3a168
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DYBcunpyI0FBJsJGh1kKpFI3X8kzCkO3mCxzUtWnaMKBT-Bv-zkq3Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:59:18 GMT
age: 83256
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13882
Md5:    64d79191f005c9876b952c5f948aa0f7
Sha1:   1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
Sha256: 00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
                                        
                                            GET /releases/v5.7.1/css/all.css HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.132.15
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
x-amz-id-2: QHu6SUBj881cSMd65Dd1ISAsND/ym37THrCnAqDKmpz0US1vjG/LBwNmAc6/PEPUxJRhxs5kwxw=
x-amz-request-id: K8TCAY5VPR56C7ER
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 163481
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytJLfRsiUBi6EdeO9av2WvKNHtsAsn9nbDumSVl%2F5rBRt%2B8EsVGewVIXWXCBImgqRUVpDJXEyUdCTpg3lXBgpZg%2BlwpPxnf8uLaI6hOblMlmNOHllYSZU8OcB41xXY0wmY%2BVG1zh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f51c738d50719c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (54456), with no line terminators
Size:   12127
Md5:    50a5f700dc803a858949b490a7546319
Sha1:   7966106684bca30f6516ae78acf08eac7d38ea99
Sha256: 07168c4e3d064b77e12af992a2825dbf43852d5c73b2f4d2e00f730c84041cd6
                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/Unibet_Pro_2020.woff2 HTTP/1.1 
Host: welcome.unibet.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-styles.css
Cookie: __ucbt=node0fxdw1wlklwym1fyn1m3bgvn7c; uniattr=ST.0.T; uniattr_ref=; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_09FFAE8C40DA435699995637FAFF3421; BID=37950; PID=86805880; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26sref%3DRLA%26RLA%3D765595%26affiliateId%3D1%26pid%3D86805880%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.18.25.188
HTTP/2 200 OK
content-type: application/font-woff2
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
content-length: 10924
cache-control: public, max-age=900, immutable
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
last-modified: Wed, 23 Nov 2022 09:41:28 GMT
etag: "0x8DACD36E5898BBC"
x-ms-request-id: fbb0f700-001e-0011-6220-ff88b6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 127335
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f51c744dc70b61-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Size:   10924
Md5:    0ea5bcff84ae44840b6e9c9d12c8b963
Sha1:   6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
Sha256: b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b
                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/1-background-black.jpg HTTP/1.1 
Host: welcome.unibet.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-styles.css
Cookie: __ucbt=node0fxdw1wlklwym1fyn1m3bgvn7c; uniattr=ST.0.T; uniattr_ref=; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_09FFAE8C40DA435699995637FAFF3421; BID=37950; PID=86805880; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26sref%3DRLA%26RLA%3D765595%26affiliateId%3D1%26pid%3D86805880%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.18.25.188
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
content-length: 530095
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: xYlVAKiG8X/5NE4Ngv5uyQ==
etag: "0x8DACD36E34C2457"
last-modified: Wed, 23 Nov 2022 09:41:25 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 9364888c-801e-0030-0720-ffaccd000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 127335
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f51c743dc00b61-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1800x936, components 3\012- data
Size:   530095
Md5:    c5895500a886f17ff9344e0d82fe6ec9
Sha1:   3c47606c692fc53da28e541e8b191a777d77cefd
Sha256: ac6895cf3959a7cd8b23f9d1f7eed70af8d6fc1cdf27de416ef6120d13fea88e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 21:06:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.132.15
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
content-length: 74320
x-amz-id-2: uylfrzKDH44ZidgIOMpzcbdr+yl6PAbPbLpDng4fnFbv2mr6lhfDGG1jqrGy0+sWtFy5eLPZOfQ=
x-amz-request-id: K5F4DS5NWXJ1MX1N
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: "3638e62ea50e6f5859b6a15276c25c87"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 132376
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F39mjGarw9lJZDi%2FyveB9c6XcxBBmXOLp8AYRNR75Dpsn6yqcOcOAZ98l%2F0zmkBLjJaOj2bMubk%2B9QbxPw87B5sAbhF1XX1nImqtzMXB%2BSqCrx8PSVqqQGfYqbu3xn3w5s5y5c0R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f51c746ed6719c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Size:   74320
Md5:    3638e62ea50e6f5859b6a15276c25c87
Sha1:   f5aa1a463e223a294a42b314e1c63a614d594ec0
Sha256: 9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 21:06:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 21:06:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 111562
last-modified: Wed, 11 May 2022 19:24:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:21 GMT
expires: Thu, 23 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 91953
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size:   15740
Md5:    b9c29351c46f3e8c8631c4002457f48a
Sha1:   e57e59c5780995ff2937ab2b511a769212974a87
Sha256: f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/icon-casino.svg HTTP/1.1 
Host: welcome.unibet.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320669583:86805880-37950&btag=320669583_09FFAE8C40DA435699995637FAFF3421&bid=37950&campaignId=2806377&pid=86805880
Cookie: __ucbt=node0fxdw1wlklwym1fyn1m3bgvn7c; uniattr=ST.0.T; uniattr_ref=; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_09FFAE8C40DA435699995637FAFF3421; BID=37950; PID=86805880; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26sref%3DRLA%26RLA%3D765595%26affiliateId%3D1%26pid%3D86805880%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.18.25.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
cache-control: public, max-age=900, immutable
content-md5: u/57C1Al21ESpXtbDs6sbw==
last-modified: Wed, 23 Nov 2022 09:41:27 GMT
etag: W/"0x8DACD36E4CEBB6D"
x-ms-request-id: 1a7d30f0-801e-0042-4320-ffab82000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 127335
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f51c72db790b61-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (2084), with no line terminators
Size:   16472
Md5:    37d9b009db8fc6f38dae804b8d44aa9d
Sha1:   7c754def7b5e2652255f769f76cef61b341ed674
Sha256: 317164be39840c6bdd70885f6ddcd9ad4745e7ab4d041408dd5b3a3203dcfa51
                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/1-styles.css HTTP/1.1 
Host: welcome.unibet.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320669583:86805880-37950&btag=320669583_09FFAE8C40DA435699995637FAFF3421&bid=37950&campaignId=2806377&pid=86805880
Cookie: __ucbt=node0fxdw1wlklwym1fyn1m3bgvn7c; uniattr=ST.0.T; uniattr_ref=; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_09FFAE8C40DA435699995637FAFF3421; BID=37950; PID=86805880; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26sref%3DRLA%26RLA%3D765595%26affiliateId%3D1%26pid%3D86805880%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.18.25.188
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
cache-control: public, max-age=900, immutable
content-md5: lMc9drvQACpBd5pyJgR1QA==
last-modified: Wed, 23 Nov 2022 09:41:24 GMT
etag: W/"0x8DACD36E2F5D37E"
x-ms-request-id: bc91156d-201e-0016-1520-ffe4d5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 127336
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f51c72bb5a0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   85974
Md5:    cd48c9c6b069f47fbcb222f136a45701
Sha1:   e4eecd4ed82b7079b3dfd3da73f1405450d3881b
Sha256: 626a11cdd1493e489c79da5b432cc0b7915c3faee6e607aff5e6766ad2b2bcb4
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 21:06:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/no-payments.svg HTTP/1.1 
Host: welcome.unibet.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320669583:86805880-37950&btag=320669583_09FFAE8C40DA435699995637FAFF3421&bid=37950&campaignId=2806377&pid=86805880
Cookie: __ucbt=node0fxdw1wlklwym1fyn1m3bgvn7c; uniattr=ST.0.T; uniattr_ref=; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_09FFAE8C40DA435699995637FAFF3421; BID=37950; PID=86805880; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26sref%3DRLA%26RLA%3D765595%26affiliateId%3D1%26pid%3D86805880%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.18.25.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
cache-control: public, max-age=900, immutable
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Wed, 23 Nov 2022 09:41:26 GMT
etag: W/"0x8DACD36E3F01499"
x-ms-request-id: 4d13b6ea-901e-0013-2d20-ff360e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 127335
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f51c74eee20b61-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   8504
Md5:    e344e05281fdc6518b100b82ae1dfb63
Sha1:   c684230d0f047d149411d332d9666cebb390023d
Sha256: 49adfff47786909b62c671da07dad03c5c955b4220bece9253dd936f713dddf7
                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/unibet-logo.svg HTTP/1.1 
Host: welcome.unibet.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320669583:86805880-37950&btag=320669583_09FFAE8C40DA435699995637FAFF3421&bid=37950&campaignId=2806377&pid=86805880
Cookie: __ucbt=node0fxdw1wlklwym1fyn1m3bgvn7c; uniattr=ST.0.T; uniattr_ref=; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_09FFAE8C40DA435699995637FAFF3421; BID=37950; PID=86805880; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26sref%3DRLA%26RLA%3D765595%26affiliateId%3D1%26pid%3D86805880%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.18.25.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Wed, 23 Nov 2022 09:41:25 GMT
etag: W/"0x8DACD36E38C7F49"
x-ms-request-id: fbb0f526-001e-0011-3020-ff88b6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 127336
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f51c72cb670b61-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3207), with no line terminators
Size:   2892
Md5:    9b9a6f7c39a05b594b6630b2852c060a
Sha1:   8eb440948d7c38c36c9f579d644a60a830fa3ccb
Sha256: 74c38aedc99e3ce924ee39c79f01aea6ea488d2839387b7aebd991a03082cc68
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2993
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 21:06:55 GMT
Last-Modified: Thu, 24 Nov 2022 20:17:02 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.252.171.21
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.21.3
Date: Thu, 24 Nov 2022 21:06:55 GMT
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 7d703258-0280-433f-a09d-f84440ba50fa
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?ltAx_X!]tbP6j2F-XstGt!@E<e%1NvX; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 22-Feb-2023 21:06:55 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    592ebefc7104d681d57852665e9ad514
Sha1:   15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
Sha256: 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
                                        
                                            GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1669324014592 HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.50.158.189
HTTP/1.1 200 OK
Content-Type: application/json;charset=utf-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.nu
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-1-v045-0be46a66e.edge-irl1.demdex.com 1 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=73894195362969854602936073097950472432; Max-Age=15552000; Expires=Tue, 23 May 2023 21:06:55 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: 1o+n1MihSoM=
Content-Length: 501
Connection: keep-alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Size:   501
Md5:    c1dd9220b882e0e6ea18d05cc0aaf0a1
Sha1:   7b5c7b26603804f567ebbdb10e544e2e126747da
Sha256: 8ffd625b13e3308a38c6724b4f12c24625350702e0fb05856450e9019c56cf11
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2329
Cache-Control: max-age=126541
Date: Thu, 24 Nov 2022 21:06:55 GMT
Etag: "637f1f23-1d7"
Expires: Sat, 26 Nov 2022 08:15:56 GMT
Last-Modified: Thu, 24 Nov 2022 07:37:07 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=73866599761478448472932348150735197547&ts=1669324014814 HTTP/1.1 
Host: unibetlondonltd.d3.sc.omtrdc.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.36.218.177
HTTP/2 200 OK
content-type: application/x-javascript;charset=utf-8
                                        
access-control-allow-origin: https://welcome.unibet.nu
access-control-allow-credentials: true
date: Thu, 24 Nov 2022 21:06:55 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET /dest5.html?d_nsid=0 HTTP/1.1 
Host: unibet.demdex.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         18.203.240.21
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
date: Thu, 24 Nov 2022 21:06:55 GMT
DCS: dcs-prod-irl1-2-v045-00fcfd78a.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 13:34:31 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: Jqv7tcQIQjg=
Content-Length: 2791
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Size:   2791
Md5:    ccbdcb1e84c241950763ec4cd516cdfc
Sha1:   55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
Sha256: de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
                                        
                                            GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s73775606057677?AQB=1&ndh=1&pf=1&t=24%2F10%2F2022%2021%3A6%3A54%204%200&mid=73866599761478448472932348150735197547&aamlh=6&ce=UTF-8&pageName=LP%3ACopy%20of%202022%20-%20WC%20-%20Sports%20LP&g=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A320669583%3A86805880-37950%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26bid%3D37950%26campaignId%3D2806377%26pid%3D86805880&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A320669583%3A86805880-37950%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26bid%3D37950%26campaignId%3D2806377%26pid%3D86805880&v1=welcome.unibet.nu%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Afootball%3Awc%3A2022%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.nu&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=9%3A06%20PM%7CThursday&v6=9%3A06%20PM%7CThursday&v11=GBP&c14=New&v14=New&c16=1669324015&v21=Not%20Logged-In&c73=unibet&v120=affiliate&v121=1%3A320669583%3A86805880-37950&v122=NONE&v124=2806377&v125=320669583_09FFAE8C40DA435699995637FAFF3421&v126=86805880&v127=37950&v134=1669324014&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1 
Host: unibetlondonltd.d3.sc.omtrdc.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.36.218.177
HTTP/2 200 OK
content-type: image/gif;charset=utf-8
                                        
access-control-allow-origin: *
date: Thu, 24 Nov 2022 21:06:55 GMT
expires: Wed, 23 Nov 2022 21:06:55 GMT
last-modified: Fri, 25 Nov 2022 21:06:55 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3584846025849110528-4619668268400627342
vary: *
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 2 x 2\012- data
Size:   43
Md5:    ad480fd0732d0f6f1a8b06359e3a42bb
Sha1:   a544538683a2dfe574eeb2e358ac8fcc78289d50
Sha256: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149492
Date: Thu, 24 Nov 2022 21:06:55 GMT
Etag: "637f7925-1d7"
Expires: Sat, 26 Nov 2022 14:38:27 GMT
Last-Modified: Thu, 24 Nov 2022 14:01:09 GMT
Server: ECS (dcb/7F84)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9ip1E8U-3jjPjTQtpI2s1a3YJtoTlpBMmRjE5s6Lviiva6r1yDpf5Q==
Age: 2238

                                        
                                            GET /cm/dd?d_uuid=73894195362969854602936073097950472432 HTTP/1.1 
Host: cm.everesttech.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         99.80.65.0
HTTP/1.1 302
                                        
Date: Thu, 24 Nov 2022 21:06:55 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y3-c7wAAANEgbgNn; Domain=.everesttech.net; Expires=Fri, 24-Nov-2023 21:06:55 GMT; Path=/ everest_session_v2=Y3-c7wAAANEgbwNn; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3-c7wAAANEgbgNn
Server: AMO-cookiemap/1.1

                                        
                                            GET /ibs:dpid=411&dpuuid=Y3-c7wAAANEgbgNn HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.50.158.189
HTTP/1.1 302 Found
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-0be46a66e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y3-c7wAAANEgbgNn
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=13224222104995281003694718800405605733; Max-Age=15552000; Expires=Tue, 23 May 2023 21:06:55 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: q+0AeLTGQnk=
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y3-c7wAAANEgbgNn HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.50.158.189
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-2-v045-08c859e6d.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: OzwLm8gyQuw=
Content-Length: 59
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   59
Md5:    1251cd5e5c2def4c046309375f87c1c1
Sha1:   e02d6b0c6a5c495c15985e2832e335eda8528c80
Sha256: 4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
                                        
                                            GET /link?z=5450494&var=&ymid=W2Dh6TmqWij3T8JZB5pKjp&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=7402 HTTP/1.1 
Host: gtoonfd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: OAID=ee8546f6eb194e6db3d3515e4b6bb73c; oaidts=1669324012; phpckd5450494=true
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: text/html; charset=utf8
                                        
server: nginx
date: Thu, 24 Nov 2022 21:06:53 GMT
x-trace-id: 75e2e339a636a312ec78fa7d28894572
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=ee8546f6eb194e6db3d3515e4b6bb73c; expires=Fri, 24 Nov 2023 21:06:53 GMT; path=/; secure; SameSite=None oaidts=1669324012; expires=Fri, 24 Nov 2023 21:06:53 GMT; path=/; secure; SameSite=None allcnt=1; expires=Fri, 24 Nov 2023 21:06:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/1-main.js HTTP/1.1 
Host: welcome.unibet.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320669583:86805880-37950&btag=320669583_09FFAE8C40DA435699995637FAFF3421&bid=37950&campaignId=2806377&pid=86805880
Cookie: __ucbt=node0fxdw1wlklwym1fyn1m3bgvn7c; uniattr=ST.0.T; uniattr_ref=; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_09FFAE8C40DA435699995637FAFF3421; BID=37950; PID=86805880; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26sref%3DRLA%26RLA%3D765595%26affiliateId%3D1%26pid%3D86805880%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.18.25.188
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
cache-control: public, max-age=900, immutable
content-md5: EqJ6l4cI9XyehxuJDe4EbA==
last-modified: Wed, 23 Nov 2022 09:41:24 GMT
etag: W/"0x8DACD36E31CDDD4"
x-ms-request-id: 2e48c7f9-401e-005d-4a20-ff1886000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 127336
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f51c72bb600b61-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/icon-trust.svg HTTP/1.1 
Host: welcome.unibet.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320669583:86805880-37950&btag=320669583_09FFAE8C40DA435699995637FAFF3421&bid=37950&campaignId=2806377&pid=86805880
Cookie: __ucbt=node0fxdw1wlklwym1fyn1m3bgvn7c; uniattr=ST.0.T; uniattr_ref=; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_09FFAE8C40DA435699995637FAFF3421; BID=37950; PID=86805880; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26sref%3DRLA%26RLA%3D765595%26affiliateId%3D1%26pid%3D86805880%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.18.25.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Wed, 23 Nov 2022 09:41:27 GMT
etag: W/"0x8DACD36E4D54A22"
x-ms-request-id: c1d9b3be-a01e-0055-6520-ff0289000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 127335
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f51c72cb6c0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /widget/betslip/betslip.js HTTP/1.1 
Host: welcome.unibet.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320669583:86805880-37950&btag=320669583_09FFAE8C40DA435699995637FAFF3421&bid=37950&campaignId=2806377&pid=86805880
Cookie: __ucbt=node0fxdw1wlklwym1fyn1m3bgvn7c; uniattr=ST.0.T; uniattr_ref=; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_09FFAE8C40DA435699995637FAFF3421; BID=37950; PID=86805880; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26sref%3DRLA%26RLA%3D765595%26affiliateId%3D1%26pid%3D86805880%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.18.25.188
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 9491108d-c01e-000e-6d20-ff3bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 127336
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f51c73fd4b0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/favicon.ico HTTP/1.1 
Host: welcome.unibet.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320669583:86805880-37950&btag=320669583_09FFAE8C40DA435699995637FAFF3421&bid=37950&campaignId=2806377&pid=86805880
Cookie: __ucbt=node0fxdw1wlklwym1fyn1m3bgvn7c; uniattr=ST.0.T; uniattr_ref=; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_09FFAE8C40DA435699995637FAFF3421; BID=37950; PID=86805880; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26sref%3DRLA%26RLA%3D765595%26affiliateId%3D1%26pid%3D86805880%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.18.25.188
HTTP/2 200 OK
content-type: image/x-icon
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Wed, 23 Nov 2022 09:41:24 GMT
etag: W/"0x8DACD36E306E807"
x-ms-request-id: 0138e89a-301e-0047-1120-ff7959000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 127334
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f51c753f5a0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /orval/tracking/lastclick.min.js HTTP/1.1 
Host: a1s.unibet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.184.96.5
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:24 GMT
etag: W/"705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/gambling-commission.png HTTP/1.1 
Host: welcome.unibet.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320669583:86805880-37950&btag=320669583_09FFAE8C40DA435699995637FAFF3421&bid=37950&campaignId=2806377&pid=86805880
Cookie: __ucbt=node0fxdw1wlklwym1fyn1m3bgvn7c; uniattr=ST.0.T; uniattr_ref=; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_09FFAE8C40DA435699995637FAFF3421; BID=37950; PID=86805880; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26sref%3DRLA%26RLA%3D765595%26affiliateId%3D1%26pid%3D86805880%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.18.25.188
HTTP/2 404 Not Found
content-type: application/xml
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
x-ms-request-id: a9296715-401e-002f-0948-001fc9000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 157
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f51c72db7c0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/gb-when-the-fun-stops.svg HTTP/1.1 
Host: welcome.unibet.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320669583:86805880-37950&btag=320669583_09FFAE8C40DA435699995637FAFF3421&bid=37950&campaignId=2806377&pid=86805880
Cookie: __ucbt=node0fxdw1wlklwym1fyn1m3bgvn7c; uniattr=ST.0.T; uniattr_ref=; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_09FFAE8C40DA435699995637FAFF3421; BID=37950; PID=86805880; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_09FFAE8C40DA435699995637FAFF3421%26sref%3DRLA%26RLA%3D765595%26affiliateId%3D1%26pid%3D86805880%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.18.25.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 24 Nov 2022 21:06:54 GMT
cache-control: public, max-age=900, immutable
content-md5: aKFt6UnI1NUrF+upCSAbIA==
last-modified: Wed, 23 Nov 2022 09:41:26 GMT
etag: W/"0x8DACD36E40AC4AE"
x-ms-request-id: 0138e59e-301e-0047-1920-ff7959000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 127335
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f51c72db840b61-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=5450494&axcusid1=&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D5450494%26var%3D%26ymid%3DW2Dh6TmqWij3T8JZB5pKjp%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=7402 HTTP/1.1 
Host: cdntechone.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.21.29.183
HTTP/2 200 OK
content-type: text/html
                                        
date: Thu, 24 Nov 2022 21:06:52 GMT
last-modified: Wed, 23 Nov 2022 15:07:35 GMT
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2h8Fdn%2FrGDMXSy4fHfHF5YWo0TL%2BYoRHc7T1IoXVL1TfmGdz8NmazCZEKaUNypt%2FBVmkj85BzSabyE98wWAHmtLNrOWPPNmRkINejMHTd1a8g0uPCYTFgqJSO4PkxDUxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f51c66dbde0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---