urlquery - report: tgrrre.6dcfb.cj.wy5532.com/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-12-01 17:14:08 UTC	34.102.187.140
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
click-v4.expmdiadi.com (1)	0	No data	No data	198.134.116.17	Unknown ranking
ocsp.pki.goog (8)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	216.58.211.3
fonts.gstatic.com (3)	0	2014-09-09 00:40:21 UTC	2022-12-01 22:08:56 UTC	216.58.207.227	Domain (gstatic.com) ranked at: 540
a1s.unibet.com (1)	297625	2018-08-24 02:07:57 UTC	2020-04-28 05:20:01 UTC	85.184.96.5
ocsp.digicert.com (7)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
gracelessbrief.com (2)	0	2022-11-28 11:12:50 UTC	2022-12-01 03:00:50 UTC	173.233.137.60	Unknown ranking
use.fontawesome.com (2)	942	2018-09-18 10:26:26 UTC	2020-03-18 00:09:30 UTC	172.64.133.15
www.googletagmanager.com (1)	75	2013-05-22 02:07:37 UTC	2022-12-01 18:48:44 UTC	142.250.74.168
ocsp.sca1b.amazontrust.com (1)	1015	2017-03-03 15:20:51 UTC	2019-03-27 04:05:54 UTC	143.204.42.88
fonts.googleapis.com (1)	8877	2013-06-10 20:14:26 UTC	2022-12-01 17:28:41 UTC	142.250.74.106
tgrrre.6dcfb.cj.wy5532.com (3)	0	No data	No data	199.115.115.116	Unknown ranking
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
adserving.unibet.com (1)	98000	2015-05-26 06:56:53 UTC	2020-04-28 07:38:51 UTC	23.36.79.43
www.unibet.nu (2)	0	2022-11-04 11:13:23 UTC	2022-12-01 17:58:24 UTC	85.184.96.0	Unknown ranking
dpm.demdex.net (3)	204	2018-07-06 04:53:56 UTC	2020-04-29 23:04:31 UTC	52.31.218.182
unibet.demdex.net (1)	338024	2018-06-24 06:21:19 UTC	2019-11-02 03:04:11 UTC	3.248.125.109
cm.everesttech.net (1)	996	2018-09-03 07:40:22 UTC	2020-04-29 11:27:39 UTC	52.27.225.128
r3.o.lencr.org (8)	344	No data	No data	23.36.77.32
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-12-01 17:12:49 UTC	34.117.237.239
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	35.163.49.154
ajax.googleapis.com (1)	12905	2013-08-16 09:51:31 UTC	2022-12-01 21:19:58 UTC	172.217.21.170
welcome.unibet.nu (19)	0	No data	No data	104.18.25.188	Unknown ranking
secure.adnxs.com (1)	396	2012-05-22 16:37:37 UTC	2020-03-11 07:38:04 UTC	37.252.171.22
unibetlondonltd.d3.sc.omtrdc.net (1)	444877	2017-01-29 21:05:05 UTC	2022-12-01 17:58:27 UTC	15.188.95.229

Scan Date	Severity	Indicator	Comment
2022-12-01	2	tgrrre.6dcfb.cj.wy5532.com/	Malware

Date	UQ / IDS / BL	URL	IP
2023-02-02 00:45:04 +0000	0 - 0 - 3	uyclvmqe.tt.wy5532.com/	199.115.115.116
2023-01-24 08:54:19 +0000	0 - 0 - 1	simuladordeempresa.com/wp-content/new.exe	199.115.115.116
2023-01-20 14:50:55 +0000	0 - 0 - 2	1rer.38c43.aw.wy5532.com/	199.115.115.116
2023-01-19 12:05:13 +0000	0 - 2 - 1	iuyuyt.22e5e.tk.wy5532.com/	199.115.115.116
2023-01-12 09:09:17 +0000	0 - 2 - 2	mjurr.3cae8.cv.wy5532.com/	199.115.115.116

Date	UQ / IDS / BL	URL	IP
2023-02-03 12:46:42 +0000	0 - 0 - 5	linkhealthcaresystem.com/9e269449c0cbb2069078 (...)	162.210.196.167
2023-02-03 11:57:44 +0000	0 - 1 - 0	12kbps.xyz/repo/vir/others/memz.exe	207.244.65.58
2023-02-03 11:57:43 +0000	0 - 1 - 0	12kbps.xyz/repo/vir/others/windowspolicepro.exe	207.244.65.58
2023-02-03 02:55:14 +0000	0 - 0 - 3	andicomedicalsuppliers.com/chromestre/35on892 (...)	162.210.199.85
2023-02-03 00:10:10 +0000	0 - 0 - 0	www.pirate-bay.net	199.115.116.43

Date	UQ / IDS / BL	URL	IP
2023-02-02 10:55:45 +0000	0 - 0 - 1	qwqee.1e534.tv.wy5532.com/	37.48.65.148
2023-02-02 04:11:22 +0000	0 - 0 - 1	rhuugcf.wy5532.com/	81.171.22.5
2023-02-02 02:43:33 +0000	0 - 0 - 3	2490b.zz.wy5532.com/	37.48.65.149
2023-02-02 00:45:04 +0000	0 - 0 - 3	uyclvmqe.tt.wy5532.com/	199.115.115.116
2023-02-02 00:17:09 +0000	0 - 0 - 3	1de74.moedcc.wy5532.com/	81.171.22.5

Date	UQ / IDS / BL	URL	IP
2022-12-02 15:54:23 +0000	0 - 0 - 1	tgtggb.7d3df.zl.wy5532.com/	199.115.115.102
2022-12-02 13:58:24 +0000	0 - 0 - 5	imranbataev.blogspot.com/2022/09/player-that- (...)	172.217.21.161
2022-12-02 13:45:13 +0000	0 - 0 - 1	hfgfgf.48324.gw.wy5532.com/	37.48.65.150
2022-12-02 11:29:51 +0000	0 - 0 - 5	get.myboek.xyz/fr-517684339/une-femme-livre-g (...)	172.67.128.71
2022-12-02 10:59:27 +0000	0 - 0 - 5	eu.lnslagging.click/ro/i14s22/telekom/	207.154.225.165

Request	Response
GET / HTTP/1.1 Host: tgrrre.6dcfb.cj.wy5532.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: tgrrre.6dcfb.cj.wy5532.com/ FQDN: tgrrre.6dcfb.cj.wy5532.com IP: 199.115.115.116 HASH: e56f45792049edc3f9d2a80db2bfba0f9ebe8ce196ac7d230757fbfd909720d9 199.115.115.116 HTTP/1.1 200 OK content-type: text/html; charset=utf-8 accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile cache-control: max-age=0, private, must-revalidate connection: close content-length: 487 date: Thu, 01 Dec 2022 23:35:31 GMT server: nginx set-cookie: sid=d856ceee-71d0-11ed-aa09-bc46717a6fef; path=/; domain=.wy5532.com; expires=Wed, 20 Dec 2090 02:49:38 GMT; max-age=2147483647; HttpOnly --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (487), with no line terminators Size: 487 Md5: 823a2edad66342bd2410fa22831e7214 Sha1: 3751dac71f561bcd9850dbef3d0b3af1d9721e33 Sha256: e56f45792049edc3f9d2a80db2bfba0f9ebe8ce196ac7d230757fbfd909720d9 Alerts: Blocklists: - fortinet: Malware
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3817 Cache-Control: max-age=129558 Date: Thu, 01 Dec 2022 23:35:31 GMT Etag: "63888270-1d7" Expires: Sat, 03 Dec 2022 11:34:49 GMT Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT Server: ECS (ska/F71B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 0c748388899e8a8d3680355da2ea5020 Sha1: 903c620cd137613daafb0da0508c37b2f4a67212 Sha256: 39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4768 Expires: Fri, 02 Dec 2022 00:54:59 GMT Date: Thu, 01 Dec 2022 23:35:31 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3bbb845b153026fc5332dd4506585b57 Sha1: 3cad200fac28fd00f34ce6ef79373e661e188743 Sha256: 6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 01 Dec 2022 23:18:10 GMT cache-control: public,max-age=3600 age: 1041 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8292 Expires: Fri, 02 Dec 2022 01:53:43 GMT Date: Thu, 01 Dec 2022 23:35:31 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 55b4c61a1e99001307750e3647fe1102 Sha1: 7559f9f6770b7d3f45b723167062096312641e08 Sha256: 39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: 1Cd1qUSfp6zQLX8F5nQozJoDcapubJSLYBIeW63/+jcTM9dEdAhahQyzSQH0/Uph7NoQ60CX2R8= x-amz-request-id: 52CPJD7CZ0Q1NNJ7 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 01 Dec 2022 22:45:50 GMT age: 2981 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Thu, 01 Dec 2022 23:35:31 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /favicon.ico HTTP/1.1 Host: tgrrre.6dcfb.cj.wy5532.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tgrrre.6dcfb.cj.wy5532.com/ Cookie: sid=d856ceee-71d0-11ed-aa09-bc46717a6fef	URL: tgrrre.6dcfb.cj.wy5532.com/favicon.ico FQDN: tgrrre.6dcfb.cj.wy5532.com IP: 199.115.115.116 HASH: 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9 199.115.115.116 HTTP/1.1 404 Not Found cache-control: max-age=0, private, must-revalidate connection: close content-length: 9 date: Thu, 01 Dec 2022 23:35:31 GMT server: nginx --- Additional Info --- Magic: ASCII text, with no line terminators Size: 9 Md5: d8f4a1993546cc4b850cde3599e27aec Sha1: 094b763b4cfcc0b05e5d040581cd513c3ca08067 Sha256: 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 01 Dec 2022 23:08:56 GMT cache-control: public,max-age=3600 age: 1596 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3811 Cache-Control: max-age=124488 Date: Thu, 01 Dec 2022 23:35:32 GMT Etag: "63886ea9-1d7" Expires: Sat, 03 Dec 2022 10:10:20 GMT Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT Server: ECS (ska/F71B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 1f88399f3fdd89dbb9ca1229cb67143a Sha1: 325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3 Sha256: 831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: lW4CoSXgZn3YTXRTGVbW9A== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 35.163.49.154 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.163.49.154 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: rTnc2ITbxEo2O/NA8pcexfSan10= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2OTk0NDkzMSwiaWF0IjoxNjY5OTM3NzMxLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21jdjE3M3BiNzlkOGszdWMxNGduNjUiLCJuYmYiOjE2Njk5Mzc3MzEsInRzIjoxNjY5OTM3NzMxNTExOTIzfQ.ODp-eaV3Sqiy8EbmSNTncdso_tZNhy--f2ECggwdPPw&sid=d856ceee-71d0-11ed-aa09-bc46717a6fef HTTP/1.1 Host: tgrrre.6dcfb.cj.wy5532.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tgrrre.6dcfb.cj.wy5532.com/ Cookie: sid=d856ceee-71d0-11ed-aa09-bc46717a6fef Upgrade-Insecure-Requests: 1	URL: tgrrre.6dcfb.cj.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiI (...) FQDN: tgrrre.6dcfb.cj.wy5532.com IP: 199.115.115.116 HASH: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47 199.115.115.116 HTTP/1.1 302 Found cache-control: max-age=0, private, must-revalidate connection: close content-length: 11 date: Thu, 01 Dec 2022 23:35:32 GMT location: http://click-v4.expmdiadi.com/click?i=5-ALxyc131o_0 server: nginx set-cookie: sid=d856ceee-71d0-11ed-aa09-bc46717a6fef; path=/; domain=.wy5532.com; expires=Wed, 20 Dec 2090 02:49:39 GMT; max-age=2147483647; HttpOnly --- Additional Info --- Magic: ASCII text, with no line terminators Size: 11 Md5: 32682312d17c7cbf18e73594f5570319 Sha1: 60e22121bdd0bc71cdb2bae2a3aa577006b2eae9 Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /click?i=5-ALxyc131o_0 HTTP/1.1 Host: click-v4.expmdiadi.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://tgrrre.6dcfb.cj.wy5532.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: click-v4.expmdiadi.com/click?i=5-ALxyc131o_0 FQDN: click-v4.expmdiadi.com IP: 198.134.116.17 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 198.134.116.17 HTTP/1.1 302 Found Cache-Control: no-store Content-Length: 0 Age: 0 Connection: keep-alive Location: https://gracelessbrief.com/r5xqa2ie?key=94bb72b4f56ccdde14debe5438dc8bfa&psid=wy5532.com Pragma: no-cache --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 445684a354fcec7174db0c5359eb97ad0d700f9d375bbd817a831c70ce02f04a 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "445684A354FCEC7174DB0C5359EB97AD0D700F9D375BBD817A831C70CE02F04A" Last-Modified: Tue, 29 Nov 2022 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14316 Expires: Fri, 02 Dec 2022 03:34:09 GMT Date: Thu, 01 Dec 2022 23:35:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 755df20cc1c2e1a3d11e35c272be0970 Sha1: e373c6058bd09935bc8d8fa9f56a3d468a990fb3 Sha256: 445684a354fcec7174db0c5359eb97ad0d700f9d375bbd817a831c70ce02f04a
GET /r5xqa2ie?key=94bb72b4f56ccdde14debe5438dc8bfa&psid=wy5532.com HTTP/1.1 Host: gracelessbrief.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://tgrrre.6dcfb.cj.wy5532.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: gracelessbrief.com/r5xqa2ie?key=94bb72b4f56ccdde14debe5 (...) FQDN: gracelessbrief.com IP: 173.233.137.60 HASH: 84d3ac8ef069aba4aa45e02d5dca7a8874d14f5bc37c663ba5d149885e096ed5 173.233.137.60 HTTP/1.1 200 OK Content-Type: text/html Server: nginx/1.19.5 Date: Thu, 01 Dec 2022 23:35:33 GMT Transfer-Encoding: chunked Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Set-Cookie: u_pl=17440963; expires=Fri, 02 Dec 2022 23:35:33 GMT ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQ0MDk2MywiayI6Ijk0YmI3MmI0ZjU2Y2NkZGUxNGRlYmU1NDM4ZGM4YmZhIiwic2lkIjoid3k1NTMyLmNvbSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTcyMjM1OCwicGlkIjozODgwMTIsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzMsImFpZCI6MjgsInB0Ijo0LCJwayI6InI1eHFhMmllIiwidCI6MX0sInBiIjp7InJlcCI6Imh0dHBzOi8vd3d3Lmdvb2dsZS5jb20vIiwiaWYiOnRydWUsIm5jIjpmYWxzZSwibmoiOmZhbHNlLCJpbiI6ZmFsc2UsInRwIjoxLCJuYSI6ZmFsc2V9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3RncnJyZS42ZGNmYi5jai53eTU1MzIuY29tLyJ9fQ.W3y2VxOUvj-fHyf35mlDY5QdtD74K8hcLoFj0LqE8Xw; expires=Thu, 01 Dec 2022 23:36:33 GMT Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: a3c2013864ba158c0d11de6de8d447ef Strict-Transport-Security: max-age=0; includeSubdomains Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (345) Size: 2433 Md5: 8bc174cade74e12847c5f0674ea1b03f Sha1: 743926d2b7d923172a86d4505a8f2226e6e28201 Sha256: 84d3ac8ef069aba4aa45e02d5dca7a8874d14f5bc37c663ba5d149885e096ed5
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7256 Expires: Fri, 02 Dec 2022 01:36:29 GMT Date: Thu, 01 Dec 2022 23:35:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7256 Expires: Fri, 02 Dec 2022 01:36:29 GMT Date: Thu, 01 Dec 2022 23:35:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7256 Expires: Fri, 02 Dec 2022 01:36:29 GMT Date: Thu, 01 Dec 2022 23:35:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7256 Expires: Fri, 02 Dec 2022 01:36:29 GMT Date: Thu, 01 Dec 2022 23:35:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7256 Expires: Fri, 02 Dec 2022 01:36:29 GMT Date: Thu, 01 Dec 2022 23:35:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 15495 x-amzn-requestid: 977cdbce-3a9c-4006-a5a1-5c4c82bd4a94 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cfHDIFxzIAMFzEw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63891ee0-4b2cb3a16ca745537a8caf8c;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: nwKxQKsw8g5zCzfMFu_XpOac5rhImez29TKrycGJzozZyHTzoCHASw== via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google date: Thu, 01 Dec 2022 22:20:06 GMT age: 4527 etag: "f799dfd89a4f5a452dc837b8616549f578fb4184" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 15495 Md5: 82ea44d6cb116fb1f5752ce9bb87e345 Sha1: f799dfd89a4f5a452dc837b8616549f578fb4184 Sha256: e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11402 x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cfGzJHu-IAMFbYA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA== via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Thu, 01 Dec 2022 21:51:33 GMT etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3" age: 6240 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11402 Md5: 1c80b8025242ddfcc816ec612456b99e Sha1: aa944d10fe4a44b790b01ef62edc0f85a6d558e3 Sha256: a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: de9011e1f05fb2f7a202f5a6e6ed7b77a339c0af8d3409e4fc898f2b8c6963ad 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5967 x-amzn-requestid: 889cb78c-7f00-4bd5-8f58-16aeae59f384 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cfGgfFo2IAMF7ig= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63891e02-636955ff357675180ee298ff;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:58 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 7R1Dono_VzhL0RPOfUBX2GC13dxG0n0buPmhAPencEFJ7WupYOUK8w== via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google date: Thu, 01 Dec 2022 21:50:08 GMT age: 6326 etag: "795fd611123ebde700aaff1f0dac862f9cad00dc" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5967 Md5: 4e1372b65928f2addd9d8e44ce63ea0c Sha1: 795fd611123ebde700aaff1f0dac862f9cad00dc Sha256: de9011e1f05fb2f7a202f5a6e6ed7b77a339c0af8d3409e4fc898f2b8c6963ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8863 x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cdG14HBNIAMFdWg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: cgj3fw3lpngosMNOK7cZUZO94T__4RTy_p7wa6rI62OOvhI5E9wMSw== via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google date: Thu, 01 Dec 2022 07:19:21 GMT age: 58573 etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8863 Md5: 156e9ea97b774cbd8361072e4041b6c8 Sha1: fc71ae3cae92ed6011904bb2367f23bf4e69fab4 Sha256: 58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 3b08cf3fad31ee0cf3ee25abc2484fb4283543865a42dfc568b14f9856fd3bb5 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7722 x-amzn-requestid: 8d7c4800-6c06-43ed-afa1-94840d42f591 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cfGy2Gr1IAMFWeQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63891e78-429ae3135d47e3b020c4c7a1;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:56 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: Z8thSamrCRejcAcQEGAp4WpSMzMEvstuZtVpKAjiCH4dyJyf1yihBA== via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google date: Thu, 01 Dec 2022 21:50:11 GMT age: 6323 etag: "d07d6145182f312f3ed86ecf96b4ffa175416fa0" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7722 Md5: cd78aa69439c995167f32b8a41a1f4f6 Sha1: d07d6145182f312f3ed86ecf96b4ffa175416fa0 Sha256: 3b08cf3fad31ee0cf3ee25abc2484fb4283543865a42dfc568b14f9856fd3bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 2942 x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cfGeoGFYoAMFWgA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google date: Thu, 01 Dec 2022 21:34:47 GMT age: 7247 etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 2942 Md5: b47431190f34eccf0a6efb98e2a32b7d Sha1: 9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704 Sha256: 08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /r5xqa2ie?pst=1669937793&rmtc=t&uuid=&pii=&in=false&refer=http%3A%2F%2Ftgrrre.6dcfb.cj.wy5532.com%2F&key=94bb72b4f56ccdde14debe5438dc8bfa&shu=c7f6b92eb357b0055dc1680ea33844b254f630a79a8558d7aaa171f145c3ff59389fb1dd40a0b399ba9cbcd99a5813386cd132094bcce3b4fbed794bc5b49fbcb221e3a8a27c5daa662540303699aaf9a0068b11180f26e52a9b0ad75c649282&fr=0&sw2=1280&sh2=939&sw3=1280&sh3=176&sw4=1280&sh4=939&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1002 HTTP/1.1 Host: gracelessbrief.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gracelessbrief.com/r5xqa2ie?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=17440963 Cookie: u_pl=17440963; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQ0MDk2MywiayI6Ijk0YmI3MmI0ZjU2Y2NkZGUxNGRlYmU1NDM4ZGM4YmZhIiwic2lkIjoid3k1NTMyLmNvbSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTcyMjM1OCwicGlkIjozODgwMTIsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzMsImFpZCI6MjgsInB0Ijo0LCJwayI6InI1eHFhMmllIiwidCI6MX0sInBiIjp7InJlcCI6Imh0dHBzOi8vd3d3Lmdvb2dsZS5jb20vIiwiaWYiOnRydWUsIm5jIjpmYWxzZSwibmoiOmZhbHNlLCJpbiI6ZmFsc2UsInRwIjoxLCJuYSI6ZmFsc2V9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3RncnJyZS42ZGNmYi5jai53eTU1MzIuY29tLyJ9fQ.W3y2VxOUvj-fHyf35mlDY5QdtD74K8hcLoFj0LqE8Xw; cjs=t Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin	URL: gracelessbrief.com/r5xqa2ie?pst=1669937793&rmtc=t&uuid= (...) FQDN: gracelessbrief.com IP: 173.233.137.60 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 173.233.137.60 HTTP/1.1 302 Found Content-Type: text/html Server: nginx/1.19.5 Date: Thu, 01 Dec 2022 23:35:34 GMT Content-Length: 0 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17440963 Set-Cookie: pdhtkv=true; expires=Fri, 02 Dec 2022 23:35:34 GMT uncs=1; expires=Fri, 02 Dec 2022 23:35:34 GMT pdhtkv28=true; expires=Fri, 02 Dec 2022 23:35:34 GMT uncs28=1; expires=Fri, 02 Dec 2022 23:35:34 GMT Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: ee4b89e754dc3bdfd85a2b08d954bb35 Strict-Transport-Security: max-age=0; includeSubdomains --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17440963 HTTP/1.1 Host: adserving.unibet.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://gracelessbrief.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: adserving.unibet.com/redirect.aspx?bid=37950&pid=151355 (...) FQDN: adserving.unibet.com IP: 23.36.79.43 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 23.36.79.43 HTTP/2 307 Temporary Redirect content-type: text/html content-length: 0 location: https://www.unibet.nu/stan/campaign.do?cmpId=2808422&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&sref=ADST&ADST=17440963&affiliateId=1&pid=86234699&bid=37950 p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies" x-aspnet-version: 4.0.30319 request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0 access-control-expose-headers: Request-Context expires: Thu, 01 Dec 2022 23:35:34 GMT cache-control: max-age=0, no-cache, no-store pragma: no-cache date: Thu, 01 Dec 2022 23:35:34 GMT set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86234699%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669937734694)%5c%2f%22%2c%22CookieTag%22%3a%223795086234699451240919C20221212335%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228507355250%7c1%22%7d%5d; domain=.unibet.com; expires=Sat, 01-Dec-3021 23:35:34 GMT; path=/; secure; SameSite=Strict server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=38 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2808422&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&sref=ADST&ADST=17440963&affiliateId=1&pid=86234699&bid=37950 HTTP/1.1 Host: www.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://gracelessbrief.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: www.unibet.nu/stan/campaign.do?cmpId=2808422&affiliateI (...) FQDN: www.unibet.nu IP: 85.184.96.0 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 85.184.96.0 HTTP/2 301 Moved Permanently date: Thu, 01 Dec 2022 23:35:34 GMT content-length: 0 location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2808422&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&sref=ADST&ADST=17440963&affiliateId=1&pid=86234699&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A86234699-37950 set-cookie: JSESSIONID=node01rcu62qdgc79y2106cle8hy771403746.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict __ucbt=node01rcu62qdgc79y2106cle8hy77; Path=/; Domain=.unibet.nu; Expires=Sat, 30-Nov-2024 23:35:34 GMT; Max-Age=63072000; Secure; SameSite=None uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Sat, 30-Nov-2024 23:35:34 GMT; Max-Age=63072000; Secure; SameSite=None uniattr_ref="https://gracelessbrief.com/"; Path=/; Domain=.unibet.nu; Expires=Sat, 30-Nov-2024 23:35:34 GMT; Max-Age=63072000; Secure; SameSite=None UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None campaignId=2808422; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=55405; Secure; SameSite=None framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Dec-2022 23:35:49 GMT; Max-Age=15; Secure; SameSite=None affiliateId=1; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=55405; Secure; SameSite=None B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=55405; Secure; SameSite=None REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None BID=37950; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=55405; Secure; SameSite=None PID=86234699; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=55405; Secure; SameSite=None CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None REFERER=https%3A%2F%2Fgracelessbrief.com%2F; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=55405; Secure; SameSite=None UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=55405; Secure; SameSite=None AFFILIATE_CAMPAIGN_ID=2808422; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=55405; Secure; SameSite=None framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Dec-2022 23:35:49 GMT; Max-Age=15; Secure; SameSite=None campaignId=2808422; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=55405; Secure; SameSite=None framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Dec-2022 23:35:49 GMT; Max-Age=15; Secure; SameSite=None clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure referer: https://gracelessbrief.com/ cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Dec 2022 23:35:34 GMT server: kindred-loadbalancer strict-transport-security: max-age=63072000; preload x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *; x-browser-class: A x-os-class: M x-ooops-debug: /500-pages/www.unibet.nu/index.html X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2808422&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&sref=ADST&ADST=17440963&affiliateId=1&pid=86234699&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A86234699-37950 HTTP/1.1 Host: www.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://gracelessbrief.com/ Connection: keep-alive Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422; clientId=polopoly_desktop Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers	URL: www.unibet.nu/stan/redirecttocampaign.do?cmpId=2808422& (...) FQDN: www.unibet.nu IP: 85.184.96.0 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 85.184.96.0 HTTP/2 301 Moved Permanently date: Thu, 01 Dec 2022 23:35:34 GMT content-length: 0 location: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate expires: Thu, 01 Dec 2022 23:35:34 GMT server: kindred-loadbalancer strict-transport-security: max-age=63072000; preload x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *; x-browser-class: A x-os-class: M x-ooops-debug: /500-pages/www.unibet.nu/index.html X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 6e1846f720e8c94592e906dcde5500fe730a832d753f942070177c682bc6edfa 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4505 Cache-Control: max-age=133091 Date: Thu, 01 Dec 2022 23:35:35 GMT Etag: "63888d91-116" Expires: Sat, 03 Dec 2022 12:33:46 GMT Last-Modified: Thu, 01 Dec 2022 11:18:41 GMT Server: ECS (amb/6B81) X-Cache: HIT Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: e4835011e0eeeab8c7bfd2cfd77bc45f Sha1: 42cbf2f429cafbbcec644142ea8eeff599279241 Sha256: 6e1846f720e8c94592e906dcde5500fe730a832d753f942070177c682bc6edfa
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Dec 2022 23:35:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3519a58310eefa01756f0440e2acd7dd Sha1: 50153382830684a6abb653dc7b4e41d7c7e386b5 Sha256: 5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Dec 2022 23:35:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3519a58310eefa01756f0440e2acd7dd Sha1: 50153382830684a6abb653dc7b4e41d7c7e386b5 Sha256: 5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js FQDN: ajax.googleapis.com IP: 172.217.21.170 HASH: 3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae 172.217.21.170 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 30399 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 29 Nov 2022 12:45:16 GMT expires: Wed, 29 Nov 2023 12:45:16 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 last-modified: Tue, 03 Mar 2020 19:15:00 GMT age: 211819 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65451) Size: 30399 Md5: 0f83cadc148d2ad7e53c91f6c4ee05bb Sha1: 90035c5fffedf4b0f099465f6b929a030b46c92b Sha256: 3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 HTTP/1.1 Host: welcome.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://gracelessbrief.com/ Connection: keep-alive Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/in (...) FQDN: welcome.unibet.nu IP: 104.18.25.188 HASH: 1c76fd4ad105d7cb63fb31d3348e4b90aaa11525d8d615cf1470fb316205d64a 104.18.25.188 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 23:35:35 GMT cache-control: public, max-age=900, immutable content-md5: ALrEeXzHb5XykFNPd2FIIA== last-modified: Mon, 28 Nov 2022 13:31:56 GMT x-ms-request-id: ae8b5b2b-f01e-0048-7fdd-050f35000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * cf-cache-status: MISS vary: Accept-Encoding server: cloudflare cf-ray: 772fa3dc1c20b4f3-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (569) Size: 4105 Md5: 928400042eb071de5689a17bd4cec0a3 Sha1: d4a9996db8c5e89132d891901ea1f6512ce3f8c0 Sha256: 1c76fd4ad105d7cb63fb31d3348e4b90aaa11525d8d615cf1470fb316205d64a
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 716600b6453c753227ffde5d9ceaf03b0f043002665cfcae45b68d0322947139 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3725 Cache-Control: max-age=135201 Date: Thu, 01 Dec 2022 23:35:35 GMT Etag: "638898db-117" Expires: Sat, 03 Dec 2022 13:08:56 GMT Last-Modified: Thu, 01 Dec 2022 12:06:51 GMT Server: ECS (ska/F71B) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: aff15ad9f37f82e3e8971e79b9159670 Sha1: e9414ce7af5599213ab3f50af0b3bc07d2c6c04b Sha256: 716600b6453c753227ffde5d9ceaf03b0f043002665cfcae45b68d0322947139
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Dec 2022 23:35:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3519a58310eefa01756f0440e2acd7dd Sha1: 50153382830684a6abb653dc7b4e41d7c7e386b5 Sha256: 5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Dec 2022 23:35:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3519a58310eefa01756f0440e2acd7dd Sha1: 50153382830684a6abb653dc7b4e41d7c7e386b5 Sha256: 5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 716600b6453c753227ffde5d9ceaf03b0f043002665cfcae45b68d0322947139 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3725 Cache-Control: max-age=135201 Date: Thu, 01 Dec 2022 23:35:35 GMT Etag: "638898db-117" Expires: Sat, 03 Dec 2022 13:08:56 GMT Last-Modified: Thu, 01 Dec 2022 12:06:51 GMT Server: ECS (ska/F71B) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: aff15ad9f37f82e3e8971e79b9159670 Sha1: e9414ce7af5599213ab3f50af0b3bc07d2c6c04b Sha256: 716600b6453c753227ffde5d9ceaf03b0f043002665cfcae45b68d0322947139
GET /nu/pop/sportsbook/football/wc/2022/Unibet_Pro_2020.woff2 HTTP/1.1 Host: welcome.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-styles.css Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/Un (...) FQDN: welcome.unibet.nu IP: 104.18.25.188 HASH: b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b 104.18.25.188 HTTP/2 200 OK content-type: application/font-woff2 date: Thu, 01 Dec 2022 23:35:35 GMT content-length: 10924 cache-control: public, max-age=900, immutable content-md5: DqW8/4SuRIQLbpydEsi5Yw== last-modified: Mon, 28 Nov 2022 13:32:01 GMT etag: "0x8DAD144EEBD06F1" x-ms-request-id: 1e7868bd-101e-0032-3d2e-031275000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * cf-cache-status: HIT age: 295306 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 772fa3df4f59b4f3-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data Size: 10924 Md5: 0ea5bcff84ae44840b6e9c9d12c8b963 Sha1: 6c827e1adb18775d2fdfbbbfef63cc9b66243ed2 Sha256: b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b
GET /nu/pop/sportsbook/football/wc/2022/gambling-commission.png HTTP/1.1 Host: welcome.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/ga (...) FQDN: welcome.unibet.nu IP: 104.18.25.188 HASH: 9c40448a63d65699a785c502f3288ae61601bb9224f99ed8257f74bfc98fc2f5 104.18.25.188 HTTP/2 404 Not Found content-type: application/xml date: Thu, 01 Dec 2022 23:35:35 GMT x-ms-request-id: a0daf5f5-801e-000f-0cdd-05646e000000 x-ms-version: 2014-02-14 access-control-allow-origin: * cf-cache-status: HIT age: 53 vary: Accept-Encoding server: cloudflare cf-ray: 772fa3df3f50b4f3-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text Size: 530267 Md5: 49aec7c7b8d582376e1dda372cbd6d3c Sha1: 626db48a27c18df39c9c03e345787bf6e049c8ce Sha256: 9c40448a63d65699a785c502f3288ae61601bb9224f99ed8257f74bfc98fc2f5
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Dec 2022 23:35:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 188c50963e7939b1f26a31dbcb8c8200 Sha1: 859416e6148ea6618584e53604efcf072bb989cc Sha256: 3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Dec 2022 23:35:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 980f31229421fd11df958496bea34502 Sha1: 648e03f048e6741beb1d4e10099b1429b79e4f00 Sha256: 887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Dec 2022 23:35:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 980f31229421fd11df958496bea34502 Sha1: 648e03f048e6741beb1d4e10099b1429b79e4f00 Sha256: 887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1 Host: use.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://welcome.unibet.nu Connection: keep-alive Referer: https://use.fontawesome.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-9 (...) FQDN: use.fontawesome.com IP: 172.64.133.15 HASH: 9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9 172.64.133.15 HTTP/2 200 OK content-type: font/woff2 date: Thu, 01 Dec 2022 23:35:35 GMT content-length: 74320 x-amz-id-2: PmWziAzgEcFYcHYDEmdSC0yRv5VypkZMAUzrQZi+VBe3q+9GP2NyjCFKPY6Shjc5JCj1TQMJ1XA= x-amz-request-id: N1H1N9Y0RX5NCQ35 access-control-allow-origin: * access-control-allow-methods: GET access-control-max-age: 3000 vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding last-modified: Wed, 30 Jun 2021 15:45:57 GMT etag: "3638e62ea50e6f5859b6a15276c25c87" cache-control: max-age=31556926 cf-cache-status: HIT age: 295299 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4HefMFP%2FgYVrnaUGyZh5IPu85BE29NVu%2FWk46q%2FhAhRS9W4PvldAhDkZxRc2zpbFHHPJRhwZaI7GoIGF58F1mjVvQUwnkbkd3sTGnzxq%2FfCdVaIX1fAa%2Fp398rx7roiyDDAvVSH"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 772fa3df8e7c732a-LHR alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data Size: 74320 Md5: 3638e62ea50e6f5859b6a15276c25c87 Sha1: f5aa1a463e223a294a42b314e1c63a614d594ec0 Sha256: 9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC FQDN: www.googletagmanager.com IP: 142.250.74.168 HASH: bc4a0ab40545e7cfc1d26cea5895ca0e105fc9b0b03d716dac489f74ab056aed 142.250.74.168 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Thu, 01 Dec 2022 23:35:35 GMT expires: Thu, 01 Dec 2022 23:35:35 GMT cache-control: private, max-age=900 last-modified: Thu, 01 Dec 2022 22:13:37 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 80770 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (62112) Size: 80770 Md5: fcdf348e9b51b2752a249665549b1f62 Sha1: 556513680fa176f56a636261cf02eb3ce44a07c4 Sha256: bc4a0ab40545e7cfc1d26cea5895ca0e105fc9b0b03d716dac489f74ab056aed
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://welcome.unibet.nu Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4 (...) FQDN: fonts.gstatic.com IP: 216.58.207.227 HASH: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e 216.58.207.227 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15920 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 30 Nov 2022 19:33:56 GMT expires: Thu, 30 Nov 2023 19:33:56 GMT cache-control: public, max-age=31536000 age: 100899 last-modified: Wed, 11 May 2022 19:24:45 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data Size: 15920 Md5: 3a44e06eb954b96aa043227f3534189d Sha1: 23cef6993ddb2b2979e8e7647fc3763694e2ba7d Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://welcome.unibet.nu Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 FQDN: fonts.gstatic.com IP: 216.58.207.227 HASH: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 216.58.207.227 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15744 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 30 Nov 2022 19:33:54 GMT expires: Thu, 30 Nov 2023 19:33:54 GMT cache-control: public, max-age=31536000 age: 100901 last-modified: Wed, 11 May 2022 19:24:48 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Size: 15744 Md5: 15d9f621c3bd1599f0169dcf0bd5e63e Sha1: 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Dec 2022 23:35:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 188c50963e7939b1f26a31dbcb8c8200 Sha1: 859416e6148ea6618584e53604efcf072bb989cc Sha256: 3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
GET /nu/pop/sportsbook/football/wc/2022/mga-logo.svg HTTP/1.1 Host: welcome.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/mg (...) FQDN: welcome.unibet.nu IP: 104.18.25.188 HASH: 81005f99f626f12251f5afa6c5c959ab4f272cdca4df4b511c827e67d3499885 104.18.25.188 HTTP/2 200 OK content-type: image/svg+xml date: Thu, 01 Dec 2022 23:35:35 GMT cache-control: public, max-age=900, immutable content-md5: FAAw5O0EvruykoHDQoRDMA== last-modified: Mon, 28 Nov 2022 13:31:59 GMT etag: W/"0x8DAD144ED2C40CB" x-ms-request-id: 171ac690-b01e-003b-462e-0357a6000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * cf-cache-status: HIT age: 295306 vary: Accept-Encoding server: cloudflare cf-ray: 772fa3dff81cb4f3-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 2366 Md5: 4ac146d6e6c8eaede71080b267c77ff1 Sha1: 0d8fe2b11afbbec66f2cb1fa5c71accaeeeb56f4 Sha256: 81005f99f626f12251f5afa6c5c959ab4f272cdca4df4b511c827e67d3499885
GET /nu/pop/sportsbook/football/wc/2022/no-payments.svg HTTP/1.1 Host: welcome.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/no (...) FQDN: welcome.unibet.nu IP: 104.18.25.188 HASH: c6cb1aa929085d25e781d2142322b5fc2a5d5e59c22dd496731be73b8ed27303 104.18.25.188 HTTP/2 200 OK content-type: image/svg+xml date: Thu, 01 Dec 2022 23:35:35 GMT cache-control: public, max-age=900, immutable content-md5: eFf1+jVlHZeVusUSI4yq9A== last-modified: Mon, 28 Nov 2022 13:31:59 GMT etag: W/"0x8DAD144ED00071A" x-ms-request-id: 8dc1f3cc-301e-0035-152e-037e16000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * cf-cache-status: HIT age: 295305 vary: Accept-Encoding server: cloudflare cf-ray: 772fa3dff81ab4f3-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 8032 Md5: 28b66e8ad3a9f4a7bf0bf112d884cae5 Sha1: efa1c4ad2dc3efda7bc4d924b5df6fd2c3377bef Sha256: c6cb1aa929085d25e781d2142322b5fc2a5d5e59c22dd496731be73b8ed27303
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1 Host: secure.adnxs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://welcome.unibet.nu/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599 FQDN: secure.adnxs.com IP: 37.252.171.22 HASH: 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef 37.252.171.22 HTTP/1.1 200 OK Content-Type: image/gif Server: nginx/1.21.3 Date: Thu, 01 Dec 2022 23:35:35 GMT Content-Length: 43 Connection: keep-alive Cache-Control: no-store, no-cache, private Pragma: no-cache Expires: Sat, 15 Nov 2008 16:00:00 GMT P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" X-XSS-Protection: 0 Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: * AN-X-Request-Uuid: fdc6ed41-65a7-45b9-8ec5-76c35a067830 Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2Hc't(P='!@wnf-Te9(>wL5L!!'RW$j3o:; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 01-Mar-2023 23:35:35 GMT; Domain=.adnxs.com; Secure; HttpOnly X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: 592ebefc7104d681d57852665e9ad514 Sha1: 15cdf8df32aa251dd6dd590a60bf9cf74474e7c5 Sha256: 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 0a585c37b8fd54f44211656ebd5f2cff82da2fa0248440b97bfa1f903efdb556 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3726 Cache-Control: max-age=113618 Date: Thu, 01 Dec 2022 23:35:35 GMT Etag: "6388448b-1d7" Expires: Sat, 03 Dec 2022 07:09:13 GMT Last-Modified: Thu, 01 Dec 2022 06:07:07 GMT Server: ECS (ska/F71B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: b6f6bd19f5a3bedf28d81978c874b564 Sha1: cf0a80f89e6ce6b74f6067a998009aba65ca8e7b Sha256: 0a585c37b8fd54f44211656ebd5f2cff82da2fa0248440b97bfa1f903efdb556
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1669937734192 HTTP/1.1 Host: dpm.demdex.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Origin: https://welcome.unibet.nu Connection: keep-alive Referer: https://welcome.unibet.nu/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_r (...) FQDN: dpm.demdex.net IP: 52.31.218.182 HASH: bdd0f5965d2f703b3dab3da8550f2fd3d99cdd4db6c0808a04b1edfe34b37ba9 52.31.218.182 HTTP/1.1 200 OK Content-Type: application/json;charset=utf-8 Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: https://welcome.unibet.nu Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding: gzip DCS: dcs-prod-irl1-1-v045-0ed41892e.edge-irl1.demdex.com 2 ms Expires: Thu, 01 Jan 1970 00:00:00 UTC P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma: no-cache set-cookie: demdex=05007804246310436882331277649915151048; Max-Age=15552000; Expires=Tue, 30 May 2023 23:35:36 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-TID: PoTdwS+VQLk= Content-Length: 499 Connection: keep-alive --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (791), with no line terminators Size: 499 Md5: 0ac2c8b157308d2ea213cb436bbc98fb Sha1: e9b8205c59096106a5f0c85153cf798801970512 Sha256: bdd0f5965d2f703b3dab3da8550f2fd3d99cdd4db6c0808a04b1edfe34b37ba9
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 71d96bf3e61eaa1e642f9b689186ad797eebc63d310697c38109f657f9bd8ba9 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3082 Cache-Control: max-age=118368 Date: Thu, 01 Dec 2022 23:35:36 GMT Etag: "6388599e-1d7" Expires: Sat, 03 Dec 2022 08:28:24 GMT Last-Modified: Thu, 01 Dec 2022 07:37:02 GMT Server: ECS (ska/F71B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 4cdb8bd3c353b381182d275152478ead Sha1: 63a9e15d791d4a530dec2c7209d2f10d48310722 Sha256: 71d96bf3e61eaa1e642f9b689186ad797eebc63d310697c38109f657f9bd8ba9
GET /nu/pop/sportsbook/football/wc/2022/utv-logo.svg HTTP/1.1 Host: welcome.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/ut (...) FQDN: welcome.unibet.nu IP: 104.18.25.188 HASH: 1d4c0b344e358a4ff2771e43e5cdf6492cb1ad2a1219cc3581654015c84fa87f 104.18.25.188 HTTP/2 200 OK content-type: image/svg+xml date: Thu, 01 Dec 2022 23:35:35 GMT cache-control: public, max-age=900, immutable content-md5: QazcDvviTF55mXL/M8kCWQ== last-modified: Mon, 28 Nov 2022 13:31:57 GMT etag: W/"0x8DAD144EC5A693D" x-ms-request-id: a2fad51d-401e-003f-082e-03daa1000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * cf-cache-status: HIT age: 295307 vary: Accept-Encoding server: cloudflare cf-ray: 772fa3de0e85b4f3-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (807), with no line terminators Size: 464 Md5: 892063bf15171f6ff770a90876c450a6 Sha1: 927bb48de12dd7d209d5a5cd2e387cde55647a1f Sha256: 1d4c0b344e358a4ff2771e43e5cdf6492cb1ad2a1219cc3581654015c84fa87f
GET /dest5.html?d_nsid=0 HTTP/1.1 Host: unibet.demdex.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: unibet.demdex.net/dest5.html?d_nsid=0 FQDN: unibet.demdex.net IP: 3.248.125.109 HASH: de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12 3.248.125.109 HTTP/1.1 200 OK Content-Type: text/html;charset=UTF-8 Accept-Ranges: bytes Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding: gzip date: Thu, 1 Dec 2022 23:35:36 GMT DCS: dcs-prod-irl1-1-v045-06ebc79ba.edge-irl1.demdex.com 0 ms Expires: Thu, 01 Jan 1970 00:00:00 UTC last-modified: Wed, 9 Nov 2022 03:35:09 GMT P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma: no-cache Strict-Transport-Security: max-age=31536000; includeSubDomains vary: accept-encoding X-TID: USFQSXr0SPg= Content-Length: 2791 Connection: keep-alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550) Size: 2791 Md5: ccbdcb1e84c241950763ec4cd516cdfc Sha1: 55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c Sha256: de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s37702784168531?AQB=1&ndh=1&pf=1&t=1%2F11%2F2022%2023%3A35%3A34%204%200&mid=05038191241693255552329646738756042579&aamlh=6&ce=UTF-8&pageName=LP%3ACopy%20of%202022%20-%20WC%20-%20Sports%20LP&g=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A86234699-37950%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26bid%3D37950%26campaignId%3D2808422%26pid%3D86234699&r=https%3A%2F%2Fgracelessbrief.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A86234699-37950%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26bid%3D37950%26campaignId%3D2808422%26pid%3D86234699&v1=welcome.unibet.nu%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Afootball%3Awc%3A2022%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.nu&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=11%3A35%20PM%7CThursday&v6=11%3A35%20PM%7CThursday&v11=GBP&c14=New&v14=New&c16=1669937734&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A86234699-37950&v122=NONE&v124=2808422&v125=127656177_7B56825A69744BBD8795A5137FE3DDFF&v126=86234699&v127=37950&v134=1669937734&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1 Host: unibetlondonltd.d3.sc.omtrdc.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibe (...) FQDN: unibetlondonltd.d3.sc.omtrdc.net IP: 15.188.95.229 HASH: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 15.188.95.229 HTTP/2 200 OK content-type: image/gif;charset=utf-8 access-control-allow-origin: * date: Thu, 01 Dec 2022 23:35:36 GMT expires: Wed, 30 Nov 2022 23:35:36 GMT last-modified: Fri, 02 Dec 2022 23:35:36 GMT pragma: no-cache p3p: CP="This is not a P3P policy" server: jag etag: 3586163982544601088-4619732735574748651 vary: * content-length: 43 cache-control: no-cache, no-store, max-age=0, no-transform, private x-xss-protection: 1; mode=block x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 2 x 2\012- data Size: 43 Md5: ad480fd0732d0f6f1a8b06359e3a42bb Sha1: a544538683a2dfe574eeb2e358ac8fcc78289d50 Sha256: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.88 HASH: b0c7d770db35c8d46ceee9200064beea254031b7068a353c095e31f30bc1c103 143.204.42.88 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=97997 Date: Thu, 01 Dec 2022 23:35:36 GMT Etag: "63880f28-1d7" Expires: Sat, 03 Dec 2022 02:48:53 GMT Last-Modified: Thu, 01 Dec 2022 02:19:20 GMT Server: ECS (nyb/1D2B) X-Cache: Miss from cloudfront Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: esm-aWRMQuRcvAotACIdf5Pp0KT-OZk5eJDrskIZJM02_4iv1McUsQ== Age: 1773 --- Additional Info --- Magic: data Size: 471 Md5: ecb338d207a80eba19beccfcc033a979 Sha1: 08b06c7c842be432375e74c00ff29728c49af90f Sha256: b0c7d770db35c8d46ceee9200064beea254031b7068a353c095e31f30bc1c103
GET /cm/dd?d_uuid=05007804246310436882331277649915151048 HTTP/1.1 Host: cm.everesttech.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cm.everesttech.net/cm/dd?d_uuid=05007804246310436882331 (...) FQDN: cm.everesttech.net IP: 52.27.225.128 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.27.225.128 HTTP/1.1 302 Date: Thu, 01 Dec 2022 23:35:36 GMT Content-Length: 0 Connection: keep-alive Set-Cookie: everest_g_v2=g_surferid~Y4k6SAAAAHxE8wNx; Domain=.everesttech.net; Expires=Fri, 01-Dec-2023 23:35:36 GMT; Path=/ everest_session_v2=Y4k6SAAAAHxE9ANx; Domain=.everesttech.net; Path=/ P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM" Cache-Control: no-cache Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4k6SAAAAHxE8wNx Server: AMO-cookiemap/1.1 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y4k6SAAAAHxE8wNx HTTP/1.1 Host: dpm.demdex.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://welcome.unibet.nu/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: dpm.demdex.net/ibs:dpid=411&dpuuid=Y4k6SAAAAHxE8wNx FQDN: dpm.demdex.net IP: 52.31.218.182 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.31.218.182 HTTP/1.1 302 Found Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private DCS: dcs-prod-irl1-2-v045-001bf2e72.edge-irl1.demdex.com 0 ms Expires: Thu, 01 Jan 1970 00:00:00 UTC Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4k6SAAAAHxE8wNx P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma: no-cache set-cookie: demdex=49401498200505885613284039067696567407; Max-Age=15552000; Expires=Tue, 30 May 2023 23:35:36 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None Strict-Transport-Security: max-age=31536000; includeSubDomains X-TID: VdfIrMWxTDc= Content-Length: 0 Connection: keep-alive --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4k6SAAAAHxE8wNx HTTP/1.1 Host: dpm.demdex.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://welcome.unibet.nu/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuui (...) FQDN: dpm.demdex.net IP: 52.31.218.182 HASH: 4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13 52.31.218.182 HTTP/1.1 200 OK Content-Type: image/gif Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding: gzip DCS: dcs-prod-irl1-2-v045-00b096905.edge-irl1.demdex.com 0 ms Expires: Thu, 01 Jan 1970 00:00:00 UTC P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma: no-cache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-TID: UY97scRwT6Q= Content-Length: 59 Connection: keep-alive --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 59 Md5: 1251cd5e5c2def4c046309375f87c1c1 Sha1: e02d6b0c6a5c495c15985e2832e335eda8528c80 Sha256: 4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /widget/betslip/betslip.js HTTP/1.1 Host: welcome.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: welcome.unibet.nu/widget/betslip/betslip.js FQDN: welcome.unibet.nu IP: 104.18.25.188 104.18.25.188 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 23:35:35 GMT cache-control: public, max-age=900, immutable content-md5: V3DcYDl/+4NNEoCqe8670A== last-modified: Tue, 15 Jan 2019 09:54:22 GMT etag: W/"0x8D67ACF6D112CB5" x-ms-request-id: 9491108d-c01e-000e-6d20-ff3bb2000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * cf-cache-status: HIT age: 136256 vary: Accept-Encoding server: cloudflare cf-ray: 772fa3df1f38b4f3-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /nu/pop/sportsbook/football/wc/2022/favicon.ico HTTP/1.1 Host: welcome.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/fa (...) FQDN: welcome.unibet.nu IP: 104.18.25.188 104.18.25.188 HTTP/2 200 OK content-type: image/x-icon date: Thu, 01 Dec 2022 23:35:35 GMT cache-control: public, max-age=900, immutable content-md5: rS2fRBxmkqgGx7Qnuz5TbQ== last-modified: Mon, 28 Nov 2022 13:31:57 GMT etag: W/"0x8DAD144EBE68286" x-ms-request-id: 1180807f-f01e-0077-172e-03c796000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * cf-cache-status: HIT age: 295305 vary: Accept-Encoding server: cloudflare cf-ray: 772fa3e03844b4f3-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /orval/tracking/lastclick.min.js HTTP/1.1 Host: a1s.unibet.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: a1s.unibet.com/orval/tracking/lastclick.min.js FQDN: a1s.unibet.com IP: 85.184.96.5 85.184.96.5 HTTP/2 200 OK content-type: application/javascript date: Thu, 01 Dec 2022 23:35:35 GMT vary: Accept-Encoding last-modified: Fri, 05 Aug 2022 12:55:24 GMT etag: W/"705-5e57dfac7ede0" cache-control: max-age=1800, public, must-revalidate content-encoding: gzip server: kindred-loadbalancer strict-transport-security: max-age=63072000; preload x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *; x-browser-class: A x-os-class: M set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure X-Firefox-Spdy: h2 --- Additional Info ---
GET /nu/pop/sportsbook/football/wc/2022/icon-expert.svg HTTP/1.1 Host: welcome.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/ic (...) FQDN: welcome.unibet.nu IP: 104.18.25.188 104.18.25.188 HTTP/2 200 OK content-type: image/svg+xml date: Thu, 01 Dec 2022 23:35:35 GMT cache-control: public, max-age=900, immutable content-md5: Z4302O+bSqlX5UM92U+35A== last-modified: Mon, 28 Nov 2022 13:32:00 GMT etag: W/"0x8DAD144EDFDF14E" x-ms-request-id: 0ae8f43d-c01e-0043-522e-03f45e000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * cf-cache-status: HIT age: 295307 vary: Accept-Encoding server: cloudflare cf-ray: 772fa3de1e8eb4f3-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /nu/pop/sportsbook/football/wc/2022/gb-when-the-fun-stops.svg HTTP/1.1 Host: welcome.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gb (...) FQDN: welcome.unibet.nu IP: 104.18.25.188 104.18.25.188 HTTP/2 200 OK content-type: image/svg+xml date: Thu, 01 Dec 2022 23:35:35 GMT cache-control: public, max-age=900, immutable content-md5: aKFt6UnI1NUrF+upCSAbIA== last-modified: Mon, 28 Nov 2022 13:31:59 GMT etag: W/"0x8DAD144ED1D9CEE" x-ms-request-id: e9b0b4f7-401e-005d-682e-031886000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * cf-cache-status: HIT age: 295307 vary: Accept-Encoding server: cloudflare cf-ray: 772fa3de1e93b4f3-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /releases/v5.7.1/css/all.css HTTP/1.1 Host: use.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://welcome.unibet.nu Connection: keep-alive Referer: https://welcome.unibet.nu/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: use.fontawesome.com/releases/v5.7.1/css/all.css FQDN: use.fontawesome.com IP: 172.64.133.15 172.64.133.15 HTTP/2 200 OK content-type: text/css date: Thu, 01 Dec 2022 23:35:35 GMT x-amz-id-2: BTwL7dWf0q+Mv7N/dh7iT0PRbEDxamXFdvhCLtH8t5qudZu/vhgM01fzuSkejSlbFsNDa/Mvc6o= x-amz-request-id: N1H88TMA9YCZMSHV access-control-allow-origin: * access-control-allow-methods: GET access-control-max-age: 3000 vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding last-modified: Wed, 30 Jun 2021 15:45:37 GMT etag: W/"7b1d7f457d056ace7b230b587b9f3753" cache-control: max-age=31556926 cf-cache-status: HIT age: 295300 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xepCFtspcEE3CACiYm1Gy5ACyyvQxLSnMQusKGvmaEYiToehcPhqcLEQ8Ii%2BeJUJREE7T8%2B%2Fwtr2n3ycn65JnmvHpExs%2FdkFQfdvrMRgAKnQvdCoD%2B2f7iM7ROmLXZ34wJFMr10X"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 772fa3decd7c732a-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /nu/pop/sportsbook/football/wc/2022/unibet-logo.svg HTTP/1.1 Host: welcome.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/un (...) FQDN: welcome.unibet.nu IP: 104.18.25.188 104.18.25.188 HTTP/2 200 OK content-type: image/svg+xml date: Thu, 01 Dec 2022 23:35:35 GMT cache-control: public, max-age=900, immutable content-md5: cw5jdwcrd9gLyjDZb7Y7Jw== last-modified: Mon, 28 Nov 2022 13:31:58 GMT etag: W/"0x8DAD144EC848066" x-ms-request-id: 561aba3e-701e-0079-042e-03ee26000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * cf-cache-status: HIT age: 295307 vary: Accept-Encoding server: cloudflare cf-ray: 772fa3de0e82b4f3-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /nu/pop/sportsbook/football/wc/2022/1-main.js HTTP/1.1 Host: welcome.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1- (...) FQDN: welcome.unibet.nu IP: 104.18.25.188 104.18.25.188 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 23:35:35 GMT cache-control: public, max-age=900, immutable content-md5: EqJ6l4cI9XyehxuJDe4EbA== last-modified: Mon, 28 Nov 2022 13:31:57 GMT etag: W/"0x8DAD144EC00E48F" x-ms-request-id: afdbac43-801e-0030-032e-03accd000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * cf-cache-status: HIT age: 295307 vary: Accept-Encoding server: cloudflare cf-ray: 772fa3ddfe7eb4f3-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /custom.js HTTP/1.1 Host: welcome.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: welcome.unibet.nu/custom.js FQDN: welcome.unibet.nu IP: 104.18.25.188 104.18.25.188 HTTP/2 200 OK content-type: application/javascript date: Thu, 01 Dec 2022 23:35:35 GMT content-md5: e/Aekt1V1fopj1X7y5r9MA== last-modified: Tue, 29 Mar 2022 08:25:09 GMT etag: W/"0x8DA115DA300B0C1" x-ms-request-id: 126f410e-701e-000b-2310-f9e969000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * cf-cache-status: HIT age: 197641 vary: Accept-Encoding server: cloudflare cf-ray: 772fa3de0e81b4f3-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /nu/pop/sportsbook/football/wc/2022/icon-trust.svg HTTP/1.1 Host: welcome.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/ic (...) FQDN: welcome.unibet.nu IP: 104.18.25.188 104.18.25.188 HTTP/2 200 OK content-type: image/svg+xml date: Thu, 01 Dec 2022 23:35:35 GMT cache-control: public, max-age=900, immutable content-md5: 9k4H3E55HXB5I94VinrUOQ== last-modified: Mon, 28 Nov 2022 13:32:00 GMT etag: W/"0x8DAD144EDF69F62" x-ms-request-id: 7fc6adee-f01e-0067-3e2e-0302fe000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * cf-cache-status: HIT age: 295307 vary: Accept-Encoding server: cloudflare cf-ray: 772fa3de1e8cb4f3-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /nu/pop/sportsbook/football/wc/2022/icon-casino.svg HTTP/1.1 Host: welcome.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/ic (...) FQDN: welcome.unibet.nu IP: 104.18.25.188 104.18.25.188 HTTP/2 200 OK content-type: image/svg+xml date: Thu, 01 Dec 2022 23:35:35 GMT cache-control: public, max-age=900, immutable content-md5: u/57C1Al21ESpXtbDs6sbw== last-modified: Mon, 28 Nov 2022 13:32:00 GMT etag: W/"0x8DAD144EDEFC297" x-ms-request-id: 65dca035-e01e-0026-142e-035a1a000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * cf-cache-status: HIT age: 295307 vary: Accept-Encoding server: cloudflare cf-ray: 772fa3de1e8fb4f3-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://welcome.unibet.nu Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4 (...) FQDN: fonts.gstatic.com IP: 216.58.207.227 216.58.207.227 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15740 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 30 Nov 2022 19:34:15 GMT expires: Thu, 30 Nov 2023 19:34:15 GMT cache-control: public, max-age=31536000 age: 100880 last-modified: Wed, 11 May 2022 19:24:56 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /nu/pop/sportsbook/football/wc/2022/18-plus.svg HTTP/1.1 Host: welcome.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/18 (...) FQDN: welcome.unibet.nu IP: 104.18.25.188 104.18.25.188 HTTP/2 200 OK content-type: image/svg+xml date: Thu, 01 Dec 2022 23:35:35 GMT cache-control: public, max-age=900, immutable content-md5: DtBEzXf8HuXNecd90Rx/1w== last-modified: Mon, 28 Nov 2022 13:31:58 GMT etag: W/"0x8DAD144EC6AE193" x-ms-request-id: 561abf3d-701e-0079-582e-03ee26000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * cf-cache-status: HIT age: 295305 vary: Accept-Encoding server: cloudflare cf-ray: 772fa3e00823b4f3-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /nu/pop/sportsbook/football/wc/2022/1-styles.css HTTP/1.1 Host: welcome.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1- (...) FQDN: welcome.unibet.nu IP: 104.18.25.188 104.18.25.188 HTTP/2 200 OK content-type: text/css; charset=utf-8 date: Thu, 01 Dec 2022 23:35:35 GMT cache-control: public, max-age=900, immutable content-md5: lMc9drvQACpBd5pyJgR1QA== last-modified: Mon, 28 Nov 2022 13:31:57 GMT etag: W/"0x8DAD144EBD101D6" x-ms-request-id: 48012a01-901e-0061-2e2e-033141000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * cf-cache-status: HIT age: 295307 vary: Accept-Encoding server: cloudflare cf-ray: 772fa3ddfe7db4f3-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /nu/pop/sportsbook/football/wc/2022/gambling-commission.png HTTP/1.1 Host: welcome.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/ga (...) FQDN: welcome.unibet.nu IP: 104.18.25.188 104.18.25.188 HTTP/2 404 Not Found content-type: application/xml date: Thu, 01 Dec 2022 23:35:35 GMT x-ms-request-id: a0daf5f5-801e-000f-0cdd-05646e000000 x-ms-version: 2014-02-14 access-control-allow-origin: * cf-cache-status: HIT age: 53 vary: Accept-Encoding server: cloudflare cf-ray: 772fa3de1e90b4f3-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /nu/pop/sportsbook/football/wc/2022/com-payments.svg HTTP/1.1 Host: welcome.unibet.nu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/co (...) FQDN: welcome.unibet.nu IP: 104.18.25.188 104.18.25.188 HTTP/2 200 OK content-type: image/svg+xml date: Thu, 01 Dec 2022 23:35:35 GMT cache-control: public, max-age=900, immutable content-md5: vwb7ospRft2xzGDtJvR3WA== last-modified: Mon, 28 Nov 2022 13:31:58 GMT etag: W/"0x8DAD144ECAF33B2" x-ms-request-id: 9c6ff72a-a01e-0018-0d2e-03cd65000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * cf-cache-status: HIT age: 295307 vary: Accept-Encoding server: cloudflare cf-ray: 772fa3de1e91b4f3-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /css?family=Roboto:300,400,500 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://welcome.unibet.nu/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Roboto:300,400,500 FQDN: fonts.googleapis.com IP: 142.250.74.106 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Thu, 01 Dec 2022 23:35:35 GMT date: Thu, 01 Dec 2022 23:35:35 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950" 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=4768 

                                        
                                            
Expires: Fri, 02 Dec 2022 00:54:59 GMT 

                                        
                                            
Date: Thu, 01 Dec 2022 23:35:31 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    3bbb845b153026fc5332dd4506585b57

                                                Sha1:   3cad200fac28fd00f34ce6ef79373e661e188743

                                                Sha256: 6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA" 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=8292 

                                        
                                            
Expires: Fri, 02 Dec 2022 01:53:43 GMT 

                                        
                                            
Date: Thu, 01 Dec 2022 23:35:31 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    55b4c61a1e99001307750e3647fe1102

                                                Sha1:   7559f9f6770b7d3f45b723167062096312641e08

                                                Sha256: 39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 01 Dec 2022 23:35:31 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 329 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Thu, 01 Dec 2022 23:08:56 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 1596 

                                        
                                            
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
etag: "1648230346554" 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: lW4CoSXgZn3YTXRTGVbW9A== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         35.163.49.154

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: rTnc2ITbxEo2O/NA8pcexfSan10= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /click?i=5-ALxyc131o_0 HTTP/1.1 

                                        
                                            
Host: click-v4.expmdiadi.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Referer: http://tgrrre.6dcfb.cj.wy5532.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         198.134.116.17

                                        
                                            HTTP/1.1 302 Found

                                        

                                        
                                            
Cache-Control: no-store 

                                        
                                            
Content-Length: 0 

                                        
                                            
Age: 0 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Location: https://gracelessbrief.com/r5xqa2ie?key=94bb72b4f56ccdde14debe5438dc8bfa&psid=wy5532.com 

                                        
                                            
Pragma: no-cache 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /r5xqa2ie?key=94bb72b4f56ccdde14debe5438dc8bfa&psid=wy5532.com HTTP/1.1 

                                        
                                            
Host: gracelessbrief.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: http://tgrrre.6dcfb.cj.wy5532.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         173.233.137.60

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html

                                        

                                        
                                            
Server: nginx/1.19.5 

                                        
                                            
Date: Thu, 01 Dec 2022 23:35:33 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" 

                                        
                                            
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA 

                                        
                                            
Set-Cookie: u_pl=17440963; expires=Fri, 02 Dec 2022 23:35:33 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQ0MDk2MywiayI6Ijk0YmI3MmI0ZjU2Y2NkZGUxNGRlYmU1NDM4ZGM4YmZhIiwic2lkIjoid3k1NTMyLmNvbSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTcyMjM1OCwicGlkIjozODgwMTIsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzMsImFpZCI6MjgsInB0Ijo0LCJwayI6InI1eHFhMmllIiwidCI6MX0sInBiIjp7InJlcCI6Imh0dHBzOi8vd3d3Lmdvb2dsZS5jb20vIiwiaWYiOnRydWUsIm5jIjpmYWxzZSwibmoiOmZhbHNlLCJpbiI6ZmFsc2UsInRwIjoxLCJuYSI6ZmFsc2V9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3RncnJyZS42ZGNmYi5jai53eTU1MzIuY29tLyJ9fQ.W3y2VxOUvj-fHyf35mlDY5QdtD74K8hcLoFj0LqE8Xw; expires=Thu, 01 Dec 2022 23:36:33 GMT 

                                        
                                            
Expires: Thu, 01 Jan 1970 00:00:01 GMT 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
X-Request-ID: a3c2013864ba158c0d11de6de8d447ef 

                                        
                                            
Strict-Transport-Security: max-age=0; includeSubdomains 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (345)

                                                Size:   2433

                                                Md5:    8bc174cade74e12847c5f0674ea1b03f

                                                Sha1:   743926d2b7d923172a86d4505a8f2226e6e28201

                                                Sha256: 84d3ac8ef069aba4aa45e02d5dca7a8874d14f5bc37c663ba5d149885e096ed5

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=7256 

                                        
                                            
Expires: Fri, 02 Dec 2022 01:36:29 GMT 

                                        
                                            
Date: Thu, 01 Dec 2022 23:35:33 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    ecab83d593cc540b02689be5be7abc8a

                                                Sha1:   81cda579b7b9b22332b85266b0126585f3d3f73f

                                                Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=7256 

                                        
                                            
Expires: Fri, 02 Dec 2022 01:36:29 GMT 

                                        
                                            
Date: Thu, 01 Dec 2022 23:35:33 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    ecab83d593cc540b02689be5be7abc8a

                                                Sha1:   81cda579b7b9b22332b85266b0126585f3d3f73f

                                                Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 15495 

                                        
                                            
x-amzn-requestid: 977cdbce-3a9c-4006-a5a1-5c4c82bd4a94 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cfHDIFxzIAMFzEw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63891ee0-4b2cb3a16ca745537a8caf8c;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: nwKxQKsw8g5zCzfMFu_XpOac5rhImez29TKrycGJzozZyHTzoCHASw== 

                                        
                                            
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 01 Dec 2022 22:20:06 GMT 

                                        
                                            
age: 4527 

                                        
                                            
etag: "f799dfd89a4f5a452dc837b8616549f578fb4184" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   15495

                                                Md5:    82ea44d6cb116fb1f5752ce9bb87e345

                                                Sha1:   f799dfd89a4f5a452dc837b8616549f578fb4184

                                                Sha256: e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 5967 

                                        
                                            
x-amzn-requestid: 889cb78c-7f00-4bd5-8f58-16aeae59f384 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cfGgfFo2IAMF7ig= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63891e02-636955ff357675180ee298ff;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:58 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: 7R1Dono_VzhL0RPOfUBX2GC13dxG0n0buPmhAPencEFJ7WupYOUK8w== 

                                        
                                            
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 01 Dec 2022 21:50:08 GMT 

                                        
                                            
age: 6326 

                                        
                                            
etag: "795fd611123ebde700aaff1f0dac862f9cad00dc" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   5967

                                                Md5:    4e1372b65928f2addd9d8e44ce63ea0c

                                                Sha1:   795fd611123ebde700aaff1f0dac862f9cad00dc

                                                Sha256: de9011e1f05fb2f7a202f5a6e6ed7b77a339c0af8d3409e4fc898f2b8c6963ad

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 7722 

                                        
                                            
x-amzn-requestid: 8d7c4800-6c06-43ed-afa1-94840d42f591 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cfGy2Gr1IAMFWeQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63891e78-429ae3135d47e3b020c4c7a1;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:56 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: Z8thSamrCRejcAcQEGAp4WpSMzMEvstuZtVpKAjiCH4dyJyf1yihBA== 

                                        
                                            
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 01 Dec 2022 21:50:11 GMT 

                                        
                                            
age: 6323 

                                        
                                            
etag: "d07d6145182f312f3ed86ecf96b4ffa175416fa0" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   7722

                                                Md5:    cd78aa69439c995167f32b8a41a1f4f6

                                                Sha1:   d07d6145182f312f3ed86ecf96b4ffa175416fa0

                                                Sha256: 3b08cf3fad31ee0cf3ee25abc2484fb4283543865a42dfc568b14f9856fd3bb5

                                        
                                            GET /r5xqa2ie?pst=1669937793&rmtc=t&uuid=&pii=&in=false&refer=http%3A%2F%2Ftgrrre.6dcfb.cj.wy5532.com%2F&key=94bb72b4f56ccdde14debe5438dc8bfa&shu=c7f6b92eb357b0055dc1680ea33844b254f630a79a8558d7aaa171f145c3ff59389fb1dd40a0b399ba9cbcd99a5813386cd132094bcce3b4fbed794bc5b49fbcb221e3a8a27c5daa662540303699aaf9a0068b11180f26e52a9b0ad75c649282&fr=0&sw2=1280&sh2=939&sw3=1280&sh3=176&sw4=1280&sh4=939&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1002 HTTP/1.1 

                                        
                                            
Host: gracelessbrief.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://gracelessbrief.com/r5xqa2ie?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=17440963 

                                        
                                            
Cookie: u_pl=17440963; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQ0MDk2MywiayI6Ijk0YmI3MmI0ZjU2Y2NkZGUxNGRlYmU1NDM4ZGM4YmZhIiwic2lkIjoid3k1NTMyLmNvbSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTcyMjM1OCwicGlkIjozODgwMTIsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzMsImFpZCI6MjgsInB0Ijo0LCJwayI6InI1eHFhMmllIiwidCI6MX0sInBiIjp7InJlcCI6Imh0dHBzOi8vd3d3Lmdvb2dsZS5jb20vIiwiaWYiOnRydWUsIm5jIjpmYWxzZSwibmoiOmZhbHNlLCJpbiI6ZmFsc2UsInRwIjoxLCJuYSI6ZmFsc2V9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3RncnJyZS42ZGNmYi5jai53eTU1MzIuY29tLyJ9fQ.W3y2VxOUvj-fHyf35mlDY5QdtD74K8hcLoFj0LqE8Xw; cjs=t 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         173.233.137.60

                                        
                                            HTTP/1.1 302 Found 

                                        
                                            
Content-Type: text/html

                                        

                                        
                                            
Server: nginx/1.19.5 

                                        
                                            
Date: Thu, 01 Dec 2022 23:35:34 GMT 

                                        
                                            
Content-Length: 0 

                                        
                                            
Connection: keep-alive 

                                        
                                            
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" 

                                        
                                            
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA 

                                        
                                            
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17440963 

                                        
                                            
Set-Cookie: pdhtkv=true; expires=Fri, 02 Dec 2022 23:35:34 GMT
uncs=1; expires=Fri, 02 Dec 2022 23:35:34 GMT
pdhtkv28=true; expires=Fri, 02 Dec 2022 23:35:34 GMT
uncs28=1; expires=Fri, 02 Dec 2022 23:35:34 GMT 

                                        
                                            
Expires: Thu, 01 Jan 1970 00:00:01 GMT 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
X-Request-ID: ee4b89e754dc3bdfd85a2b08d954bb35 

                                        
                                            
Strict-Transport-Security: max-age=0; includeSubdomains 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /stan/campaign.do?cmpId=2808422&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&sref=ADST&ADST=17440963&affiliateId=1&pid=86234699&bid=37950 HTTP/1.1 

                                        
                                            
Host: www.unibet.nu

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://gracelessbrief.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         85.184.96.0

                                        
                                            HTTP/2 301 Moved Permanently

                                        

                                        
                                            
date: Thu, 01 Dec 2022 23:35:34 GMT 

                                        
                                            
content-length: 0 

                                        
                                            
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2808422&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&sref=ADST&ADST=17440963&affiliateId=1&pid=86234699&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A86234699-37950 

                                        
                                            
set-cookie: JSESSIONID=node01rcu62qdgc79y2106cle8hy771403746.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01rcu62qdgc79y2106cle8hy77; Path=/; Domain=.unibet.nu; Expires=Sat, 30-Nov-2024 23:35:34 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Sat, 30-Nov-2024 23:35:34 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://gracelessbrief.com/"; Path=/; Domain=.unibet.nu; Expires=Sat, 30-Nov-2024 23:35:34 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=2808422; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=55405; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Dec-2022 23:35:49 GMT; Max-Age=15; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=55405; Secure; SameSite=None
B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=55405; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=55405; Secure; SameSite=None
PID=86234699; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=55405; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fgracelessbrief.com%2F; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=55405; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=55405; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=2808422; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=55405; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Dec-2022 23:35:49 GMT; Max-Age=15; Secure; SameSite=None
campaignId=2808422; Path=/; Domain=.unibet.nu; Expires=Fri, 02-Dec-2022 14:58:59 GMT; Max-Age=55405; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Dec-2022 23:35:49 GMT; Max-Age=15; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure 

                                        
                                            
referer: https://gracelessbrief.com/ 

                                        
                                            
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate 

                                        
                                            
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Dec 2022 23:35:34 GMT 

                                        
                                            
server: kindred-loadbalancer 

                                        
                                            
strict-transport-security: max-age=63072000; preload 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *; 

                                        
                                            
x-browser-class: A 

                                        
                                            
x-os-class: M 

                                        
                                            
x-ooops-debug: /500-pages/www.unibet.nu/index.html 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4505 

                                        
                                            
Cache-Control: max-age=133091 

                                        
                                            
Date: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
Etag: "63888d91-116" 

                                        
                                            
Expires: Sat, 03 Dec 2022 12:33:46 GMT 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 11:18:41 GMT 

                                        
                                            
Server: ECS (amb/6B81) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 278 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   278

                                                Md5:    e4835011e0eeeab8c7bfd2cfd77bc45f

                                                Sha1:   42cbf2f429cafbbcec644142ea8eeff599279241

                                                Sha256: 6e1846f720e8c94592e906dcde5500fe730a832d753f942070177c682bc6edfa

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         216.58.211.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    3519a58310eefa01756f0440e2acd7dd

                                                Sha1:   50153382830684a6abb653dc7b4e41d7c7e386b5

                                                Sha256: 5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e

                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 HTTP/1.1 

                                        
                                            
Host: welcome.unibet.nu

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://gracelessbrief.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.18.25.188

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=utf-8

                                        

                                        
                                            
date: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
cache-control: public, max-age=900, immutable 

                                        
                                            
content-md5: ALrEeXzHb5XykFNPd2FIIA== 

                                        
                                            
last-modified: Mon, 28 Nov 2022 13:31:56 GMT 

                                        
                                            
x-ms-request-id: ae8b5b2b-f01e-0048-7fdd-050f35000000 

                                        
                                            
x-ms-version: 2014-02-14 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-lease-state: available 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: MISS 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 772fa3dc1c20b4f3-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (569)

                                                Size:   4105

                                                Md5:    928400042eb071de5689a17bd4cec0a3

                                                Sha1:   d4a9996db8c5e89132d891901ea1f6512ce3f8c0

                                                Sha256: 1c76fd4ad105d7cb63fb31d3348e4b90aaa11525d8d615cf1470fb316205d64a

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         216.58.211.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    3519a58310eefa01756f0440e2acd7dd

                                                Sha1:   50153382830684a6abb653dc7b4e41d7c7e386b5

                                                Sha256: 5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 3725 

                                        
                                            
Cache-Control: max-age=135201 

                                        
                                            
Date: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
Etag: "638898db-117" 

                                        
                                            
Expires: Sat, 03 Dec 2022 13:08:56 GMT 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 12:06:51 GMT 

                                        
                                            
Server: ECS (ska/F71B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 279 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   279

                                                Md5:    aff15ad9f37f82e3e8971e79b9159670

                                                Sha1:   e9414ce7af5599213ab3f50af0b3bc07d2c6c04b

                                                Sha256: 716600b6453c753227ffde5d9ceaf03b0f043002665cfcae45b68d0322947139

                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/gambling-commission.png HTTP/1.1 

                                        
                                            
Host: welcome.unibet.nu

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 

                                        
                                            
Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.18.25.188

                                        
                                            HTTP/2 404 Not Found 

                                        
                                            
content-type: application/xml

                                        

                                        
                                            
date: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
x-ms-request-id: a0daf5f5-801e-000f-0cdd-05646e000000 

                                        
                                            
x-ms-version: 2014-02-14 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 53 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 772fa3df3f50b4f3-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text

                                                Size:   530267

                                                Md5:    49aec7c7b8d582376e1dda372cbd6d3c

                                                Sha1:   626db48a27c18df39c9c03e345787bf6e049c8ce

                                                Sha256: 9c40448a63d65699a785c502f3288ae61601bb9224f99ed8257f74bfc98fc2f5

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         216.58.211.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    980f31229421fd11df958496bea34502

                                                Sha1:   648e03f048e6741beb1d4e10099b1429b79e4f00

                                                Sha256: 887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce

                                        
                                            GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1 

                                        
                                            
Host: use.fontawesome.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://welcome.unibet.nu 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://use.fontawesome.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         172.64.133.15

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2

                                        

                                        
                                            
date: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
content-length: 74320 

                                        
                                            
x-amz-id-2: PmWziAzgEcFYcHYDEmdSC0yRv5VypkZMAUzrQZi+VBe3q+9GP2NyjCFKPY6Shjc5JCj1TQMJ1XA= 

                                        
                                            
x-amz-request-id: N1H1N9Y0RX5NCQ35 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-methods: GET 

                                        
                                            
access-control-max-age: 3000 

                                        
                                            
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding 

                                        
                                            
last-modified: Wed, 30 Jun 2021 15:45:57 GMT 

                                        
                                            
etag: "3638e62ea50e6f5859b6a15276c25c87" 

                                        
                                            
cache-control: max-age=31556926 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 295299 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4HefMFP%2FgYVrnaUGyZh5IPu85BE29NVu%2FWk46q%2FhAhRS9W4PvldAhDkZxRc2zpbFHHPJRhwZaI7GoIGF58F1mjVvQUwnkbkd3sTGnzxq%2FfCdVaIX1fAa%2Fp398rx7roiyDDAvVSH"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 772fa3df8e7c732a-LHR 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data

                                                Size:   74320

                                                Md5:    3638e62ea50e6f5859b6a15276c25c87

                                                Sha1:   f5aa1a463e223a294a42b314e1c63a614d594ec0

                                                Sha256: 9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://welcome.unibet.nu 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         216.58.207.227

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 15920 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Wed, 30 Nov 2022 19:33:56 GMT 

                                        
                                            
expires: Thu, 30 Nov 2023 19:33:56 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 100899 

                                        
                                            
last-modified: Wed, 11 May 2022 19:24:45 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data

                                                Size:   15920

                                                Md5:    3a44e06eb954b96aa043227f3534189d

                                                Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d

                                                Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         216.58.211.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    188c50963e7939b1f26a31dbcb8c8200

                                                Sha1:   859416e6148ea6618584e53604efcf072bb989cc

                                                Sha256: 3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e

                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/no-payments.svg HTTP/1.1 

                                        
                                            
Host: welcome.unibet.nu

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 

                                        
                                            
Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.18.25.188

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
cache-control: public, max-age=900, immutable 

                                        
                                            
content-md5: eFf1+jVlHZeVusUSI4yq9A== 

                                        
                                            
last-modified: Mon, 28 Nov 2022 13:31:59 GMT 

                                        
                                            
etag: W/"0x8DAD144ED00071A" 

                                        
                                            
x-ms-request-id: 8dc1f3cc-301e-0035-152e-037e16000000 

                                        
                                            
x-ms-version: 2014-02-14 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-lease-state: available 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 295305 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 772fa3dff81ab4f3-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text

                                                Size:   8032

                                                Md5:    28b66e8ad3a9f4a7bf0bf112d884cae5

                                                Sha1:   efa1c4ad2dc3efda7bc4d924b5df6fd2c3377bef

                                                Sha256: c6cb1aa929085d25e781d2142322b5fc2a5d5e59c22dd496731be73b8ed27303

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 3726 

                                        
                                            
Cache-Control: max-age=113618 

                                        
                                            
Date: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
Etag: "6388448b-1d7" 

                                        
                                            
Expires: Sat, 03 Dec 2022 07:09:13 GMT 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 06:07:07 GMT 

                                        
                                            
Server: ECS (ska/F71B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    b6f6bd19f5a3bedf28d81978c874b564

                                                Sha1:   cf0a80f89e6ce6b74f6067a998009aba65ca8e7b

                                                Sha256: 0a585c37b8fd54f44211656ebd5f2cff82da2fa0248440b97bfa1f903efdb556

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 3082 

                                        
                                            
Cache-Control: max-age=118368 

                                        
                                            
Date: Thu, 01 Dec 2022 23:35:36 GMT 

                                        
                                            
Etag: "6388599e-1d7" 

                                        
                                            
Expires: Sat, 03 Dec 2022 08:28:24 GMT 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 07:37:02 GMT 

                                        
                                            
Server: ECS (ska/F71B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    4cdb8bd3c353b381182d275152478ead

                                                Sha1:   63a9e15d791d4a530dec2c7209d2f10d48310722

                                                Sha256: 71d96bf3e61eaa1e642f9b689186ad797eebc63d310697c38109f657f9bd8ba9

                                        
                                            GET /dest5.html?d_nsid=0 HTTP/1.1 

                                        
                                            
Host: unibet.demdex.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://welcome.unibet.nu/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         3.248.125.109

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html;charset=UTF-8

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private 

                                        
                                            
content-encoding: gzip 

                                        
                                            
date: Thu, 1 Dec 2022 23:35:36 GMT 

                                        
                                            
DCS: dcs-prod-irl1-1-v045-06ebc79ba.edge-irl1.demdex.com 0 ms 

                                        
                                            
Expires: Thu, 01 Jan 1970 00:00:00 UTC 

                                        
                                            
last-modified: Wed, 9 Nov 2022 03:35:09 GMT 

                                        
                                            
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Strict-Transport-Security: max-age=31536000; includeSubDomains 

                                        
                                            
vary: accept-encoding 

                                        
                                            
X-TID: USFQSXr0SPg= 

                                        
                                            
Content-Length: 2791 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)

                                                Size:   2791

                                                Md5:    ccbdcb1e84c241950763ec4cd516cdfc

                                                Sha1:   55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c

                                                Sha256: de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         143.204.42.88

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: max-age=97997 

                                        
                                            
Date: Thu, 01 Dec 2022 23:35:36 GMT 

                                        
                                            
Etag: "63880f28-1d7" 

                                        
                                            
Expires: Sat, 03 Dec 2022 02:48:53 GMT 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 02:19:20 GMT 

                                        
                                            
Server: ECS (nyb/1D2B) 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: esm-aWRMQuRcvAotACIdf5Pp0KT-OZk5eJDrskIZJM02_4iv1McUsQ== 

                                        
                                            
Age: 1773 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    ecb338d207a80eba19beccfcc033a979

                                                Sha1:   08b06c7c842be432375e74c00ff29728c49af90f

                                                Sha256: b0c7d770db35c8d46ceee9200064beea254031b7068a353c095e31f30bc1c103

                                        
                                            GET /ibs:dpid=411&dpuuid=Y4k6SAAAAHxE8wNx HTTP/1.1 

                                        
                                            
Host: dpm.demdex.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://welcome.unibet.nu/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         52.31.218.182

                                        
                                            HTTP/1.1 302 Found

                                        

                                        
                                            
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private 

                                        
                                            
DCS: dcs-prod-irl1-2-v045-001bf2e72.edge-irl1.demdex.com 0 ms 

                                        
                                            
Expires: Thu, 01 Jan 1970 00:00:00 UTC 

                                        
                                            
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4k6SAAAAHxE8wNx 

                                        
                                            
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" 

                                        
                                            
Pragma: no-cache 

                                        
                                            
set-cookie: demdex=49401498200505885613284039067696567407; Max-Age=15552000; Expires=Tue, 30 May 2023 23:35:36 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None 

                                        
                                            
Strict-Transport-Security: max-age=31536000; includeSubDomains 

                                        
                                            
X-TID: VdfIrMWxTDc= 

                                        
                                            
Content-Length: 0 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /widget/betslip/betslip.js HTTP/1.1 

                                        
                                            
Host: welcome.unibet.nu

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 

                                        
                                            
Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.18.25.188

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8

                                        

                                        
                                            
date: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
cache-control: public, max-age=900, immutable 

                                        
                                            
content-md5: V3DcYDl/+4NNEoCqe8670A== 

                                        
                                            
last-modified: Tue, 15 Jan 2019 09:54:22 GMT 

                                        
                                            
etag: W/"0x8D67ACF6D112CB5" 

                                        
                                            
x-ms-request-id: 9491108d-c01e-000e-6d20-ff3bb2000000 

                                        
                                            
x-ms-version: 2014-02-14 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-lease-state: available 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 136256 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 772fa3df1f38b4f3-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /orval/tracking/lastclick.min.js HTTP/1.1 

                                        
                                            
Host: a1s.unibet.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://welcome.unibet.nu/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         85.184.96.5

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
date: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
last-modified: Fri, 05 Aug 2022 12:55:24 GMT 

                                        
                                            
etag: W/"705-5e57dfac7ede0" 

                                        
                                            
cache-control: max-age=1800, public, must-revalidate 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: kindred-loadbalancer 

                                        
                                            
strict-transport-security: max-age=63072000; preload 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *; 

                                        
                                            
x-browser-class: A 

                                        
                                            
x-os-class: M 

                                        
                                            
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/gb-when-the-fun-stops.svg HTTP/1.1 

                                        
                                            
Host: welcome.unibet.nu

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 

                                        
                                            
Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.18.25.188

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
cache-control: public, max-age=900, immutable 

                                        
                                            
content-md5: aKFt6UnI1NUrF+upCSAbIA== 

                                        
                                            
last-modified: Mon, 28 Nov 2022 13:31:59 GMT 

                                        
                                            
etag: W/"0x8DAD144ED1D9CEE" 

                                        
                                            
x-ms-request-id: e9b0b4f7-401e-005d-682e-031886000000 

                                        
                                            
x-ms-version: 2014-02-14 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-lease-state: available 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 295307 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 772fa3de1e93b4f3-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/unibet-logo.svg HTTP/1.1 

                                        
                                            
Host: welcome.unibet.nu

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 

                                        
                                            
Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.18.25.188

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
cache-control: public, max-age=900, immutable 

                                        
                                            
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw== 

                                        
                                            
last-modified: Mon, 28 Nov 2022 13:31:58 GMT 

                                        
                                            
etag: W/"0x8DAD144EC848066" 

                                        
                                            
x-ms-request-id: 561aba3e-701e-0079-042e-03ee26000000 

                                        
                                            
x-ms-version: 2014-02-14 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-lease-state: available 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 295307 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 772fa3de0e82b4f3-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /custom.js HTTP/1.1 

                                        
                                            
Host: welcome.unibet.nu

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 

                                        
                                            
Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.18.25.188

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
date: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
content-md5: e/Aekt1V1fopj1X7y5r9MA== 

                                        
                                            
last-modified: Tue, 29 Mar 2022 08:25:09 GMT 

                                        
                                            
etag: W/"0x8DA115DA300B0C1" 

                                        
                                            
x-ms-request-id: 126f410e-701e-000b-2310-f9e969000000 

                                        
                                            
x-ms-version: 2014-02-14 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-lease-state: available 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 197641 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 772fa3de0e81b4f3-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/icon-casino.svg HTTP/1.1 

                                        
                                            
Host: welcome.unibet.nu

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 

                                        
                                            
Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.18.25.188

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
cache-control: public, max-age=900, immutable 

                                        
                                            
content-md5: u/57C1Al21ESpXtbDs6sbw== 

                                        
                                            
last-modified: Mon, 28 Nov 2022 13:32:00 GMT 

                                        
                                            
etag: W/"0x8DAD144EDEFC297" 

                                        
                                            
x-ms-request-id: 65dca035-e01e-0026-142e-035a1a000000 

                                        
                                            
x-ms-version: 2014-02-14 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-lease-state: available 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 295307 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 772fa3de1e8fb4f3-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/18-plus.svg HTTP/1.1 

                                        
                                            
Host: welcome.unibet.nu

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 

                                        
                                            
Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.18.25.188

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
date: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
cache-control: public, max-age=900, immutable 

                                        
                                            
content-md5: DtBEzXf8HuXNecd90Rx/1w== 

                                        
                                            
last-modified: Mon, 28 Nov 2022 13:31:58 GMT 

                                        
                                            
etag: W/"0x8DAD144EC6AE193" 

                                        
                                            
x-ms-request-id: 561abf3d-701e-0079-582e-03ee26000000 

                                        
                                            
x-ms-version: 2014-02-14 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-lease-state: available 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 295305 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 772fa3e00823b4f3-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /nu/pop/sportsbook/football/wc/2022/gambling-commission.png HTTP/1.1 

                                        
                                            
Host: welcome.unibet.nu

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86234699-37950&btag=127656177_7B56825A69744BBD8795A5137FE3DDFF&bid=37950&campaignId=2808422&pid=86234699 

                                        
                                            
Cookie: __ucbt=node01rcu62qdgc79y2106cle8hy77; uniattr=ST.0.T; uniattr_ref="https://gracelessbrief.com/"; campaignId=2808422; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_7B56825A69744BBD8795A5137FE3DDFF; BID=37950; PID=86234699; REFERER=https%3A%2F%2Fgracelessbrief.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2808422%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7B56825A69744BBD8795A5137FE3DDFF%26sref%3DADST%26ADST%3D17440963%26affiliateId%3D1%26pid%3D86234699%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2808422 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.18.25.188

                                        
                                            HTTP/2 404 Not Found 

                                        
                                            
content-type: application/xml

                                        

                                        
                                            
date: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
x-ms-request-id: a0daf5f5-801e-000f-0cdd-05646e000000 

                                        
                                            
x-ms-version: 2014-02-14 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 53 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 772fa3de1e90b4f3-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /css?family=Roboto:300,400,500 HTTP/1.1 

                                        
                                            
Host: fonts.googleapis.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://welcome.unibet.nu/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.106

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=utf-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
expires: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
date: Thu, 01 Dec 2022 23:35:35 GMT 

                                        
                                            
cache-control: private, max-age=86400 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: ESF 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	tgrrre.6dcfb.cj.wy5532.com/
IP	199.115.115.116 (United States)
ASN	#30633 LEASEWEB-USA-WDC
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-12-01 23:35:43 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	1
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (26)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.115.115.116

Last 5 reports on ASN: LEASEWEB-USA-WDC

Last 5 reports on domain: wy5532.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (27)

Executed Evals (9)

#1 JavaScript::Eval (size: 55) - SHA256: 14986cbd70f8b8a1770adf9800c113847daf392c2999dfff9dc71d2be98f3282

#2 JavaScript::Eval (size: 71) - SHA256: dcdd7e7e286c45c94638f28053384616d6ca9a1b396b0109cb51f1298ba342bb

#3 JavaScript::Eval (size: 135) - SHA256: fc7b851f30df68c5cc6d1fb3f06c300b2b1d7271f76cc187224050270141f0ed

#4 JavaScript::Eval (size: 60) - SHA256: 9d51544cc513110b130345a977b1e9e630b5a7aa01518f7f7898758b79a9699f

#5 JavaScript::Eval (size: 54) - SHA256: fc490a09c28110ae2a7c965801ebeb5c572587f55c3524889f547dbcc34c1d81

#6 JavaScript::Eval (size: 88) - SHA256: 5e05e2cf30322e8f71d65a22aa5f4a095923b67286a61d83b7787e3468f42f62

#7 JavaScript::Eval (size: 132) - SHA256: 0a23e511994a2c03a725773de07810ff171878b9c0177f40a663038e4e251168

#8 JavaScript::Eval (size: 62) - SHA256: adf0ca592504ef680d5ea02d5161b15be0572fd3e5b41d152b74f0c76aea6c42

#9 JavaScript::Eval (size: 61) - SHA256: 9259355921509ced00b4d7d3e76c151037a06c88a646cd7d47d5d9c96984697c

Executed Writes (1)

#1 JavaScript::Write (size: 50) - SHA256: a2b051fa7d206df6e4eeee27678781de0752c1ac7adcfd359c1a2fc7ff507449

HTTP Transactions (79)

Overview

Domain Summary (26)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.115.115.116

Last 5 reports on ASN: LEASEWEB-USA-WDC

Last 5 reports on domain: wy5532.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (27)

Executed Evals (9)

#1 JavaScript::Eval (size: 55) - SHA256: 14986cbd70f8b8a1770adf9800c113847daf392c2999dfff9dc71d2be98f3282

#2 JavaScript::Eval (size: 71) - SHA256: dcdd7e7e286c45c94638f28053384616d6ca9a1b396b0109cb51f1298ba342bb

#3 JavaScript::Eval (size: 135) - SHA256: fc7b851f30df68c5cc6d1fb3f06c300b2b1d7271f76cc187224050270141f0ed

#4 JavaScript::Eval (size: 60) - SHA256: 9d51544cc513110b130345a977b1e9e630b5a7aa01518f7f7898758b79a9699f

#5 JavaScript::Eval (size: 54) - SHA256: fc490a09c28110ae2a7c965801ebeb5c572587f55c3524889f547dbcc34c1d81

#6 JavaScript::Eval (size: 88) - SHA256: 5e05e2cf30322e8f71d65a22aa5f4a095923b67286a61d83b7787e3468f42f62

#7 JavaScript::Eval (size: 132) - SHA256: 0a23e511994a2c03a725773de07810ff171878b9c0177f40a663038e4e251168

#8 JavaScript::Eval (size: 62) - SHA256: adf0ca592504ef680d5ea02d5161b15be0572fd3e5b41d152b74f0c76aea6c42

#9 JavaScript::Eval (size: 61) - SHA256: 9259355921509ced00b4d7d3e76c151037a06c88a646cd7d47d5d9c96984697c

Executed Writes (1)

#1 JavaScript::Write (size: 50) - SHA256: a2b051fa7d206df6e4eeee27678781de0752c1ac7adcfd359c1a2fc7ff507449

HTTP Transactions (79)

Network Intrusion Detection Systems