Report - jewgn8une.com/1823498/

Report Overview

Submitted URL
jewgn8une.com/1823498/
IP
62.122.171.6
ASN
#50245 Serverel Inc.
Submitted
2022-08-31 19:19:23
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-06T05:09:12Z	594 B	127 B	52.39.57.61
pagestates-tracking.crazyegg.com	3647	2020-10-26T20:42:04Z	2023-03-06T09:41:57Z	402 B	648 B	54.230.111.77
jewgn8une.com	146458	2021-12-29T11:43:12Z	2023-02-05T20:41:03Z	2.8 kB	19 kB	62.122.171.6
ak.uncleffaan.com	unknown	2022-06-28T05:35:25Z	2023-03-06T09:10:33Z	849 B	4.4 kB	23.36.77.11
a1s-cdn.unibet.com	283505	2014-04-23T17:07:51Z	2023-03-06T20:42:26Z	1.3 kB	1.7 kB	85.184.96.5
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-06T05:10:42Z	2.0 kB	4.2 kB	142.250.74.3
unibetlondonltd.d3.sc.omtrdc.net	444877	2017-01-29T22:05:05Z	2023-03-06T20:42:44Z	2.3 kB	992 B	15.188.95.229
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	676 B	1.9 kB	54.230.245.100
cm.everesttech.net	996	2017-01-30T05:59:57Z	2023-03-06T05:15:02Z	417 B	488 B	52.17.253.32
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-06T05:09:03Z	1.6 kB	4.4 kB	23.36.77.32
35.227.234.222	unknown	2019-02-15T13:35:24Z	2023-02-02T17:05:04Z	620 B	225 B	35.227.234.222
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-06T05:59:33Z	328 B	963 B	172.64.155.188
no.unibet.com	201503	2012-07-26T11:42:52Z	2023-03-06T20:09:32Z	2.5 kB	6.4 kB	85.184.96.0
a1s.unibet.com	297625	2017-01-30T01:44:42Z	2023-03-06T20:42:28Z	1.3 kB	2.0 kB	85.184.96.5
script.crazyegg.com	1992	2014-10-23T19:42:31Z	2023-03-06T07:59:30Z	1.3 kB	32 kB	104.19.147.8
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-06T05:10:30Z	401 B	5.8 kB	143.204.55.110
c.go-mpulse.net	568	2014-03-15T02:53:06Z	2023-03-06T05:14:17Z	740 B	321 B	23.38.200.138
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-06T05:16:06Z	1.4 kB	50 kB	142.250.74.163
dpm.demdex.net	204	2012-05-22T07:45:05Z	2023-03-06T05:15:00Z	1.4 kB	2.6 kB	52.31.4.32
assets-tracking.crazyegg.com	3651	2021-01-26T16:34:24Z	2023-03-06T18:19:12Z	398 B	648 B	54.230.111.63
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-06T08:54:25Z	390 B	746 B	216.58.211.10
use.fontawesome.com	942	2017-01-30T05:43:25Z	2023-03-06T05:10:06Z	909 B	76 kB	172.67.169.247
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-06T05:09:43Z	321 B	229 B	34.117.237.239
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-06T08:18:39Z	390 B	681 B	139.45.195.8
adserving.unibet.com	98000	2015-05-26T08:56:53Z	2023-03-06T20:42:21Z	484 B	1.3 kB	23.36.79.11
www.unibet.com	318338	2014-04-29T03:07:51Z	2023-03-06T20:48:21Z	1.6 kB	16 kB	85.184.96.0
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-06T05:09:34Z	758 B	2.7 kB	143.204.55.27
s.go-mpulse.net	1280	2017-07-13T10:35:40Z	2023-03-06T05:21:21Z	343 B	51 kB	23.195.254.218
ocsp.securetrust.com	18792	2019-12-23T04:05:54Z	2023-03-05T21:50:30Z	332 B	793 B	23.36.79.25
secure.adnxs.com	396	2012-05-22T18:37:37Z	2023-03-06T05:18:04Z	772 B	1.8 kB	185.89.210.82
cdn.bannerflow.com	23819	2018-02-22T13:57:21Z	2023-03-06T18:59:10Z	1.3 kB	1.7 kB	104.16.171.188
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-06T06:00:56Z	658 B	1.5 kB	93.184.220.29
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-06T09:48:42Z	382 B	32 kB	142.250.74.10
welcome.unibet.com	242429	2017-01-30T06:39:28Z	2023-03-06T20:42:24Z	28 kB	226 kB	108.161.188.196
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-06T05:09:35Z	3.2 kB	49 kB	34.120.237.76
tracking.crazyegg.com	3633	2020-03-10T08:15:05Z	2023-03-06T07:59:31Z	401 B	221 B	54.229.197.178

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-08-31	medium	uncleffaan.com	Sinkholed
2022-08-31	medium	uncleffaan.com	Sinkholed

JavaScript (46)

	URL	Size	First Seen	Last Seen
	a1s.unibet.com/orval/tracking/lastclick.min.js	1.8 kB	2023-03-07	2024-02-01
Pretty URL a1s.unibet.com/orval/tracking/lastclick.min.js IP 85.184.96.5 ASN #47171 Unibet Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen5726 Hash 8027969a31091dd0d3a7813f95ee7e10 591677c488b8b98532778e11adc9348253a014a4 5166be250f7de7d316b5fb9778843cc3268ce3e00f917530f65e99dcdb355b60 Loading...

	script.crazyegg.com/pages/versioned/common-scripts/f0ea59b706193b189a5effb0b5ea05bc.js	95 kB	2023-03-07	2023-03-17
Pretty URL script.crazyegg.com/pages/versioned/common-scripts/f0ea59b706193b189a5effb0b5ea05bc.js IP 104.19.147.8 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:40 Last Seen2023-03-17 11:26:10 Times Seen1 Hash 11f2c36495e0cdc42420dbf316440845 96d63d5a641324fcc1a7a92ee6e8b927eca47378 3bc76d046f3630ae20a8755505557af65634ed384539fa147c1aa9abd6d81fe3 Loading...

	jewgn8une.com/?r=dir&zoneid=1823498&pb=00b8f27899fafcbecf776951dd67cb141661980752&psp=NBgrzxBlz_TpZw9gWWkP6ImfDLnAI_-pJC8pQ76UshC4a5jD0km8KHoR8YcgmzD53CeBqws0z_utYZ_AIye6t-TeXnIYaZxgcbpgYuSbjPOxLublKBFSN1T5zcT6Lm4GqTljkGFlHcqx_NnVpH_s4B3d2YK7AnHZB_hPQ3eT1aQZtVsmtRKypp9-FWWAZGlwMAuxOhTa96YWXNduOmnQ6F7FPW7rjip60Mk88VCx_cDfIAspznGTmS2IA0kbytXUXx3jDthf7-Kt7uJaowGwkYpJjcddpX2g52clHcs-GI1ZkJXg1Mg5OokVBnVFfLA9GdjDJkJrzqAIP9i6UYm6msNzZ-mE8w9f71tuHpCAT1_827j7qpHNYjZ7JWO0IKIbSF4-h7CO2EMxZTq4LOamLzdP5wOP_J0UdAtrbsd-zq5c4vwuVom77J0=&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=516&rlp=%5B0%2C2%2C24%2C0%2C5%2C119%2C139%2C119%5D	242 B	2023-03-07	2023-03-08
Pretty URL jewgn8une.com/?r=dir&zoneid=1823498&pb=00b8f27899fafcbecf776951dd67cb141661980752&psp=NBgrzxBlz_TpZw9gWWkP6ImfDLnAI_-pJC8pQ76UshC4a5jD0km8KHoR8YcgmzD53CeBqws0z_utYZ_AIye6t-TeXnIYaZxgcbpgYuSbjPOxLublKBFSN1T5zcT6Lm4GqTljkGFlHcqx_NnVpH_s4B3d2YK7AnHZB_hPQ3eT1aQZtVsmtRKypp9-FWWAZGlwMAuxOhTa96YWXNduOmnQ6F7FPW7rjip60Mk88VCx_cDfIAspznGTmS2IA0kbytXUXx3jDthf7-Kt7uJaowGwkYpJjcddpX2g52clHcs-GI1ZkJXg1Mg5OokVBnVFfLA9GdjDJkJrzqAIP9i6UYm6msNzZ-mE8w9f71tuHpCAT1_827j7qpHNYjZ7JWO0IKIbSF4-h7CO2EMxZTq4LOamLzdP5wOP_J0UdAtrbsd-zq5c4vwuVom77J0=&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=516&rlp=%5B0%2C2%2C24%2C0%2C5%2C119%2C139%2C119%5D IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:49 Last Seen2023-03-08 01:55:19 Times Seen1 Hash 431de867b905d27859b3941fff95a003 6c3a640bbea74e1f31810cff9bac765c9e5a26c0 c35a6bbcef585ae2589636dff9ee3c5d57ba125c776bc2979a12e5c2b6df0200 Loading...

	ak.uncleffaan.com/4/4364419	854 B	2023-03-07	2023-03-07
Pretty URL ak.uncleffaan.com/4/4364419 IP 23.36.77.11 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:49 Last Seen2023-03-07 01:31:49 Times Seen1 Hash ef51ce80e3d2bb62b10e772a72beaa59 6a8bd58a5a17154ffa6ba85e429f61f913d8d782 0e278f26a9ae0bf2985da7a8cd67dcc58ee2baf69939a3269bdef031d105c796 Loading...

	welcome.unibet.com/no/pop/multisport/read_json.js	5.4 kB	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/no/pop/multisport/read_json.js IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen8425 Hash ac64b59c98bbe50cf69b6c98fa39585c 0a5cc9fb43b8a208481baaf752dbd504078a764b 28ac02c7302149814ed1c1b8a31b96e1ea94247c3b64888a598f66955d28312c Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	87 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 142.250.74.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 07:47:11 Times Seen105239 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437	147 B	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6862 Hash 1d18cffe3fc76896ca02254b5879b535 1a8fec7049c5644eaab6f7aecf8672f3f858d037 cb934bad0e7cb0b0b2edbc619a28b2d7ee4960dba893c3c2ce2a63e458d8af5b Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437	5.4 kB	2023-03-07	2023-08-08
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-08-08 14:09:19 Times Seen1025 Hash 26c5eb641d4b8e7a86948e5a397d4203 9bf9b195284806ae56e32f7a0531ad91ad7bf731 aee310721d3d1cb60cdb3e4d714451c5ef94b93e820d0f08bdbb1b04f00d9b73 Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437	2.2 kB	2023-03-07	2023-10-02
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1647 Hash c0f99959e76a9ae3302a785606121738 b7121b4e8dfd06a376a210933831917cf22131a7 8635426cb6fbc3d728559ba093c8aa5455f2d5338aefb695ef68aa88a406f615 Loading...

	jewgn8une.com/submit.min.js?abvar=	34 kB	2023-03-07	2023-03-17
Pretty URL jewgn8une.com/submit.min.js?abvar= IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:24 Last Seen2023-03-17 10:35:40 Times Seen1 Hash 122c14448661504b4bfda0915e06e9fe 42a5d6db78a5d57235f2cb076bfe0186bf659216 84eaaa1f677edcf1c9dab3176fd63166d5050f9c511b0b2da47d03ec64b18002 Loading...

	jewgn8une.com/?r=dir&zoneid=1823498&pb=00b8f27899fafcbecf776951dd67cb141661980752&psp=NBgrzxBlz_TpZw9gWWkP6ImfDLnAI_-pJC8pQ76UshC4a5jD0km8KHoR8YcgmzD53CeBqws0z_utYZ_AIye6t-TeXnIYaZxgcbpgYuSbjPOxLublKBFSN1T5zcT6Lm4GqTljkGFlHcqx_NnVpH_s4B3d2YK7AnHZB_hPQ3eT1aQZtVsmtRKypp9-FWWAZGlwMAuxOhTa96YWXNduOmnQ6F7FPW7rjip60Mk88VCx_cDfIAspznGTmS2IA0kbytXUXx3jDthf7-Kt7uJaowGwkYpJjcddpX2g52clHcs-GI1ZkJXg1Mg5OokVBnVFfLA9GdjDJkJrzqAIP9i6UYm6msNzZ-mE8w9f71tuHpCAT1_827j7qpHNYjZ7JWO0IKIbSF4-h7CO2EMxZTq4LOamLzdP5wOP_J0UdAtrbsd-zq5c4vwuVom77J0=&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=516&rlp=%5B0%2C2%2C24%2C0%2C5%2C119%2C139%2C119%5D	4.9 kB	2023-03-07	2023-03-07
Pretty URL jewgn8une.com/?r=dir&zoneid=1823498&pb=00b8f27899fafcbecf776951dd67cb141661980752&psp=NBgrzxBlz_TpZw9gWWkP6ImfDLnAI_-pJC8pQ76UshC4a5jD0km8KHoR8YcgmzD53CeBqws0z_utYZ_AIye6t-TeXnIYaZxgcbpgYuSbjPOxLublKBFSN1T5zcT6Lm4GqTljkGFlHcqx_NnVpH_s4B3d2YK7AnHZB_hPQ3eT1aQZtVsmtRKypp9-FWWAZGlwMAuxOhTa96YWXNduOmnQ6F7FPW7rjip60Mk88VCx_cDfIAspznGTmS2IA0kbytXUXx3jDthf7-Kt7uJaowGwkYpJjcddpX2g52clHcs-GI1ZkJXg1Mg5OokVBnVFfLA9GdjDJkJrzqAIP9i6UYm6msNzZ-mE8w9f71tuHpCAT1_827j7qpHNYjZ7JWO0IKIbSF4-h7CO2EMxZTq4LOamLzdP5wOP_J0UdAtrbsd-zq5c4vwuVom77J0=&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=516&rlp=%5B0%2C2%2C24%2C0%2C5%2C119%2C139%2C119%5D IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:49 Last Seen2023-03-07 01:31:49 Times Seen1 Hash 1a4ae72dc85e8c7b89d752989fd72f3c 26bc24b5969cabcba0cf4c70c654de8caffd7d81 4a43e1b726e3270902a61d33841664288c6789567011fb8ff6b9050503afd8d5 Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437	364 B	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6836 Hash b7207d294237fb810195b41fdd3cac28 ff7ef257957cbc2074fa5814177bb7cbbac44eb2 12f39122cef3c11903118c0f4769199ddc1e0e5ba13d7dbe8373e5c77391baf5 Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437	667 B	2023-03-07	2023-09-21
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-09-21 14:18:09 Times Seen1578 Hash 2d41aac452b14ef4b388a79a47791b35 cee1071dcf7b8095fe214afc02177dc39bd4f973 44ed144c670270401a2ba9d624c2d98dc2e31c3df30ce612a7c94041cb2210de Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437	721 B	2023-03-07	2023-06-27
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-06-27 14:28:54 Times Seen839 Hash 9c83e2435e1e8d72ce6b63ef2ff44894 bd04a958ae23aaf1b3d427b9bffaf4d041956be1 3c5e987ccf5ca2a1dbf43e2d257bf114e113add7d384d433055c1261722b06fb Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437	92 B	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6846 Hash 7f0f3c1a6218ba26e0a2303513a4b789 a8d06c9a0d0b367220509b18213f6b102f4b4fc0 faffe243fd7f581af68fd7dafdf86ff1e5c0824831f03d5758cb309da65fddda Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437	7.5 kB	2023-03-07	2023-04-27
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-04-27 00:24:56 Times Seen338 Hash f11aa08db800dc0e89f963fb3043f461 565fea671f23ae5189aa25ffcc5d0f2e548f72b2 b494d197c2e32274ca7543dd7828afb81a72db96a88da514f5f8ec45f73649ac Loading...

	welcome.unibet.com/custom.js	5.9 kB	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/custom.js IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen8697 Hash 7bf01e92dd55d5fa298f55fbcb9afd30 4db58eaa64d33bce2d1ae88d5ed6919d8986f8dc 2c13bba84b390447c18343fd8319ca7aea45208f53fb3143ed27c354fd5b2b1f Loading...

	a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js	956 B	2023-03-07	2024-02-01
Pretty URL a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js IP 85.184.96.5 ASN #47171 Unibet Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:05 Last Seen2024-02-01 12:23:48 Times Seen10503 Hash fd48e87ecd4d06d9c5df490b91dc813e a65a437db44444634e4f41732c590c1d14433b3f 2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47 Loading...

	welcome.unibet.com/no/pop/multisport/1-main.js	4.5 kB	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/no/pop/multisport/1-main.js IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen8257 Hash 04fc48de78cbfc5d1557e9df399c7733 e1bf77a4fef1943b0eab404c4abbe9477cb373e0 4c6d70ebaf667a642560297cdca94fa760d3624e1f4cab0da08711f0c492fed6 Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437	307 B	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6858 Hash 5633bd464ac4d5c3fab4b6c6db04c743 e9b255450e7612595382082329b0fe88904abcee ca8576fcf8d4ca2350c9fe2a7976729e6e3c6b42ca948060a509a1eed46e93fd Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437	299 B	2023-03-07	2023-03-17
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-03-17 12:44:54 Times Seen1 Hash 9b18f9d85f3def5f894ab2798242ba20 83806fc6e857abdf1227f0563c38ccbad4df8a0b 135c63561f0ce029193fa9b2466524c34ef43f4e94ec3c5d92ae757bf64e1d79 Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437	218 B	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen5375 Hash 91824c153a2424389807187ea41b9137 0ac7bf21044c90de1568152896efb9466c90b412 74abc0c84e63335fab7da57b01856b457f332b55d1ae539baadb180b13be726c Loading...

	jewgn8une.com/1823498/	676 B	2023-03-07	2023-03-07
Pretty URL jewgn8une.com/1823498/ IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:49 Last Seen2023-03-07 01:31:49 Times Seen1 Hash 01b5bb1ac456a1d1dda25301f40557b6 d18e3dec980790d41eeb36ef37594f209f5d109c d0ee846ac7e908a8fe56386e207e0c4f60bd0e57107c9bcc0c0f7517ffb01069 Loading...

	ak.uncleffaan.com/4/4364419	4.2 kB	2023-03-07	2023-03-07
Pretty URL ak.uncleffaan.com/4/4364419 IP 23.36.77.11 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:49 Last Seen2023-03-07 01:31:49 Times Seen1 Hash 5876729fe06518af475b7f779c63fb66 6dc5e1d9b92dd53e03051c67d17165078c95ce71 d490344e67ba99d59d8cd21b5a6840ff645d697fa61ba4f732c892ad1c5863c0 Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437	277 B	2023-03-07	2023-09-21
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-09-21 14:18:09 Times Seen1576 Hash a06048fa305b7e3bd9b89366aee69071 05699ca86b944c67a0fc3240aeace995d9563200 4bdeff956fa33cb08c22fb884ba60fbb1f06c137b1df07e5f493ae4e3d6f88ff Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437	2.7 kB	2023-03-07	2023-06-27
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-06-27 14:28:54 Times Seen838 Hash 4f81620c61dcee3796fd3363a5338651 1739f9bd67e9cb64b61159e14a698c4ace82fe69 b7b20a7ae40fdd82ac83c2ed9064230801e050eaccfa28c2c5cc847d34dec6a9 Loading...

	script.crazyegg.com/pages/scripts/0012/9242.js?461659	5.6 kB	2023-03-07	2023-03-17
Pretty URL script.crazyegg.com/pages/scripts/0012/9242.js?461659 IP 104.19.147.8 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-03-17 11:41:58 Times Seen1 Hash 87e05bef35428a6b710e4eb93dc90327 c702ee7257d308e90e03525623634f964424d0c7 fb9ee43d7595cad59f504b5bd6035e3e406426d8867476ea1f13e1bacf496fb2 Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437	235 B	2023-03-07	2023-06-27
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-06-27 14:28:54 Times Seen842 Hash d7e6cfa80c6d4f83e56972a515a7bc87 54da9ec648815ef2ef225e69c698f4d8a21363bf 94782f5573acd5c9f8a8131ea8ec3e313d02f077e9766508af6aecd952572c58 Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437	37 kB	2023-03-07	2023-11-06
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-11-06 09:27:16 Times Seen2374 Hash 93db3dee4c43b7d39a245c49591ba4b5 e22687abedfc3b2496fa1b3ba61a2f567f1211b8 0dc951e8d75c93a7d625da52744fcecb22b197c2f92783dd71f1cfead1b9b043 Loading...

	welcome.unibet.com/widget/betslip/betslip.js	15 kB	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/widget/betslip/betslip.js IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen13385 Hash 5770dc60397ffb834d1280aa7bcebbd0 f0bbf2136b83babe5a8f70eeff2308279e9a0d3a 42e08e8d4858e610d87679ab66e8a7cf4b575614c0aa1423d8a1c0245bda9a52 Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437	59 kB	2023-03-07	2023-10-02
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1702 Hash b7fb41ed89500bb6a8f482f91216cfac caf092ff1935a3a13e8608d56ce60c008b498d68 4a2dbda07d552ad5d425033fcd10ccb1addc5140a177cbb0d11bb3f2f7974a8c Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437	2.6 kB	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6831 Hash cd03538fc58df8693fe9af9337788f0f 408a15551710117d0538fc9442a55b5678bb85a5 cc933dd733a6db1a1a9ff1d7c0adb26717fa27d4d177b7a5a2cab0bfdb353562 Loading...

	unibet.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwelcome.unibet.com	6.7 kB	2023-03-07	2024-03-23
Pretty URL unibet.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwelcome.unibet.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-03-23 05:26:10 Times Seen1169 Hash bea2f42512935b636558e81988e2d51f 2c9772b62f6eb8a3cec9c3a6fb9c0b22c927e59d 0cc5ff21c24654308609656ebcfda2d792d15f6fda17c0a88b551fcf8e456fdb Loading...

	s.go-mpulse.net/boomerang/2ZJU6-8B4L2-HQ548-68HPC-ZZTG5	210 kB	2023-03-07	2024-04-16
Pretty URL s.go-mpulse.net/boomerang/2ZJU6-8B4L2-HQ548-68HPC-ZZTG5 IP 23.195.254.218 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-04-16 19:18:01 Times Seen1340 Hash fa4c76a7fde62b18054cf7eb8e946012 b20150066a879d2b78dd3d4908f4acd148ee66f8 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC	234 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:49 Last Seen2023-03-07 01:31:49 Times Seen1 Hash 231b74cf8d309dfd6b51fac55781cd2e efae37e289ea78854faedb9b46909ee45982011d c2a19cbab8d3425dad472f6d1a972fd69c0afa502cbef9a3c6e389a43ff72370 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 84b2cd04a3e6a53dd1e2d2281b4ec9d0	55 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash 84b2cd04a3e6a53dd1e2d2281b4ec9d0 453fd8561e4859d9adbbe37e66110d2584bc2c1d 14986cbd70f8b8a1770adf9800c113847daf392c2999dfff9dc71d2be98f3282 Loading...

	#2 Eval - 4b4768884dd164bcabacb4edf182609a	61 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash 4b4768884dd164bcabacb4edf182609a 881cdbd84f94dc256c40f2ee489d83f956c1b36b 9259355921509ced00b4d7d3e76c151037a06c88a646cd7d47d5d9c96984697c Loading...

	#3 Eval - 5abd8d82435f1d74d9dda79e8aeb689c	582 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 01:31:49 Last Seen2023-03-07 01:31:49 Times Seen1 Hash 5abd8d82435f1d74d9dda79e8aeb689c 1a475c1a6978e552af961c229b6143f6be9086f8 5b3896034f23e2048e463e39d8144162bb3d04d74a1e131472f5a23fa800f3d0 Loading...

	#4 Eval - 52a838bf9957f0cff2021c034f169cb0	88 B	2023-03-07	2023-11-06
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-11-06 09:27:16 Times Seen2384 Hash 52a838bf9957f0cff2021c034f169cb0 30a7327c54334eb310944b6fd01ddf34b4e2ad9d 5e05e2cf30322e8f71d65a22aa5f4a095923b67286a61d83b7787e3468f42f62 Loading...

	#5 Eval - 0df47f7ec8a7025bea46266133fe90c1	54 B	2023-03-07	2024-04-17
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2024-04-17 03:22:10 Times Seen1724 Hash 0df47f7ec8a7025bea46266133fe90c1 407aeb860ef834517df3dfa568905e7c95d42d9f fc490a09c28110ae2a7c965801ebeb5c572587f55c3524889f547dbcc34c1d81 Loading...

	#6 Eval - a2bcebb48aaee0300030cf8123020f69	135 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash a2bcebb48aaee0300030cf8123020f69 365d67c7f5ce945805339efb40c083cc97d1f9b2 fc7b851f30df68c5cc6d1fb3f06c300b2b1d7271f76cc187224050270141f0ed Loading...

	#7 Eval - add2d829cf386f4838b0cdef5348451c	71 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1710 Hash add2d829cf386f4838b0cdef5348451c c8295463ce81113f7396d77c108349f473285c49 dcdd7e7e286c45c94638f28053384616d6ca9a1b396b0109cb51f1298ba342bb Loading...

	#8 Eval - d66a51311c2681be9b2814403d8e8308	60 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash d66a51311c2681be9b2814403d8e8308 284b626b87d046fe1adfc6899ade214d57f09655 9d51544cc513110b130345a977b1e9e630b5a7aa01518f7f7898758b79a9699f Loading...

	#9 Eval - dddc8519e9834ad5d3074584ccf9f8b7	132 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash dddc8519e9834ad5d3074584ccf9f8b7 829d5d1a21eff85f38994e567322cc3bcce9c9cd 0a23e511994a2c03a725773de07810ff171878b9c0177f40a663038e4e251168 Loading...

	#10 Eval - 596da5f7bb09f22c58c4073eb41d604e	62 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash 596da5f7bb09f22c58c4073eb41d604e 66603b30823c3a560dae4f1b6afb92ab5a0f91d5 adf0ca592504ef680d5ea02d5161b15be0572fd3e5b41d152b74f0c76aea6c42 Loading...

		Size	First Seen	Last Seen
	#1 Write - ac798ac2b2c9559c3e64b701f845c78e	50 B	2023-03-07	2024-02-01
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6876 Hash ac798ac2b2c9559c3e64b701f845c78e 288602cbfebecea88ca238ce32c92d133bf59bff a2b051fa7d206df6e4eeee27678781de0752c1ac7adcfd359c1a2fc7ff507449 Loading...

HTTP Transactions (87)

URL IP Response Size

jewgn8une.com/1823498/

62.122.171.6

200 OK

1.0 kB

URL HTTP/1.1
jewgn8une.com/1823498/
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1364), with no line terminators
Size
1.0 kB (1021 bytes)
Hash
8a77fd7dd952cf736062d47cb26fb9a3
b395f67d853f68295b307a19dc3d22e506c06508
41fffade43334a9c2881072fc0fac93e1a7d231937e975ad78f55244ffc2c6a6

HTTP Headers

GET /1823498/ HTTP/1.1
Host: jewgn8une.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 31 Aug 2022 19:19:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Route-Id: check.sumbit.dl
Set-Cookie: UID=2208311419abdbafc561064ebe9cf3137579; Path=/; Expires=Thu, 31 Aug 2023 19:19:12 GMT; HttpOnly; Secure; SameSite=None
Content-Encoding: gzip
Timing-Allow-Origin: *
Accept-CH: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 31 Aug 2022 18:26:32 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TNLQ38bQ8c0oScgX-FKe0CkGa8-uvszfi4W4qLgC8iu199ammTp47w==
Age: 3160

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 31 Aug 2022 02:27:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: i0AvvchkzKOTZ1pAFLzunmXT_ELRmYjOwbOfmSt7kuO4uPeRcA-xwA==
age: 60728
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11568
Expires: Wed, 31 Aug 2022 22:32:00 GMT
Date: Wed, 31 Aug 2022 19:19:12 GMT
Connection: keep-alive

jewgn8une.com/submit.min.js?abvar=

62.122.171.6

200 OK

14 kB

URL HTTP/1.1
jewgn8une.com/submit.min.js?abvar=
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
ASCII text, with very long lines (33261)
Size
14 kB (13881 bytes)
Hash
de4be9c08333d86ba9c81574517948c2
cd391a80c6f87eca15d4fb436f06549ffc25d33b
e15656b586ee7587bda7ad371608f8ba4a5b400cdaf4450f3367323ffd52c37f

HTTP Headers

GET /submit.min.js?abvar= HTTP/1.1
Host: jewgn8une.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 31 Aug 2022 19:19:12 GMT
Content-Type: application/javascript
Last-Modified: Thu, 28 Jul 2022 14:29:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e29d61-83c6"
X-JS-AB: current
Timing-Allow-Origin: *
Accept-CH: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
Content-Encoding: gzip

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 31 Aug 2022 19:19:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

jewgn8une.com/dupa.gif?z=1823498&pb=00b8f27899fafcbecf776951dd67cb141661980752&psp=8UKTTOkQjPhiko1sOPhEef_F4sUGOhQ35NZzzZtU01Tha91vBZ6ZXz54Q0xTkQO_Ko9szgm-iDxwRfJeNX_Uqr6KriLoAR-aMlX9mHUCWTBz7556AYs81nsQkroURWz7RKJbKw-i47UNPAafP9O_vmOt30PVIBDBGJtroCfynOO64Ev0rsGk3TDQqKAcoMGM3NZqPaA-i-ivZ4kea8w_mb0C0gIhow0hHNLn7lgzGBa2EGk8_BmToN9dnl_hrF5vmLbsOz2UyiRAdmLQPSdur1olVqPw1bMnFkOR_UpDcWi-Xm6H0103gG6nQRlnqXhzKeDMRRVbBqr_lZ-nzCk6sWSu6X0yFUgSLgtJStlqLpjdJol5477csh9cFjQiRL_mkycQJqWa4RCqpRB8E5RNckHhudXMYKnqX3zxBTxeLjiEpiNidZEaEO0=&abvar=0&pload=200&rlp=%5B0%2C1%2C56%2C30%2C0%2C0%2C110%2C0%5D

62.122.171.6

200 OK

43 B

URL HTTP/2
jewgn8une.com/dupa.gif?z=1823498&pb=00b8f27899fafcbecf776951dd67cb141661980752&psp=8UKTTOkQjPhiko1sOPhEef_F4sUGOhQ35NZzzZtU01Tha91vBZ6ZXz54Q0xTkQO_Ko9szgm-iDxwRfJeNX_Uqr6KriLoAR-aMlX9mHUCWTBz7556AYs81nsQkroURWz7RKJbKw-i47UNPAafP9O_vmOt30PVIBDBGJtroCfynOO64Ev0rsGk3TDQqKAcoMGM3NZqPaA-i-ivZ4kea8w_mb0C0gIhow0hHNLn7lgzGBa2EGk8_BmToN9dnl_hrF5vmLbsOz2UyiRAdmLQPSdur1olVqPw1bMnFkOR_UpDcWi-Xm6H0103gG6nQRlnqXhzKeDMRRVbBqr_lZ-nzCk6sWSu6X0yFUgSLgtJStlqLpjdJol5477csh9cFjQiRL_mkycQJqWa4RCqpRB8E5RNckHhudXMYKnqX3zxBTxeLjiEpiNidZEaEO0=&abvar=0&pload=200&rlp=%5B0%2C1%2C56%2C30%2C0%2C0%2C110%2C0%5D
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

POST /dupa.gif?z=1823498&pb=00b8f27899fafcbecf776951dd67cb141661980752&psp=8UKTTOkQjPhiko1sOPhEef_F4sUGOhQ35NZzzZtU01Tha91vBZ6ZXz54Q0xTkQO_Ko9szgm-iDxwRfJeNX_Uqr6KriLoAR-aMlX9mHUCWTBz7556AYs81nsQkroURWz7RKJbKw-i47UNPAafP9O_vmOt30PVIBDBGJtroCfynOO64Ev0rsGk3TDQqKAcoMGM3NZqPaA-i-ivZ4kea8w_mb0C0gIhow0hHNLn7lgzGBa2EGk8_BmToN9dnl_hrF5vmLbsOz2UyiRAdmLQPSdur1olVqPw1bMnFkOR_UpDcWi-Xm6H0103gG6nQRlnqXhzKeDMRRVbBqr_lZ-nzCk6sWSu6X0yFUgSLgtJStlqLpjdJol5477csh9cFjQiRL_mkycQJqWa4RCqpRB8E5RNckHhudXMYKnqX3zxBTxeLjiEpiNidZEaEO0=&abvar=0&pload=200&rlp=%5B0%2C1%2C56%2C30%2C0%2C0%2C110%2C0%5D HTTP/1.1
Host: jewgn8une.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Cookie: UID=2208311419966f9d56f176426aaf7fa39c8f; OACCAP=ACGwywAAAAAAAAAB; OACBLOCK=ACGwywAAAABjDurQ; OXCCLK=ACGwywAAAAAAAAAB; OXPCLK=AAIrxwAAAAAAAAAB; ppucnt=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 31 Aug 2022 19:19:13 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.redirect-pixel
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

ak.uncleffaan.com/4/4364419

23.36.77.11

200 OK

2.9 kB

URL HTTP/2
ak.uncleffaan.com/4/4364419
IP
23.36.77.11:0
ASN
#20940 Akamai International B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4265)
Size
2.9 kB (2852 bytes)
Hash
452ecf3b8fab68f2f69561757ce95eb5
05422550330aa7ecea531722d58b9f7be28a1526
f37b34c3a85aeea8fa01bf685cf5d967d347619f266ff6f93e678f179c9ba2f1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4/4364419 HTTP/1.1
Host: ak.uncleffaan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: 206e71d2b29ac316f9d6106fdb8ac38c
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <http://35.227.234.222>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-credentials: true
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-origin: *, *
access-control-allow-methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
content-encoding: gzip
vary: Accept-Encoding
x-akamai-transformed: 9 880 0 pmb=mRUM,1
expires: Wed, 31 Aug 2022 19:19:13 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 31 Aug 2022 19:19:13 GMT
content-length: 2852
set-cookie: OAID=d161347ed98240009a62e896c4e3b811; expires=Thu, 31 Aug 2023 19:19:13 GMT; path=/; secure; SameSite=None
oaidts=1661973553; expires=Thu, 31 Aug 2023 19:19:13 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=13
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 31 Aug 2022 19:17:12 GMT
Cache-Control: max-age=3600
Expires: Wed, 31 Aug 2022 19:47:29 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hsS9nIoeu6PMSWrWINB6QoJdRDkUCARauqcU9kAqEDfz2LF-hL2cXQ==
Age: 121

35.227.234.222/2/PU_NO_SB_DT_KINDRED?source=4364419&geo=NO&device_type=desktop&browser_type=firefox&os=linux&region=03&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:96.0)%20Gecko/20100101%20Firefox/96.0&language=en&connection_type=broadband&internet_provider=blix%20group%20as&carrier=?&rdk=rk1

35.227.234.222

302 Found

0 B

URL HTTP/1.1
35.227.234.222/2/PU_NO_SB_DT_KINDRED?source=4364419&geo=NO&device_type=desktop&browser_type=firefox&os=linux&region=03&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:96.0)%20Gecko/20100101%20Firefox/96.0&language=en&connection_type=broadband&internet_provider=blix%20group%20as&carrier=?&rdk=rk1
IP
35.227.234.222:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /2/PU_NO_SB_DT_KINDRED?source=4364419&geo=NO&device_type=desktop&browser_type=firefox&os=linux&region=03&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:96.0)%20Gecko/20100101%20Firefox/96.0&language=en&connection_type=broadband&internet_provider=blix%20group%20as&carrier=?&rdk=rk1 HTTP/1.1
Host: 35.227.234.222
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 31 Aug 2022 19:19:13 GMT
Content-Length: 0
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB
Via: 1.1 google

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
9bff5b388e91cc067521e4269f699c96
d20d93c4ed1b30a5e65d3a37c8873836a2e5c291
3eea78d8113b58b2df1579c2b97582cfa5a3fe5617254666cf7dce18ae78ae8e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 19:19:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 06:25:19 GMT
Expires: Mon, 05 Sep 2022 06:25:18 GMT
Etag: "d20d93c4ed1b30a5e65d3a37c8873836a2e5c291"
Cache-Control: max-age=384964,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74381dd508bdb503-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
83be4ca2ebb87af44323dd073807bc9e
3ef0ca2b0c351c7d1eb1b7f4daeba6453a632fc6
1ba9c4dbdbd577bf443bc6499ab1edb2e0ea3b382f529fdc2d98021276a3158b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4781
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:13 GMT
Last-Modified: Wed, 31 Aug 2022 17:59:32 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

s.go-mpulse.net/boomerang/2ZJU6-8B4L2-HQ548-68HPC-ZZTG5

23.195.254.218

200 OK

50 kB

URL HTTP/2
s.go-mpulse.net/boomerang/2ZJU6-8B4L2-HQ548-68HPC-ZZTG5
IP
23.195.254.218:0
ASN
#16625 AKAMAI-AS

File type
C source, ASCII text, with very long lines (65103)
Size
50 kB (50393 bytes)
Hash
8991c3ec80ec8fbc41382a55679e3911
8cc8cee91d671038acd9e3ae611517d6801b0909
f55bacd4a20fef96f5c736a912d1947be85c268df18003395e511c1e860e8800

HTTP Headers

GET /boomerang/2ZJU6-8B4L2-HQ548-68HPC-ZZTG5 HTTP/1.1
Host: s.go-mpulse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
content-encoding: br
last-modified: Mon, 11 Jul 2022 11:15:30 GMT
timing-allow-origin: *
vary: Accept-Encoding
x-n: S
content-length: 50393
date: Wed, 31 Aug 2022 19:19:13 GMT
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=merge&userId=d161347ed98240009a62e896c4e3b811

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=merge&userId=d161347ed98240009a62e896c4e3b811
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

POST /img.gif?f=merge&userId=d161347ed98240009a62e896c4e3b811 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Wed, 31 Aug 2022 19:19:13 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d161347ed98240009a62e896c4e3b811; expires=Thu, 31 Aug 2023 19:19:13 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ak.uncleffaan.com/favicon.ico

23.36.77.11

204 No Content

0 B

URL HTTP/2
ak.uncleffaan.com/favicon.ico
IP
23.36.77.11:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ak.uncleffaan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: OAID=d161347ed98240009a62e896c4e3b811; oaidts=1661973553
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
pragma: public
cache-control: public, must-revalidate, proxy-revalidate, max-age=2592000
date: Wed, 31 Aug 2022 19:19:13 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=24, origin; dur=25
X-Firefox-Spdy: h2

adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB

23.36.79.11

301 Moved Permanently

0 B

URL HTTP/2
adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB
IP
23.36.79.11:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 0
location: https://no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Wed, 31 Aug 2022 19:19:13 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 31 Aug 2022 19:19:13 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; domain=.unibet.com; expires=Fri, 31-Aug-3021 19:19:13 GMT; path=/; secure; SameSite=Strict
server-timing: edge; dur=1, origin; dur=114, cdn-cache; desc=MISS
X-Firefox-Spdy: h2

c.go-mpulse.net/api/config.json?key=2ZJU6-8B4L2-HQ548-68HPC-ZZTG5&d=ak.uncleffaan.com&t=5539912&v=1.720.0&sl=0&si=0210c72e-1e16-4b06-93fd-3a2a9a288472-rhhv01&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=812016

23.38.200.138

200 OK

51 B

URL HTTP/1.1
c.go-mpulse.net/api/config.json?key=2ZJU6-8B4L2-HQ548-68HPC-ZZTG5&d=ak.uncleffaan.com&t=5539912&v=1.720.0&sl=0&si=0210c72e-1e16-4b06-93fd-3a2a9a288472-rhhv01&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=812016
IP
23.38.200.138:0
ASN
#16625 AKAMAI-AS

File type
JSON data\012- , ASCII text
Size
51 B (51 bytes)
Hash
1660f4258f74afb15819f774f55ceff1
c199bdb261c4d36071020c59ee9bde50ec4a8b5e
032b59c84c01c62bdbdc17abbf0821bd29d7fbef05c4cc3106daac25f8ef61f4

HTTP Headers

GET /api/config.json?key=2ZJU6-8B4L2-HQ548-68HPC-ZZTG5&d=ak.uncleffaan.com&t=5539912&v=1.720.0&sl=0&si=0210c72e-1e16-4b06-93fd-3a2a9a288472-rhhv01&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=812016 HTTP/1.1
Host: c.go-mpulse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ak.uncleffaan.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Timing-Allow-Origin: *
Content-Length: 51
Date: Wed, 31 Aug 2022 19:19:13 GMT
Connection: keep-alive
Content-Type: application/json

no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950

85.184.96.0

301 Moved Permanently

0 B

URL HTTP/2
no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950
IP
85.184.96.0:0
ASN
#47171 Unibet Services Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950 HTTP/1.1
Host: no.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Wed, 31 Aug 2022 19:19:13 GMT
content-length: 0
location: https://no.unibet.com:443/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320669908%3A85891437-37950
set-cookie: JSESSIONID=node01g08bw32myb0f1ipf95h9gk48j4617424.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01g08bw32myb0f1ipf95h9gk48; Path=/; Domain=.unibet.com; Expires=Fri, 30-Aug-2024 19:19:13 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.com; Expires=Fri, 30-Aug-2024 19:19:13 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref=; Path=/; Domain=.unibet.com; Expires=Fri, 30-Aug-2024 19:19:13 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=42089986; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Wed, 31-Aug-2022 19:19:28 GMT; Max-Age=15; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=42089986; Secure; SameSite=None
B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=42089986; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=42089986; Secure; SameSite=None
PID=85891437; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=42089986; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=42089986; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=42089986; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Wed, 31-Aug-2022 19:19:28 GMT; Max-Age=15; Secure; SameSite=None
campaignId=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=42089986; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Wed, 31-Aug-2022 19:19:28 GMT; Max-Age=15; Secure; SameSite=None
clientId=polopoly_desktop; Domain=no.unibet.com; Path=/; SameSite=None; Secure
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Wed, 31 Aug 2022 19:19:13 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2

no.unibet.com/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320669908%3A85891437-37950

85.184.96.0

301 Moved Permanently

0 B

URL HTTP/2
no.unibet.com/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320669908%3A85891437-37950
IP
85.184.96.0:0
ASN
#47171 Unibet Services Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320669908%3A85891437-37950 HTTP/1.1
Host: no.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
date: Wed, 31 Aug 2022 19:19:13 GMT
content-length: 0
location: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Wed, 31 Aug 2022 19:19:13 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.39.57.61

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.57.61:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QJY8qdVf+ezpQw/30pJmhA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: u3LeENXw+6S90vZ4R1P21j2L6KI=

ocsp.securetrust.com/

23.36.79.25

200 OK

638 B

URL HTTP/1.1
ocsp.securetrust.com/
IP
23.36.79.25:0
ASN
#20940 Akamai International B.V.

File type
data
Size
638 B (638 bytes)
Hash
7ec1c6894cb55da0c2a23d4cd6bb4654
dc7b8045d72fe51b05ae468c469a555b62e07c09
f013bff5a6a7dfc1eba5dd4d87e19f5648ac21503b17d6ae2313212e6d287fad

HTTP Headers

POST / HTTP/1.1
Host: ocsp.securetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 638
Date: Wed, 31 Aug 2022 19:19:14 GMT
Connection: keep-alive

a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js

85.184.96.5

200 OK

956 B

URL HTTP/2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP
85.184.96.5:0
ASN
#47171 Unibet Services Limited

File type
ASCII text
Size
956 B (956 bytes)
Hash
fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47

HTTP Headers

GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
162103fea2d2770a892523dda40eb8d3
18fdbf868daac86329ddd87b5d70794108888c1f
6ef5338f6861732e340a5bbb77948cbc56fff65861dab47485e2aade1c3f94bb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fe244465a99d48f257a3dda7ab28c6b8
69c89374520ca54adda7fd15ccb069def5fb3663
8f9938ffef09d02563d617ac9ff1ce97b05c5bf52b64f6724b9f19a5e90965f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.10

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 10:07:37 GMT
expires: Thu, 31 Aug 2023 10:07:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 33097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

a1s.unibet.com/orval/tracking/lastclick.min.js

85.184.96.5

200 OK

1.3 kB

URL HTTP/2
a1s.unibet.com/orval/tracking/lastclick.min.js
IP
85.184.96.5:0
ASN
#47171 Unibet Services Limited

File type
data
Size
1.3 kB (1285 bytes)
Hash
2a1fcc1385767f840ca2b84c6090bf37
282e78e052c76e6e9536f765623d46f7b644a1bd
ec8da25977d3f710602d12701381358c93becd38d499b3a78555f6a9730f8f7e

HTTP Headers

GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/com-payments.svg

108.161.188.196

200 OK

12 kB

URL HTTP/2
welcome.unibet.com/no/pop/multisport/com-payments.svg
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type
data
Size
12 kB (12220 bytes)
Hash
8ea15b3bb07e094037c7afd1d5defb6a
0c4787e8fc8b70753cb92c54199742d24a46e569
f41327e0ac850b1553efa761d10268e4b6d8d2b49830887405480a43eb28af9e

HTTP Headers

GET /no/pop/multisport/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 20 Jun 2022 12:15:02 GMT
etag: W/"0x8DA52B680877D2F"
x-ms-request-id: 4e601d6a-a01e-006a-456e-bdca2a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2

172.67.169.247

200 OK

74 kB

URL HTTP/2
use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
IP
172.67.169.247:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Size
74 kB (74320 bytes)
Hash
3638e62ea50e6f5859b6a15276c25c87
f5aa1a463e223a294a42b314e1c63a614d594ec0
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9

HTTP Headers

GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: font/woff2
content-length: 74320
x-amz-id-2: Pzy+oZtpOYwCGlQ13GYUyQ9f+Mzkye+xVoDWqjfXSSrEi7ga+0v+kbTvf2CU9FSJlljX+6J1VkE=
x-amz-request-id: 8XVB626A1NJ7F2MA
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: "3638e62ea50e6f5859b6a15276c25c87"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1862489
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPbd%2BUEEsECjuK9g3m0pSR1zuHrNf6oFXtg%2FAbQunbibFG044yf8JE0nvnuexlnZnF5l8ZoJ5AhwjXn%2BNGP0ubE0SoCz4gs8eWjKhMhRQ9nCyoeCEmVf6zst9ZRwiR24jQajIMAr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74381ddae90a0b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/utv-logo.svg

108.161.188.196

200 OK

959 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/utv-logo.svg
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type
data
Size
959 B (959 bytes)
Hash
c1c9b5d3085bd8234c1b155103c91e35
e58fb8d2f756386b85abda85ed1f62c55b3b139a
6e18379b675d7da7ffe2c509ee840c297ee77e321fbb26ededbd8c0a22db422b

HTTP Headers

GET /no/pop/multisport/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: W/"0x8DA52B680312C74"
x-ms-request-id: 200a2d71-f01e-0058-646e-bdca5d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/1-background-black.jpg

108.161.188.196

200 OK

98 kB

URL HTTP/2
welcome.unibet.com/no/pop/multisport/1-background-black.jpg
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Size
98 kB (98453 bytes)
Hash
8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407

HTTP Headers

GET /no/pop/multisport/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: image/jpeg
content-length: 98453
cache-control: public, max-age=900, immutable
content-md5: jm2a9e8brf6Slbj8lnk8KA==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: "0x8DA52B6801D0B27"
x-ms-request-id: 47b014cb-401e-0072-216c-bd154d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/Unibet_Pro_2020.woff2

108.161.188.196

200 OK

11 kB

URL HTTP/2
welcome.unibet.com/no/pop/multisport/Unibet_Pro_2020.woff2
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type
Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Size
11 kB (10924 bytes)
Hash
0ea5bcff84ae44840b6e9c9d12c8b963
6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b

HTTP Headers

GET /no/pop/multisport/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: font/woff2
content-length: 10924
cache-control: public, max-age=900, immutable
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
last-modified: Mon, 20 Jun 2022 12:15:05 GMT
etag: "0x8DA52B682E2A11A"
x-ms-request-id: b842ac5f-501e-0041-566d-bd4ae6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e1a93e8c1857c6d3b244d14ff166ad5f
b85467e5e77a51099b6f25527c9885c75aeef344
8978f8d4b0ab30408ef69c42dcb528422b7bbabc2a87971d5aeb6b3080fafb4e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9829f3ffea1f304be0e54c722f9d5d40
f9609aa9bc142c1cff0788772b2bb1f9abc1dd70
1dcac98963add83d0646205786f56cc701574b69208cce02bb3ba1b080f8db73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Aug 2022 19:34:08 GMT
expires: Thu, 24 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 603906
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Aug 2022 19:34:21 GMT
expires: Thu, 24 Aug 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 603893
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 Aug 2022 02:02:22 GMT
expires: Sun, 27 Aug 2023 02:02:22 GMT
cache-control: public, max-age=31536000
age: 407812
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

welcome.unibet.com/widget/betslip/betslip.js

108.161.188.196

200 OK

83 kB

URL HTTP/2
welcome.unibet.com/widget/betslip/betslip.js
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type
data
Size
83 kB (83376 bytes)
Hash
0276269f5b9f2332ddae084b8dcd4bec
66f2e59798d8d1a6f2fad6b965c4404fa0d6d67a
912ae67708faec368289f4bf39c56d90018bf7de456ad07e42ef5df40c0dcb3f

HTTP Headers

GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: a255bb16-c01e-0043-016e-bdf45e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9829f3ffea1f304be0e54c722f9d5d40
f9609aa9bc142c1cff0788772b2bb1f9abc1dd70
1dcac98963add83d0646205786f56cc701574b69208cce02bb3ba1b080f8db73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0982b9e784a0a990d6318c92e33860a1
764377c393017e86d98a696da455509cba1806ac
27a19ec4ca0a052faface8ad45dca4d9a4a739c658d10f0e693aea065bdc607f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5f009d33c4359a47bd617eeacde2ea79
3a66704dc3029cb1c930bc8534d4a7d814f82904
b166cb1f4013e486f3cb498ada4ec8035a72dd4cb5794c7f53d5ef7a9ce61fb4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3206
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:14 GMT
Last-Modified: Wed, 31 Aug 2022 18:25:48 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1661973554337

52.31.4.32

200 OK

496 B

URL HTTP/1.1
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1661973554337
IP
52.31.4.32:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Size
496 B (496 bytes)
Hash
303432499e549f2619c024ee320aade2
e84521403e7a0f1a545dbc41fac558313ac16669
c842a62233bdb4d0e7ed83eee52b0a84d094b957f7a6a7191ca15aed0399cd52

HTTP Headers

GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1661973554337 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v038-0ca6c1a1c.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=88667122622107662251167438759561237259; Max-Age=15552000; Expires=Mon, 27 Feb 2023 19:19:14 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: Ey7agnokRrg=
Content-Length: 496
Connection: keep-alive

welcome.unibet.com/no/pop/multisport/app-store-ro.svg

108.161.188.196

200 OK

5.5 kB

URL HTTP/2
welcome.unibet.com/no/pop/multisport/app-store-ro.svg
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type
data
Size
5.5 kB (5467 bytes)
Hash
8db9d965690f8bc1cfd5004f5988adfc
2c6830e8e5ce4299588f049cb1a8d063cb87e466
8c5b6b04970a9fcb1e8b053649ddfb7a67b576f0b53e4c1a655fc58bf5116842

HTTP Headers

GET /no/pop/multisport/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68300D310"
x-ms-request-id: 86a44839-e01e-006b-566d-bd95f6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/gambling-commission.png

108.161.188.196

301 Moved Permanently

178 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/gambling-commission.png
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /no/pop/multisport/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 301 Moved Permanently
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: text/html
content-length: 178
location: https://www.unibet.com/
server: NetDNA-cache/2.2
x-cache: MISS
X-Firefox-Spdy: h2

unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=88636977550322053221170195569924697744&ts=1661973554504

15.188.95.229

200 OK

2 B

URL HTTP/2
unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=88636977550322053221170195569924697744&ts=1661973554504
IP
15.188.95.229:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=88636977550322053221170195569924697744&ts=1661973554504 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://welcome.unibet.com
access-control-allow-credentials: true
date: Wed, 31 Aug 2022 19:19:14 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/1-main.js

108.161.188.196

200 OK

4.5 kB

URL HTTP/2
welcome.unibet.com/no/pop/multisport/1-main.js
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type
HTML document, Unicode text, UTF-8 text, with very long lines (550)
Size
4.5 kB (4470 bytes)
Hash
73adba1844f49091f638074fa36b687b
61e841d08a1a589175c95935ad87ca5615537cb9
e952562a91e4839b33b982050420173fb992b924fc31ceb4c6e3a6e7b44b82b4

HTTP Headers

GET /no/pop/multisport/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68343779E"
x-ms-request-id: 630547ae-b01e-0004-736d-bd9f05000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/favicon.ico

108.161.188.196

200 OK

421 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/favicon.ico
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type
PNG image data, 33 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size
421 B (421 bytes)
Hash
ad2d9f441c6692a806c7b427bb3e536d
4978e1ffc5b62c3e2231d22aeb8f7ac679764abe
95efe0e48a145adb6c6c385cecb0e2a7a3dd2e9a3f7a01ca0647e373602770ed

HTTP Headers

GET /no/pop/multisport/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19236%7CMCMID%7C88636977550322053221170195569924697744%7CMCAAMLH-1662578354%7C6%7CMCAAMB-1662578354%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1661980754s%7CNONE%7CvVersion%7C4.4.0; sessionPageNumber=1; AMCVS_F431E3BC5593E3887F000101%40AdobeOrg=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: image/x-icon
content-length: 421
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Mon, 20 Jun 2022 12:15:00 GMT
etag: "0x8DA52B67FC5A91F"
x-ms-request-id: 6ef5ba77-e01e-0054-336c-bd5d55000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.unibet.com/

85.184.96.0

200 OK

15 kB

URL HTTP/2
www.unibet.com/
IP
85.184.96.0:0
ASN
#47171 Unibet Services Limited

File type
data
Size
15 kB (15305 bytes)
Hash
d3bd939ef0ac8cf676e0601bd1dc5b34
28e963cc6e0632cb011dfc9d8b2a4fb1daf74499
bbda07ddb6c460f84220244a9ec95137eead3f4a916cef01e830d1affb7e39fc

HTTP Headers

GET / HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19236%7CMCMID%7C88636977550322053221170195569924697744%7CMCAAMLH-1662578354%7C6%7CMCAAMB-1662578354%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1661980754s%7CNONE%7CvVersion%7C4.4.0; AMCVS_F431E3BC5593E3887F000101%40AdobeOrg=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: text/html;charset=utf-8
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=10
expires: Wed, 31 Aug 2022 11:05:12 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
set-cookie: clientId=polopoly_desktop; Domain=www.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

secure.adnxs.com/seg?add=9755599

185.89.210.82

307 Redirection

0 B

URL HTTP/1.1
secure.adnxs.com/seg?add=9755599
IP
185.89.210.82:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 31 Aug 2022 19:19:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 07249e14-b452-4e3d-a86e-0a37cd863bdc
Set-Cookie: uuid2=1265466620211339384; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 29-Nov-2022 19:19:14 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s64684917792461?AQB=1&ndh=1&pf=1&t=31%2F7%2F2022%2019%3A19%3A14%203%200&mid=88636977550322053221170195569924697744&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320669908%3A85891437-37950%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26bid%3D37950%26campaignId%3D2750545%26pid%3D85891437&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320669908%3A85891437-37950%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26bid%3D37950%26campaignId%3D2750545%26pid%3D85891437&v1=welcome.unibet.com%3A%3A%3Adesktop%3Ano%3Apop%3Amultisport%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=7%3A19%20PM%7CWednesday&v6=7%3A19%20PM%7CWednesday&v11=GBP&c14=New&v14=New&c16=1661973554&v21=Not%20Logged-In&c73=unibet&v120=affiliate&v121=1%3A320669908%3A85891437-37950&v122=NONE&v124=2750545&v125=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&v126=85891437&v127=37950&v134=1661973554&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1

15.188.95.229

200 OK

43 B

URL HTTP/2
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s64684917792461?AQB=1&ndh=1&pf=1&t=31%2F7%2F2022%2019%3A19%3A14%203%200&mid=88636977550322053221170195569924697744&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320669908%3A85891437-37950%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26bid%3D37950%26campaignId%3D2750545%26pid%3D85891437&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320669908%3A85891437-37950%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26bid%3D37950%26campaignId%3D2750545%26pid%3D85891437&v1=welcome.unibet.com%3A%3A%3Adesktop%3Ano%3Apop%3Amultisport%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=7%3A19%20PM%7CWednesday&v6=7%3A19%20PM%7CWednesday&v11=GBP&c14=New&v14=New&c16=1661973554&v21=Not%20Logged-In&c73=unibet&v120=affiliate&v121=1%3A320669908%3A85891437-37950&v122=NONE&v124=2750545&v125=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&v126=85891437&v127=37950&v134=1661973554&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP
15.188.95.229:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 2 x 2\012- data
Size
43 B (43 bytes)
Hash
ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

HTTP Headers

GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s64684917792461?AQB=1&ndh=1&pf=1&t=31%2F7%2F2022%2019%3A19%3A14%203%200&mid=88636977550322053221170195569924697744&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320669908%3A85891437-37950%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26bid%3D37950%26campaignId%3D2750545%26pid%3D85891437&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320669908%3A85891437-37950%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26bid%3D37950%26campaignId%3D2750545%26pid%3D85891437&v1=welcome.unibet.com%3A%3A%3Adesktop%3Ano%3Apop%3Amultisport%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=7%3A19%20PM%7CWednesday&v6=7%3A19%20PM%7CWednesday&v11=GBP&c14=New&v14=New&c16=1661973554&v21=Not%20Logged-In&c73=unibet&v120=affiliate&v121=1%3A320669908%3A85891437-37950&v122=NONE&v124=2750545&v125=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&v126=85891437&v127=37950&v134=1661973554&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
date: Wed, 31 Aug 2022 19:19:14 GMT
expires: Tue, 30 Aug 2022 19:19:14 GMT
last-modified: Thu, 01 Sep 2022 19:19:14 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3569061032162820096-4619739284739599610
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599

185.89.210.82

200 OK

43 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP
185.89.210.82:0
ASN
#29990 ASN-APPNEX

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

HTTP Headers

GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 31 Aug 2022 19:19:14 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: f6a8cd53-8bdd-485f-a1e2-d0c61c2e35cb
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2In5dZ^jg!]tbP6j2F-XstGt!@E.?%(Wbd; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 29-Nov-2022 19:19:14 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

script.crazyegg.com/pages/versioned/common-scripts/f0ea59b706193b189a5effb0b5ea05bc.js

104.19.147.8

200 OK

30 kB

URL HTTP/2
script.crazyegg.com/pages/versioned/common-scripts/f0ea59b706193b189a5effb0b5ea05bc.js
IP
104.19.147.8:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (26535)
Size
30 kB (30287 bytes)
Hash
baa8d7c0b0d111814046bb60f5860fb6
622b7b60c82e7a228b3f397a0c3e3da99def9451
022aabe43d0603bab86fa677997da698e702a9b07473f995f67214ed0d82e272

HTTP Headers

GET /pages/versioned/common-scripts/f0ea59b706193b189a5effb0b5ea05bc.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: text/javascript
content-length: 30287
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Thu, 25 Aug 2022 14:04:42 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 28443
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74381ddebe100afa-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18731
Expires: Thu, 01 Sep 2022 00:31:26 GMT
Date: Wed, 31 Aug 2022 19:19:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18731
Expires: Thu, 01 Sep 2022 00:31:26 GMT
Date: Wed, 31 Aug 2022 19:19:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18731
Expires: Thu, 01 Sep 2022 00:31:26 GMT
Date: Wed, 31 Aug 2022 19:19:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18731
Expires: Thu, 01 Sep 2022 00:31:26 GMT
Date: Wed, 31 Aug 2022 19:19:15 GMT
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
e65ebf3af84e4fb330bfa5b63ae0972d
c0d201c75fe9507cd4c5452620d988fc20c282a2
55d0b4402edbef49d60378367ab8089eb30dd73723fece29df3c9ba380f52737

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 31 Aug 2022 19:19:14 GMT
Last-Modified: Wed, 31 Aug 2022 19:10:57 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ocl0fASj2HpusCkO3DD4VHsP5KuhgdR_e_Cwvc-OcA1HfiFaCzVbig==
Age: 497

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5079 bytes)
Hash
5c3b7580a37e6eb7e5bd18491f1d4dd6
288b82ad8f924eb9570ae1c55da84d041f862366
046d1ef76448c53446068ef5f8315b7299484996cdebfd9d1e749b4ded9c7d3c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5079
x-amzn-requestid: 3b19c77a-2e9b-499f-890b-36fc4ee72ba7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslOVEtZIAMFv1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e825b-01b7b71617b59f7414a0e5e5;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zYT0vF7Bxa5m84D12jI2w_A-MzR3wIMBOb0ubTEdNMlpYUes5aYdlQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:44:23 GMT
age: 77692
etag: "288b82ad8f924eb9570ae1c55da84d041f862366"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=461659

104.19.147.8

200 OK

143 B

URL HTTP/2
script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=461659
IP
104.19.147.8:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
143 B (143 bytes)
Hash
609da830fb911b25dc976f07b497283e
ad79a59045ebc9dba13e5c726e661e2799b7fbb6
59398cf159444d91c9e41f15110d862d63e092af6dc60c427986431526f7777e

HTTP Headers

GET /pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=461659 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:15 GMT
content-type: application/json
content-length: 143
access-control-expose-headers: CE-Version
ce-version: 11.4.2
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Wed, 31 Aug 2022 13:24:15 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 21300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74381ddf0e5e0afa-OSL
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4a0e321-c414-4af7-9075-ed1965872194.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5911 bytes)
Hash
084c7b9f1244ec72236ab517787af1e2
18d7ffa17365f5f43f3ed702ef2ba80d9a7a12cb
2ea7697ebc332bec201ffeaed54a738869b6c64784916574db2c7e6a7990fb3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4a0e321-c414-4af7-9075-ed1965872194.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5911
x-amzn-requestid: ff3b12df-1798-40bb-bf02-ad198710da96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XdcGHFGYoAMFw_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630873c0-00cd86e97d0687c702a49ecb;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 07:18:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bdUkkt8QyTXI_NN4R4tJ3pGrDwNpoLC_aS17xUIe7623fE5xNQucrw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:59:37 GMT
age: 76778
etag: "18d7ffa17365f5f43f3ed702ef2ba80d9a7a12cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d2b8cd4-2da8-44e6-9499-b1190e129379.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6266 bytes)
Hash
9843fcd5eb49c75b942e3dd042f3a931
ff6de19656bc0ee5649c1367448116a9576a690a
8e9679e05e1b2194e44a962a19f226793b5d7fc2334df64f8dd560498532ad3a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d2b8cd4-2da8-44e6-9499-b1190e129379.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6266
x-amzn-requestid: 82231f45-328a-479a-b346-108fe6a0c190
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjU6bEP5IAMFaGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630acea8-6545154a39b44bb04d3bc18c;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 02:10:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P_a-E2SVJUpYrlOzoX9kDtHoAeyEpcqEXau-5wDupR-9AAk3gQgaHQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 10:00:10 GMT
age: 33545
etag: "ff6de19656bc0ee5649c1367448116a9576a690a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8009 bytes)
Hash
6b2c036e67f8c39c136f6c69b0922eb1
98e27f0dafd7b1b49e159ee038b41a811096a2d0
9dc9e00e6f63a22dd85f54ba26326a9733f6c1d7a19c7b1636f14fca2722e6eb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8009
x-amzn-requestid: 6d716dae-efa3-449a-a505-fb5f3d99c2df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XsvlaFEaoAMFwDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e92ef-708228ce7e1fb3cb770cb490;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 22:45:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 03y3JoF38R7gjBYS3gHyOsivob68ykKlwvAIFEwiat2FjYfKWh-afA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 22:47:54 GMT
age: 73881
etag: "98e27f0dafd7b1b49e159ee038b41a811096a2d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb21182a7-c320-4c58-9822-7605821e65a5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5910 bytes)
Hash
7dcb5acc5186b678254184c5dac12079
d7c84b42a0dd5b86a0668127698fd5f25b647fcb
8173103eda58bf2f1af2d077fc90c2c1b6d2a93265092a9c3152b686e05a4f9d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb21182a7-c320-4c58-9822-7605821e65a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5910
x-amzn-requestid: 935b97da-1473-4863-bad2-a732709de9d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslNHEfTIAMFWrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e8253-150847db7280350c19e2e464;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0RN7uc1rCMPWabmuO7QRLxIQ2mv0PFqTfL-dF7a6a3i1gFn0TtF8Nw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:45:19 GMT
age: 77636
etag: "d7c84b42a0dd5b86a0668127698fd5f25b647fcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F97b6b2d0-435f-4820-aacb-843f0a7a375e.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11115 bytes)
Hash
5f4b18b62ff275079a412349f454f66c
3638ba3ef38c4aaeb31a12bb61aaf90034915954
d825ce440863c9a53cee3a8d0f2ca2d41e2e9176ee1234d3dd0ae861f047b031

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F97b6b2d0-435f-4820-aacb-843f0a7a375e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11115
x-amzn-requestid: 11b741c1-55f5-4c28-bbf9-bd828ed204b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xkns8G8cIAMFRAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b531f-1d56c9401b90dc206b010d08;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 11:35:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4CIqSMm5XXWISAncsk_wwHBlIO6Ll4BH3FT6tN7qEM1EDtFLr7_RLA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 04:01:00 GMT
age: 55095
etag: "3638ba3ef38c4aaeb31a12bb61aaf90034915954"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cm.everesttech.net/cm/dd?d_uuid=88667122622107662251167438759561237259

52.17.253.32

302

0 B

URL HTTP/1.1
cm.everesttech.net/cm/dd?d_uuid=88667122622107662251167438759561237259
IP
52.17.253.32:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cm/dd?d_uuid=88667122622107662251167438759561237259 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 
Date: Wed, 31 Aug 2022 19:19:15 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Yw_0MwAAAKBYNwOV; Domain=.everesttech.net; Expires=Thu, 31-Aug-2023 19:19:15 GMT; Path=/
everest_session_v2="Yw@0MwAAAKBYOAOV"; Version=1; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yw_0MwAAAKBYNwOV
Server: AMO-cookiemap/1.1

pagestates-tracking.crazyegg.com/healthcheck

54.230.111.77

200 OK

19 B

URL HTTP/2
pagestates-tracking.crazyegg.com/healthcheck
IP
54.230.111.77:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text
Size
19 B (19 bytes)
Hash
d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

HTTP Headers

GET /healthcheck HTTP/1.1
Host: pagestates-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Mon, 11 Jul 2022 15:00:41 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XQs2H7gLTlhIbcm6k-EK15Jw19zE6ZPSkVz_bEKuUKjkMQBHN26qzg==
age: 4421915
X-Firefox-Spdy: h2

assets-tracking.crazyegg.com/healthcheck

54.230.111.63

200 OK

19 B

URL HTTP/2
assets-tracking.crazyegg.com/healthcheck
IP
54.230.111.63:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text
Size
19 B (19 bytes)
Hash
d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

HTTP Headers

GET /healthcheck HTTP/1.1
Host: assets-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Mon, 11 Jul 2022 15:01:20 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VOhJuZxYNJJqyfUkVesXtpVL9o72fOvP-AbdORxazavZY06EJkRmjQ==
age: 4421876
X-Firefox-Spdy: h2

dpm.demdex.net/ibs:dpid=411&dpuuid=Yw_0MwAAAKBYNwOV

52.31.4.32

302 Found

0 B

URL HTTP/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Yw_0MwAAAKBYNwOV
IP
52.31.4.32:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ibs:dpid=411&dpuuid=Yw_0MwAAAKBYNwOV HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v038-0081e3a6f.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Yw_0MwAAAKBYNwOV
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=02861838443776754272470107732789058603; Max-Age=15552000; Expires=Mon, 27 Feb 2023 19:19:15 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 7H3GMYapSvk=
Content-Length: 0
Connection: keep-alive

dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Yw_0MwAAAKBYNwOV

52.31.4.32

200 OK

59 B

URL HTTP/1.1
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Yw_0MwAAAKBYNwOV
IP
52.31.4.32:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
59 B (59 bytes)
Hash
1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13

HTTP Headers

GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Yw_0MwAAAKBYNwOV HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v038-019009321.edge-irl1.demdex.com 8 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 1sDn2AgaR2U=
Content-Length: 59
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
2817bb3e9fe5b22071185edea2b716b4
71b9b6da95d7b59a91e4cb32a53925ef4570af5f
98bb7a64052511c8bca65098c844240d86672a8b69e54d6c401a838a61848566

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 31 Aug 2022 19:19:15 GMT
Last-Modified: Wed, 31 Aug 2022 17:39:44 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QydhL6Xezgn-iR2LM_6M-SMB8WS1qIemhAip-eraaFtvqZaKL2rKWw==
Age: 5971

tracking.crazyegg.com/clock?t=1661973554971

54.229.197.178

200 OK

26 B

URL HTTP/2
tracking.crazyegg.com/clock?t=1661973554971
IP
54.229.197.178:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
1fdd1121dd709487a14b2549fae4df48
a39f4cfa09c908c6fd819fd8c5395e9d77350eb7
83eee2997a6b1bdbc1a289e73fd3c9ff8b8605e013dbe8a3125dc68111d1d689

HTTP Headers

GET /clock?t=1661973554971 HTTP/1.1
Host: tracking.crazyegg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: awselb/2.0
date: Wed, 31 Aug 2022 19:19:15 GMT
content-type: text/plain
content-length: 26
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/icon-expert.svg

108.161.188.196

200 OK

0 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/icon-expert.svg
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /no/pop/multisport/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B6820929CB"
x-ms-request-id: dfb5163d-b01e-0066-5d6e-bd5d22000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

script.crazyegg.com/pages/scripts/0012/9242.js?461659

104.19.147.8

200 OK

0 B

URL HTTP/2
script.crazyegg.com/pages/scripts/0012/9242.js?461659
IP
104.19.147.8:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pages/scripts/0012/9242.js?461659 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.4.2
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=5639
last-modified: Wed, 31 Aug 2022 13:24:15 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 21299
vary: Accept-Encoding
server: cloudflare
cf-ray: 74381dddfd460afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

jewgn8une.com/?r=dir&zoneid=1823498&pb=00b8f27899fafcbecf776951dd67cb141661980752&psp=NBgrzxBlz_TpZw9gWWkP6ImfDLnAI_-pJC8pQ76UshC4a5jD0km8KHoR8YcgmzD53CeBqws0z_utYZ_AIye6t-TeXnIYaZxgcbpgYuSbjPOxLublKBFSN1T5zcT6Lm4GqTljkGFlHcqx_NnVpH_s4B3d2YK7AnHZB_hPQ3eT1aQZtVsmtRKypp9-FWWAZGlwMAuxOhTa96YWXNduOmnQ6F7FPW7rjip60Mk88VCx_cDfIAspznGTmS2IA0kbytXUXx3jDthf7-Kt7uJaowGwkYpJjcddpX2g52clHcs-GI1ZkJXg1Mg5OokVBnVFfLA9GdjDJkJrzqAIP9i6UYm6msNzZ-mE8w9f71tuHpCAT1_827j7qpHNYjZ7JWO0IKIbSF4-h7CO2EMxZTq4LOamLzdP5wOP_J0UdAtrbsd-zq5c4vwuVom77J0=&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=516&rlp=%5B0%2C2%2C24%2C0%2C5%2C119%2C139%2C119%5D

62.122.171.6

200 OK

0 B

URL HTTP/2
jewgn8une.com/?r=dir&zoneid=1823498&pb=00b8f27899fafcbecf776951dd67cb141661980752&psp=NBgrzxBlz_TpZw9gWWkP6ImfDLnAI_-pJC8pQ76UshC4a5jD0km8KHoR8YcgmzD53CeBqws0z_utYZ_AIye6t-TeXnIYaZxgcbpgYuSbjPOxLublKBFSN1T5zcT6Lm4GqTljkGFlHcqx_NnVpH_s4B3d2YK7AnHZB_hPQ3eT1aQZtVsmtRKypp9-FWWAZGlwMAuxOhTa96YWXNduOmnQ6F7FPW7rjip60Mk88VCx_cDfIAspznGTmS2IA0kbytXUXx3jDthf7-Kt7uJaowGwkYpJjcddpX2g52clHcs-GI1ZkJXg1Mg5OokVBnVFfLA9GdjDJkJrzqAIP9i6UYm6msNzZ-mE8w9f71tuHpCAT1_827j7qpHNYjZ7JWO0IKIbSF4-h7CO2EMxZTq4LOamLzdP5wOP_J0UdAtrbsd-zq5c4vwuVom77J0=&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=516&rlp=%5B0%2C2%2C24%2C0%2C5%2C119%2C139%2C119%5D
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?r=dir&zoneid=1823498&pb=00b8f27899fafcbecf776951dd67cb141661980752&psp=NBgrzxBlz_TpZw9gWWkP6ImfDLnAI_-pJC8pQ76UshC4a5jD0km8KHoR8YcgmzD53CeBqws0z_utYZ_AIye6t-TeXnIYaZxgcbpgYuSbjPOxLublKBFSN1T5zcT6Lm4GqTljkGFlHcqx_NnVpH_s4B3d2YK7AnHZB_hPQ3eT1aQZtVsmtRKypp9-FWWAZGlwMAuxOhTa96YWXNduOmnQ6F7FPW7rjip60Mk88VCx_cDfIAspznGTmS2IA0kbytXUXx3jDthf7-Kt7uJaowGwkYpJjcddpX2g52clHcs-GI1ZkJXg1Mg5OokVBnVFfLA9GdjDJkJrzqAIP9i6UYm6msNzZ-mE8w9f71tuHpCAT1_827j7qpHNYjZ7JWO0IKIbSF4-h7CO2EMxZTq4LOamLzdP5wOP_J0UdAtrbsd-zq5c4vwuVom77J0=&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=516&rlp=%5B0%2C2%2C24%2C0%2C5%2C119%2C139%2C119%5D HTTP/1.1
Host: jewgn8une.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 31 Aug 2022 19:19:13 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-route-id: redirect.dl
set-cookie: UID=2208311419966f9d56f176426aaf7fa39c8f; Path=/; Expires=Thu, 31 Aug 2023 19:19:12 GMT; HttpOnly; Secure; SameSite=None
OACCAP=ACGwywAAAAAAAAAB; Path=/; Expires=Fri, 30 Sep 2022 19:19:13 GMT; Secure; SameSite=None
OACBLOCK=ACGwywAAAABjDurQ; Path=/; Expires=Fri, 30 Sep 2022 19:19:13 GMT; Secure; SameSite=None
OXCCLK=ACGwywAAAAAAAAAB; Path=/; Expires=Thu, 01 Sep 2022 19:19:13 GMT; Secure; SameSite=None
OXPCLK=AAIrxwAAAAAAAAAB; Path=/; Expires=Thu, 01 Sep 2022 19:19:13 GMT; Secure; SameSite=None
ppucnt=1; Path=/; Expires=Thu, 01 Sep 2022 19:19:13 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

welcome.unibet.com/custom.js

108.161.188.196

200 OK

0 B

URL HTTP/2
welcome.unibet.com/custom.js
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: 556a86d6-c01e-001e-2215-bdfeda000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/unibet-logo.svg

108.161.188.196

200 OK

0 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/unibet-logo.svg
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /no/pop/multisport/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: W/"0x8DA52B6805B919A"
x-ms-request-id: bc63e0cf-201e-0016-196e-bde4d5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/app-sports-icon.svg

108.161.188.196

200 OK

0 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/app-sports-icon.svg
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /no/pop/multisport/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B682FA1D49"
x-ms-request-id: e1145bc6-d01e-004f-706e-bd6356000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/icon-trust.svg

108.161.188.196

200 OK

0 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/icon-trust.svg
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /no/pop/multisport/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B68201D7DE"
x-ms-request-id: 6dd336e5-101e-000d-656d-bddad6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/icon-sports.svg

108.161.188.196

200 OK

0 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/icon-sports.svg
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /no/pop/multisport/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B682395A83"
x-ms-request-id: 4e5f574a-a01e-006a-3a6d-bdca2a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg

104.16.171.188

200 OK

0 B

URL HTTP/2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP
104.16.171.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:15 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 178
vary: Accept-Encoding
server: cloudflare
cf-ray: 74381ddf8987b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg

104.16.171.188

200 OK

0 B

URL HTTP/2
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP
104.16.171.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:15 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 178
vary: Accept-Encoding
server: cloudflare
cf-ray: 74381ddf9998b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437

108.161.188.196

200 OK

0 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: NGkNgKvE41ztpclvs1gdSA==
last-modified: Mon, 20 Jun 2022 12:15:00 GMT
etag: W/"0x8DA52B67FA63ED8"
x-ms-request-id: a250bd3b-c01e-0043-016c-bdf45e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/read_json.js

108.161.188.196

200 OK

0 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/read_json.js
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /no/pop/multisport/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B6834CEC1B"
x-ms-request-id: ab40f5ee-901e-004e-0e6e-bd3c8a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg

104.16.171.188

200 OK

0 B

URL HTTP/2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP
104.16.171.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:15 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 203
vary: Accept-Encoding
server: cloudflare
cf-ray: 74381ddf9991b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/google-play-ro.svg

108.161.188.196

200 OK

0 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/google-play-ro.svg
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /no/pop/multisport/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68307D6EA"
x-ms-request-id: 6ca45cd1-f01e-0077-4b6d-bdc796000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,500

216.58.211.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 31 Aug 2022 19:19:14 GMT
date: Wed, 31 Aug 2022 19:19:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.7.1/css/all.css

172.67.169.247

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.7.1/css/all.css
IP
172.67.169.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: text/css
x-amz-id-2: two71MZ5TpkTpFGIUMPhG3w461PdnkgDGgz27zq6i0Qpvw3joR7rDh9C0IttlYdL7ZaWe4KhN1g=
x-amz-request-id: CV7TMK6K5EDKVGFA
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2136172
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrutsHeNt1wzbk%2BYPVw7G7TNcLKY5h1i6%2FldaQa23%2BHehz11xoOMid8dXThEtm1SqspM1nel5gzQ6%2BHuAzL4UCghGwcdbCcIyU765BgTlQWCR7MjxrKVZKWk%2FmEkAW3MTf8xYY8Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74381dd9cf6c0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/1-styles.css

108.161.188.196

200 OK

0 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/1-styles.css
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /no/pop/multisport/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320669908:85891437-37950&btag=320669908_568B57951E0F451D88DF5A5E9BF6BCF1&bid=37950&campaignId=2750545&pid=85891437
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1661973553552)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20228311919%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228021162256%7c1%22%7d%5d; __ucbt=node01g08bw32myb0f1ipf95h9gk48; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_568B57951E0F451D88DF5A5E9BF6BCF1; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_568B57951E0F451D88DF5A5E9BF6BCF1%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:14 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Mon, 20 Jun 2022 12:15:00 GMT
etag: W/"0x8DA52B67FB09D8F"
x-ms-request-id: 320eede5-101e-006f-5d6e-bd18f1000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (46)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations