Overview

URL pkgo.fullpcgames.xyz/
IP69.16.230.42
ASNLIQUIDWEB
Location United States
Report completed2022-10-04 14:42:16 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 pkgo.fullpcgames.xyz/ Malware
2022-10-04 2 ww1.fullpcgames.xyz/ Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (37)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-10-04 07:51:20 UTC 93.184.220.29
mnemonic passive DNS a1s.unibet.com (2) 297625 2017-01-30 00:44:42 UTC 2022-10-04 11:07:51 UTC 85.184.96.5
mnemonic passive DNS ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-10-04 04:17:09 UTC 142.250.74.3
mnemonic passive DNS unibetlondonltd.d3.sc.omtrdc.net (2) 444877 2017-01-29 21:05:05 UTC 2022-10-04 11:07:54 UTC 15.236.176.210
mnemonic passive DNS r3.o.lencr.org (8) 344 2020-12-02 08:52:13 UTC 2022-10-04 04:17:22 UTC 23.36.76.226
mnemonic passive DNS xml.sedodna.com (1) 278378 2020-10-22 08:18:03 UTC 2022-10-04 06:24:04 UTC 173.239.53.32
mnemonic passive DNS a1s-cdn.unibet.com (1) 283505 2014-04-23 15:07:51 UTC 2022-10-04 11:07:49 UTC 85.184.96.5
mnemonic passive DNS dpm.demdex.net (3) 204 2017-01-30 04:59:39 UTC 2022-10-04 04:17:45 UTC 54.229.34.254
mnemonic passive DNS img.sedoparking.com (1) 54200 2013-04-22 22:23:29 UTC 2022-10-04 06:20:46 UTC 205.234.175.175
mnemonic passive DNS vatcalf.com (2) 0 2022-09-15 21:58:42 UTC 2022-10-04 14:06:05 UTC 192.243.61.228 Unknown ranking
mnemonic passive DNS no.unibet.com (4) 201503 2012-07-26 09:42:52 UTC 2022-10-04 07:07:06 UTC 85.184.96.0
mnemonic passive DNS ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-10-04 13:58:02 UTC 142.250.74.74
mnemonic passive DNS www.unibet.com (1) 318338 2014-04-29 01:07:51 UTC 2022-10-04 07:26:29 UTC 85.184.96.0
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-10-04 09:37:43 UTC 142.250.74.168
mnemonic passive DNS pagestates-tracking.crazyegg.com (1) 3647 2020-10-26 19:42:04 UTC 2022-10-04 05:46:23 UTC 54.230.111.20
mnemonic passive DNS assets-tracking.crazyegg.com (1) 3651 2021-10-27 14:05:49 UTC 2022-10-04 05:46:23 UTC 54.230.111.114
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-04 09:13:54 UTC 143.204.55.27
mnemonic passive DNS bannerflow-feed-builder.azurewebsites.net (1) 659103 2017-11-23 13:27:15 UTC 2022-10-04 09:18:55 UTC 104.40.147.180
mnemonic passive DNS cdn.bannerflow.com (3) 23819 2018-02-22 12:57:21 UTC 2022-10-04 09:04:12 UTC 104.16.171.188
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-10-04 09:46:16 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS tracking.crazyegg.com (1) 3633 2020-03-10 07:15:05 UTC 2022-10-04 05:46:23 UTC 54.171.173.69
mnemonic passive DNS use.fontawesome.com (2) 942 2017-01-30 04:43:25 UTC 2022-10-04 04:24:33 UTC 172.64.133.15
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-04 04:16:51 UTC 34.117.237.239
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-04 04:45:06 UTC 52.89.255.30
mnemonic passive DNS ww1.fullpcgames.xyz (4) 0 2022-03-18 04:28:55 UTC 2022-09-22 12:51:30 UTC 64.190.63.136 Unknown ranking
mnemonic passive DNS cm.everesttech.net (1) 996 2017-01-30 04:59:57 UTC 2022-10-04 05:06:21 UTC 54.74.40.111
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-04 04:29:41 UTC 34.160.144.191
mnemonic passive DNS unibet.demdex.net (1) 338024 2017-01-30 05:50:24 UTC 2022-10-04 10:49:17 UTC 52.209.199.248
mnemonic passive DNS secure.adnxs.com (2) 396 2012-05-22 16:37:37 UTC 2022-10-04 04:18:05 UTC 185.89.210.212
mnemonic passive DNS adserving.unibet.com (1) 98000 2015-05-26 06:56:53 UTC 2022-10-04 06:14:22 UTC 23.36.79.11
mnemonic passive DNS welcome.unibet.com (17) 242429 2017-01-30 05:39:28 UTC 2022-10-04 11:07:49 UTC 108.161.188.196
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.156
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-04 11:55:48 UTC 142.250.74.10
mnemonic passive DNS pkgo.fullpcgames.xyz (1) 0 2016-09-18 10:03:42 UTC 2022-10-04 10:10:12 UTC 69.16.230.42 Unknown ranking
mnemonic passive DNS ocsp.securetrust.com (1) 18792 2019-12-23 03:05:54 UTC 2022-10-04 07:16:02 UTC 23.36.79.25
mnemonic passive DNS script.crazyegg.com (5) 1992 2015-01-07 19:40:26 UTC 2022-10-04 05:46:22 UTC 104.19.147.8
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-04 04:18:32 UTC 34.120.237.76


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 69.16.230.42

Date UQ / IDS / BL URL IP
2022-11-27 13:46:20 +0000
0 - 0 - 1 mbooknom.com/book-es.php?id=639479&src=aeroba (...) 69.16.230.42
2022-11-27 13:43:06 +0000
0 - 0 - 1 exclusiveloader.com/?op=payments&amount=15.00 (...) 69.16.230.42
2022-11-27 07:51:18 +0000
0 - 0 - 17 www.filediva.com/results.php?search=www+video (...) 69.16.230.42
2022-11-27 06:27:29 +0000
0 - 0 - 1 autodiscover.btcnos.com/ 69.16.230.42
2022-11-26 11:44:13 +0000
0 - 0 - 1 alk.luwnln.com/ 69.16.230.42

Last 5 reports on ASN: LIQUIDWEB

Date UQ / IDS / BL URL IP
2022-11-27 14:31:22 +0000
0 - 0 - 4 www.jbcarpages.com/ 69.16.217.162
2022-11-27 13:59:09 +0000
0 - 0 - 1 www.shiron.net/artist?prfid=968&lang=1 50.28.56.190
2022-11-27 13:55:11 +0000
0 - 0 - 1 buycake.online/ 72.52.179.174
2022-11-27 13:49:42 +0000
0 - 0 - 15 www.siniy.ws/tag/lenny 69.16.231.59
2022-11-27 13:46:20 +0000
0 - 0 - 1 mbooknom.com/book-es.php?id=639479&src=aeroba (...) 69.16.230.42

Last 4 reports on domain: fullpcgames.xyz

Date UQ / IDS / BL URL IP
2022-11-11 14:14:08 +0000
0 - 0 - 2 fullpcgames.xyz/ 69.16.230.42
2022-10-04 14:42:16 +0000
0 - 0 - 2 pkgo.fullpcgames.xyz/ 69.16.230.42
2022-09-22 12:51:39 +0000
0 - 0 - 2 pkgo.fullpcgames.xyz/ 69.16.230.42
2022-09-21 14:22:29 +0000
0 - 0 - 2 fullpcgames.xyz/ 69.16.230.42

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-27 17:19:16 +0000
0 - 0 - 2 for-j.com/tds3.html?zoneid=5478295&ymid=18d9c (...) 104.18.8.13
2022-11-27 17:17:54 +0000
0 - 0 - 3 omnatuor.com/ck 139.45.197.253
2022-11-27 16:19:41 +0000
0 - 0 - 5 pdlotracking.com/cf/r/636c8ffc01e686001942c665 104.21.11.58
2022-11-27 15:59:23 +0000
0 - 0 - 3 omnatuor.com/ck 139.45.197.253
2022-11-27 15:57:53 +0000
0 - 0 - 7 sg.lnslagging.click/tw/i14/hinet_en/ 139.59.241.112


JavaScript

Executed Scripts (30)


Executed Evals (9)

#1 JavaScript::Eval (size: 60, repeated: 1) - SHA256: 9d51544cc513110b130345a977b1e9e630b5a7aa01518f7f7898758b79a9699f

                                        (function() {
    return visitor.getMarketingCloudVisitorID()
})();
                                    

#2 JavaScript::Eval (size: 61, repeated: 1) - SHA256: 9259355921509ced00b4d7d3e76c151037a06c88a646cd7d47d5d9c96984697c

                                        (function() {
    return window.functions.timeParting("n", "0")
})();
                                    

#3 JavaScript::Eval (size: 88, repeated: 1) - SHA256: 5e05e2cf30322e8f71d65a22aa5f4a095923b67286a61d83b7787e3468f42f62

                                        (function() {
    return "LP:" + BF_prop.LandingPageName.toString().replace(/:/ig, "").trim()
})();
                                    

#4 JavaScript::Eval (size: 54, repeated: 1) - SHA256: fc490a09c28110ae2a7c965801ebeb5c572587f55c3524889f547dbcc34c1d81

                                        (function() {
    return screen.width + "x" + screen.height
})();
                                    

#5 JavaScript::Eval (size: 132, repeated: 1) - SHA256: 0a23e511994a2c03a725773de07810ff171878b9c0177f40a663038e4e251168

                                        (function() {
    if (window.innerWidth) return window.innerWidth;
    d = screen.width + "x" + screen.height;
    return d.documentElement.offsetWidth
})();
                                    

#6 JavaScript::Eval (size: 55, repeated: 1) - SHA256: 14986cbd70f8b8a1770adf9800c113847daf392c2999dfff9dc71d2be98f3282

                                        (function() {
    return visitor.getAnalyticsVisitorID()
})();
                                    

#7 JavaScript::Eval (size: 135, repeated: 1) - SHA256: fc7b851f30df68c5cc6d1fb3f06c300b2b1d7271f76cc187224050270141f0ed

                                        (function() {
    if (window.innerHeight) return window.innerHeight;
    d = screen.width + "x" + screen.height;
    return d.documentElement.offsetHeight
})();
                                    

#8 JavaScript::Eval (size: 62, repeated: 1) - SHA256: adf0ca592504ef680d5ea02d5161b15be0572fd3e5b41d152b74f0c76aea6c42

                                        (function() {
    return window.functions.getPageNameOldEvar1()
})();
                                    

#9 JavaScript::Eval (size: 71, repeated: 1) - SHA256: dcdd7e7e286c45c94638f28053384616d6ca9a1b396b0109cb51f1298ba342bb

                                        (function() {
    return Math.round((new Date).getTime() / 1E3).toString()
})();
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 50, repeated: 1) - SHA256: a2b051fa7d206df6e4eeee27678781de0752c1ac7adcfd359c1a2fc7ff507449

                                        < script src = "/widget/betslip/betslip.js" > < /script>
                                    


HTTP Transactions (95)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 13:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2GImyatBV8Da_T3nq6V2CniNTmo7Ad-6mrRp6mT-9c5wlcvbtA74Lw==
Age: 3301


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8634
Expires: Tue, 04 Oct 2022 17:05:59 GMT
Date: Tue, 04 Oct 2022 14:42:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D681A4C2E20A6019C7E2D980CBFA77B34DB9356899099296C3B8B4263CA5FB5F"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9867
Expires: Tue, 04 Oct 2022 17:26:32 GMT
Date: Tue, 04 Oct 2022 14:42:05 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: avnWHsIU3Zs37Oepd/PX/zKsGpb0b0DKpiGlWc0OeKonnm74dg5VOEWoHj3GlHxshf2mqH9XTUE=
x-amz-request-id: RV48AF1QAR8ZRS4J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Oct 2022 13:54:17 GMT
age: 2868
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 14:42:05 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: pkgo.fullpcgames.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         69.16.230.42
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 04 Oct 2022 14:42:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Location: http://ww1.fullpcgames.xyz
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 14:29:33 GMT
Expires: Tue, 04 Oct 2022 14:31:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Musmnv-woRB7tsRNtECB2WWstVEE-7aoA0BDKUDni7zWN0uzIkGuQA==
Age: 752


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6173
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 14:42:06 GMT
Last-Modified: Tue, 04 Oct 2022 12:59:13 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ykNgop7TrwY+DBdiFQlVZg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.89.255.30
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gvLHNLI3owURYEK7m39puTQ657Q=

                                        
                                            GET / HTTP/1.1 
Host: ww1.fullpcgames.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         64.190.63.136
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 04 Oct 2022 14:42:06 GMT
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_sYIforf3c2+WCmI/N0qHXmsFoPW2CK1HlbliTR27bob5VLVH0AlafLIGS/acdYHKJL4vldSsciegeUo+KBqJAg==
last-modified: Tue, 04 Oct 2022 14:42:05 GMT
x-cache-miss-from: parking-69b897b95b-px4w7
server: NginX
content-encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (700)
Size:   1335
Md5:    b911d191cd36be706da78ecff090c1ae
Sha1:   9891f794b2050add026383d8d5401e999e82c3b8
Sha256: d1635f53a6d06f03bf334a02f2f7712c4effaec33aa41dcd4c6b80e81f6cfc08

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /images/js_preloader.gif HTTP/1.1 
Host: img.sedoparking.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.fullpcgames.xyz/

                                         
                                         205.234.175.175
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 04 Oct 2022 14:42:07 GMT
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Tue, 11 Oct 2022 14:42:07 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: H
CF4Age: 156700
x-cf-tsc: 1648179742
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: c643092df46b59c3408053fe9730b3ce
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 16\012- data
Size:   4254
Md5:    90c93102a88c2ab94bff1575b7a6e86e
Sha1:   56d71bf13de464534643db9d127629a0a3bf677a
Sha256: 5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
                                        
                                            GET /search/tsc.php?200=NDA4MDIyOTE0&21=OTEuOTAuNDIuMTU0&681=MTY2NDg5NDUyNmRiYWE5MGZiMDNlNTljNTA3NDkwZGY0ZDlmODY0ODFm&crc=302673ae47bf9ce5346c431b4b39d98f56a8b38c&cv=1 HTTP/1.1 
Host: ww1.fullpcgames.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.fullpcgames.xyz/

                                         
                                         64.190.63.136
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 04 Oct 2022 14:42:07 GMT
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-69b897b95b-m72r9
server: NginX

                                        
                                            GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DPCPd7htg4Hw_0&v=M2FhOGM0MDU3NWUyMWZjZDU5M2Y3MjViNDE1Njc4NzcJMQl3dzEuZnVsbHBjZ2FtZXMueHl6NjMzYzQ2M2RkYzExOTkuNTQyOTI4NDcJd3cxLmZ1bGxwY2dhbWVzLnh5ejYzM2M0NjNkZGMxNDk5LjU0NzIxMzg2CTE2NjQ4OTQ1MjYJYWRfNjNfMA==&l=OAlkY2I3ZjUxMGQxN2E5MTVjZmRiYzg3NzFmOTZhODcxNAkwCTM1CTAJMjQxMTBhMzI3YTA1ZjE5M2NlODk5YjM1Y2E3NjAzYWUJNDA4MDIyOTE0CWZ1bGxwY2dhbWVzCTAJNjMJNgkyCTE2NjQ4OTQ1MjYJMC4wMDAyMTUJTgkwCTAJMAkxMjA1CTIyNzEzNjAxNQk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1 
Host: ww1.fullpcgames.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.fullpcgames.xyz/
Upgrade-Insecure-Requests: 1

                                         
                                         64.190.63.136
HTTP/1.1 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Tue, 04 Oct 2022 14:42:07 GMT
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Tue, 04 Oct 2022 14:42:07 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DPCPd7htg4Hw_0&v=M2FhOGM0MDU3NWUyMWZjZDU5M2Y3MjViNDE1Njc4NzcJMQl3dzEuZnVsbHBjZ2FtZXMueHl6NjMzYzQ2M2RkYzExOTkuNTQyOTI4NDcJd3cxLmZ1bGxwY2dhbWVzLnh5ejYzM2M0NjNkZGMxNDk5LjU0NzIxMzg2CTE2NjQ4OTQ1MjYJYWRfNjNfMA==&l=OAlkY2I3ZjUxMGQxN2E5MTVjZmRiYzg3NzFmOTZhODcxNAkwCTM1CTAJMjQxMTBhMzI3YTA1ZjE5M2NlODk5YjM1Y2E3NjAzYWUJNDA4MDIyOTE0CWZ1bGxwY2dhbWVzCTAJNjMJNgkyCTE2NjQ4OTQ1MjYJMC4wMDAyMTUJTgkwCTAJMAkxMjA1CTIyNzEzNjAxNQk5MS45MC40Mi4xNTQJMA%3D%3D
x-cache-miss-from: parking-69b897b95b-px4w7
server: NginX

                                        
                                            GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DPCPd7htg4Hw_0&v=M2FhOGM0MDU3NWUyMWZjZDU5M2Y3MjViNDE1Njc4NzcJMQl3dzEuZnVsbHBjZ2FtZXMueHl6NjMzYzQ2M2RkYzExOTkuNTQyOTI4NDcJd3cxLmZ1bGxwY2dhbWVzLnh5ejYzM2M0NjNkZGMxNDk5LjU0NzIxMzg2CTE2NjQ4OTQ1MjYJYWRfNjNfMA==&l=OAlkY2I3ZjUxMGQxN2E5MTVjZmRiYzg3NzFmOTZhODcxNAkwCTM1CTAJMjQxMTBhMzI3YTA1ZjE5M2NlODk5YjM1Y2E3NjAzYWUJNDA4MDIyOTE0CWZ1bGxwY2dhbWVzCTAJNjMJNgkyCTE2NjQ4OTQ1MjYJMC4wMDAyMTUJTgkwCTAJMAkxMjA1CTIyNzEzNjAxNQk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1 
Host: ww1.fullpcgames.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.fullpcgames.xyz/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         64.190.63.136
HTTP/1.1 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Tue, 04 Oct 2022 14:42:07 GMT
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Tue, 04 Oct 2022 14:42:07 GMT
location: http://xml.sedodna.com/click?i=PCPd7htg4Hw_0
x-cache-miss-from: parking-69b897b95b-jm4r7
server: NginX


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   311
Md5:    bbcf6da18db68898f5f6df0b7c1dde35
Sha1:   7ebf2f031c5d574e9ea6049f3d39e044b9bbfb3f
Sha256: 3fe30bd3cacbc9550f8b843a7c8091a72af3a8ecb1a77e3c3f71b27d68a4a5ed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9112
Expires: Tue, 04 Oct 2022 17:13:59 GMT
Date: Tue, 04 Oct 2022 14:42:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9112
Expires: Tue, 04 Oct 2022 17:13:59 GMT
Date: Tue, 04 Oct 2022 14:42:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9112
Expires: Tue, 04 Oct 2022 17:13:59 GMT
Date: Tue, 04 Oct 2022 14:42:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9112
Expires: Tue, 04 Oct 2022 17:13:59 GMT
Date: Tue, 04 Oct 2022 14:42:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9112
Expires: Tue, 04 Oct 2022 17:13:59 GMT
Date: Tue, 04 Oct 2022 14:42:07 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 61067
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4858
Md5:    6779181f9c06975f2a662da743893939
Sha1:   585e7146fd24cdc2496b05baafea04091dc541e2
Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 61067
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bf68975-a099-4d4b-9abd-6e684653439d.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10878
x-amzn-requestid: a849d918-ec40-47d4-93cb-e938b010bd50
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpJKGAPIAMFSiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556d-242a8d2208b6574c34063c1f;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7ZaoEBhn_F_zDvoalcEpb4PtdGMuU9stAktSCviy5SsaaBaxYUJ6Fg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 61067
etag: "d893d8035379e06e53e365b9f47f5da40bff932b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10878
Md5:    f62719b24a32198c6f462a0a0412ac98
Sha1:   d893d8035379e06e53e365b9f47f5da40bff932b
Sha256: ca863affca1559e92e415a4de2e78e4b4c1ec4cf8e8549693499c6f79bd27975
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 61054
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5504
Md5:    6c6882c60d7ca6f918c77104e3ad1d52
Sha1:   20ef861be49c652a938e0145e4ca3a60159367e2
Sha256: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:51 GMT
age: 35956
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 44jC1Ww19YUJjZHw9_3cSSR5Y7nw5df412G-RxWFTcbRz1XDKaT3zQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:35 GMT
age: 61052
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11955
Md5:    54b3ef7aa50273b78b59c24511b0c1f9
Sha1:   e2ea2ef6805e391c497e62e101e76a0bdecfce64
Sha256: 296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
                                        
                                            GET /click?i=PCPd7htg4Hw_0 HTTP/1.1 
Host: xml.sedodna.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.fullpcgames.xyz/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         173.239.53.32
HTTP/1.1 302 Found
                                        
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://vatcalf.com/nnv8s9q3s?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjM5MzU5MV8yNDA5MzRfMTgxNTAyMSIsImFpIjoiMTMxYTVjN2FjNWQ2NDVlYTUzZTZiYTIwMGQ0NDc2NjUiLCJiaWQiOjAuMDAwNCwiYyI6MC44LCJsIjozNTc3OTkyLCJlYW4iOi0xLCJzIjoiOWY2Y2RiYWVhMTRiODc3OWE1OGE4OTdjMTZkMmNjNWRlN2ZhZjkzMzI1Mjc0MzY2YWI3MWNhYjgxZTVlNzFiZTI2ZjgwOTNiZjA1YTMxZThlNDJlYWNmOTM4Mjk5YjNhZmZiYTZjMGMwMzMwZTVlN2IwNTIiLCJldCI6IjE2NjQ4OTUxMjYifQ.ZhhfMytQHuzdCPTKonHNmCO0U7F6yG2LGVBXjIcq8N8&key=c8aa99f83b13fe6df17d2274f579c699&ap=${AUCTION_PRICE}&l=3577992&sub3=1664894526&pid=154044&auid=131a5c7ac5d645ea53e6ba200d447665&
Pragma: no-cache

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "54885B9AA6A957AAF3831F8A459A4F6E98BC19A95C1C7A705F422E65DDFD3C2C"
Last-Modified: Mon, 03 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9425
Expires: Tue, 04 Oct 2022 17:19:13 GMT
Date: Tue, 04 Oct 2022 14:42:08 GMT
Connection: keep-alive

                                        
                                            GET /nnv8s9q3s?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjM5MzU5MV8yNDA5MzRfMTgxNTAyMSIsImFpIjoiMTMxYTVjN2FjNWQ2NDVlYTUzZTZiYTIwMGQ0NDc2NjUiLCJiaWQiOjAuMDAwNCwiYyI6MC44LCJsIjozNTc3OTkyLCJlYW4iOi0xLCJzIjoiOWY2Y2RiYWVhMTRiODc3OWE1OGE4OTdjMTZkMmNjNWRlN2ZhZjkzMzI1Mjc0MzY2YWI3MWNhYjgxZTVlNzFiZTI2ZjgwOTNiZjA1YTMxZThlNDJlYWNmOTM4Mjk5YjNhZmZiYTZjMGMwMzMwZTVlN2IwNTIiLCJldCI6IjE2NjQ4OTUxMjYifQ.ZhhfMytQHuzdCPTKonHNmCO0U7F6yG2LGVBXjIcq8N8&key=c8aa99f83b13fe6df17d2274f579c699&ap=${AUCTION_PRICE}&l=3577992&sub3=1664894526&pid=154044&auid=131a5c7ac5d645ea53e6ba200d447665& HTTP/1.1 
Host: vatcalf.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww1.fullpcgames.xyz/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.228
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 14:42:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17196958; expires=Wed, 05 Oct 2022 14:42:08 GMT ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzE5Njk1OCwiayI6ImM4YWE5OWY4M2IxM2ZlNmRmMTdkMjI3NGY1NzljNjk5Iiwic2lkIjoiMzkzNTkxXzI0MDkzNF8xODE1MDIxIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODQ0MTU5LCJwaWQiOjE1NDA0NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMywiYWlkIjoyOCwicHQiOjgsInBrIjoibm52OHM5cTNzIiwidCI6MX0sInBiIjp7InJlcCI6Imh0dHBzOi8vd3d3Lmdvb2dsZS5jb20vIiwiaWYiOnRydWUsIm5jIjpmYWxzZSwibmoiOmZhbHNlLCJpbiI6ZmFsc2UsInRwIjoxLCJuYSI6ZmFsc2V9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3d3MS5mdWxscGNnYW1lcy54eXovIn19.-JxklcwlXUazylYkqrnpTyZkUoRmLsGLAucogyANuiw; expires=Tue, 04 Oct 2022 14:43:08 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ad74207e17e83cb84fc277ecb014eb6f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (563)
Size:   2979
Md5:    4a5ca299ec6f87626b765a411002556c
Sha1:   11ec310d4ab8cb8c77d040446d2d4858fed1eac0
Sha256: 08d6f823efa279d36c5183a951a6a884d0abf141eabfe754cecede2889824b8e
                                        
                                            GET /nnv8s9q3s?pst=1664894588&rmtc=t&uuid=&pii=&in=false&refer=http%3A%2F%2Fww1.fullpcgames.xyz%2F&key=c8aa99f83b13fe6df17d2274f579c699&ap=%24%7BAUCTION_PRICE%7D&l=3577992&sub3=1664894526&pid=154044&auid=131a5c7ac5d645ea53e6ba200d447665&shu=9f3abddd1ec0075819b59ecdc05e4dd154f6523364f6d0ab8b0a9fcf5ccc3d0e4270a26b740b9bd3d86786c3c4ecb04374d022caefa699c79b8396f9b608c0416a54727eb3dfec609536df910dfe1cc1705ff3f1&fr=0&sw2=1280&sh2=939&sw3=1280&sh3=176&sw4=1280&sh4=939&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1002&auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjM5MzU5MV8yNDA5MzRfMTgxNTAyMSIsImFpIjoiMTMxYTVjN2FjNWQ2NDVlYTUzZTZiYTIwMGQ0NDc2NjUiLCJiaWQiOjAuMDAwNCwiYyI6MC44LCJsIjozNTc3OTkyLCJlYW4iOi0xLCJzIjoiOWY2Y2RiYWVhMTRiODc3OWE1OGE4OTdjMTZkMmNjNWRlN2ZhZjkzMzI1Mjc0MzY2YWI3MWNhYjgxZTVlNzFiZTI2ZjgwOTNiZjA1YTMxZThlNDJlYWNmOTM4Mjk5YjNhZmZiYTZjMGMwMzMwZTVlN2IwNTIiLCJldCI6IjE2NjQ4OTUxMjYifQ.ZhhfMytQHuzdCPTKonHNmCO0U7F6yG2LGVBXjIcq8N8 HTTP/1.1 
Host: vatcalf.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vatcalf.com/nnv8s9q3s?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=17196958
Cookie: u_pl=17196958; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzE5Njk1OCwiayI6ImM4YWE5OWY4M2IxM2ZlNmRmMTdkMjI3NGY1NzljNjk5Iiwic2lkIjoiMzkzNTkxXzI0MDkzNF8xODE1MDIxIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODQ0MTU5LCJwaWQiOjE1NDA0NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMywiYWlkIjoyOCwicHQiOjgsInBrIjoibm52OHM5cTNzIiwidCI6MX0sInBiIjp7InJlcCI6Imh0dHBzOi8vd3d3Lmdvb2dsZS5jb20vIiwiaWYiOnRydWUsIm5jIjpmYWxzZSwibmoiOmZhbHNlLCJpbiI6ZmFsc2UsInRwIjoxLCJuYSI6ZmFsc2V9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3d3MS5mdWxscGNnYW1lcy54eXovIn19.-JxklcwlXUazylYkqrnpTyZkUoRmLsGLAucogyANuiw; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

                                         
                                         192.243.61.228
HTTP/1.1 302 Found
Content-Type: text/html
                                        
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 14:42:08 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17196958
Set-Cookie: pdhtkv=true; expires=Wed, 05 Oct 2022 14:42:08 GMT uncs=1; expires=Wed, 05 Oct 2022 14:42:08 GMT pdhtkv28=true; expires=Wed, 05 Oct 2022 14:42:08 GMT uncs28=1; expires=Wed, 05 Oct 2022 14:42:08 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1a6328e7485447f00bf24c03d3442a72
Strict-Transport-Security: max-age=0; includeSubdomains

                                        
                                            GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17196958 HTTP/1.1 
Host: adserving.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vatcalf.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.11
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
content-length: 0
location: https://no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_96BCCEC496394DBBA0895CFB8A506F0F&sref=ADST&ADST=17196958&affiliateId=1&pid=86075577&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Tue, 04 Oct 2022 14:42:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 04 Oct 2022 14:42:09 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; domain=.unibet.com; expires=Thu, 04-Oct-3021 14:42:09 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=80
X-Firefox-Spdy: h2

                                        
                                            GET /stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_96BCCEC496394DBBA0895CFB8A506F0F&sref=ADST&ADST=17196958&affiliateId=1&pid=86075577&bid=37950 HTTP/1.1 
Host: no.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vatcalf.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         85.184.96.0
HTTP/2 301 Moved Permanently
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
content-length: 0
location: https://no.unibet.com:443/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_96BCCEC496394DBBA0895CFB8A506F0F&sref=ADST&ADST=17196958&affiliateId=1&pid=86075577&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86075577-37950
set-cookie: JSESSIONID=node0nl52xfoevhwl1mykum6avgh1o581003.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict __ucbt=node0nl52xfoevhwl1mykum6avgh1o; Path=/; Domain=.unibet.com; Expires=Thu, 03-Oct-2024 14:42:09 GMT; Max-Age=63072000; Secure; SameSite=None uniattr=ST.0.T; Path=/; Domain=.unibet.com; Expires=Thu, 03-Oct-2024 14:42:09 GMT; Max-Age=63072000; Secure; SameSite=None uniattr_ref="https://vatcalf.com/"; Path=/; Domain=.unibet.com; Expires=Thu, 03-Oct-2024 14:42:09 GMT; Max-Age=63072000; Secure; SameSite=None UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None affid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None netwid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None CLAIM_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None campaignId=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39169010; Secure; SameSite=None framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Tue, 04-Oct-2022 14:42:24 GMT; Max-Age=15; Secure; SameSite=None affiliateId=1; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39169010; Secure; SameSite=None B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39169010; Secure; SameSite=None REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None BID=37950; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39169010; Secure; SameSite=None PID=86075577; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39169010; Secure; SameSite=None CHID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None REFERER=https%3A%2F%2Fvatcalf.com%2F; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39169010; Secure; SameSite=None UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None BOCAID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None PRODUCT_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39169010; Secure; SameSite=None AFFILIATE_CAMPAIGN_ID=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39169010; Secure; SameSite=None framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Tue, 04-Oct-2022 14:42:24 GMT; Max-Age=15; Secure; SameSite=None campaignId=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39169010; Secure; SameSite=None framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Tue, 04-Oct-2022 14:42:24 GMT; Max-Age=15; Secure; SameSite=None clientId=polopoly_desktop; Domain=no.unibet.com; Path=/; SameSite=None; Secure
referer: https://vatcalf.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Tue, 04 Oct 2022 14:42:09 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2

                                        
                                            GET /stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_96BCCEC496394DBBA0895CFB8A506F0F&sref=ADST&ADST=17196958&affiliateId=1&pid=86075577&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86075577-37950 HTTP/1.1 
Host: no.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vatcalf.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         85.184.96.0
HTTP/2 301 Moved Permanently
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
content-length: 0
location: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_96BCCEC496394DBBA0895CFB8A506F0F&bid=37950&campaignId=2750545&pid=86075577
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Tue, 04 Oct 2022 14:42:09 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.securetrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.79.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 638
Date: Tue, 04 Oct 2022 14:42:09 GMT
Connection: keep-alive

                                        
                                            GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1 
Host: a1s-cdn.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         85.184.96.5
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
content-length: 957
last-modified: Mon, 25 Apr 2022 12:18:31 GMT
etag: "3bd-5dd799309c310"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   957
Md5:    e19225e3eb562a3b6a86f7b8b47c38fb
Sha1:   ce3eb55448afd8fc9dfa4ac82f8743a009d5e142
Sha256: c152526a02cb050650847e999ae141eae985472fbf73c5a843160b3b6bb06f79
                                        
                                            GET /orval/tracking/lastclick.min.js HTTP/1.1 
Host: a1s.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         85.184.96.5
HTTP/2 304 Not Modified
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
etag: "705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 14:42:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 14:42:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.74
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 02:36:40 GMT
expires: Mon, 02 Oct 2023 02:36:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 216329
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30399
Md5:    0f83cadc148d2ad7e53c91f6c4ee05bb
Sha1:   90035c5fffedf4b0f099465f6b929a030b46c92b
Sha256: 3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 14:42:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /no/pop/multisport/gambling-commission.png HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_96BCCEC496394DBBA0895CFB8A506F0F&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
content-length: 178
location: https://www.unibet.com/
server: NetDNA-cache/2.2
x-cache: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 14:42:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: www.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         85.184.96.0
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
content-length: 162
location: https://no.unibet.com/
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
set-cookie: clientId=polopoly_desktop; Domain=www.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /orval/tracking/lastclick.min.js HTTP/1.1 
Host: a1s.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; clientId=polopoly_desktop
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         85.184.96.5
HTTP/2 304 Not Modified
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
etag: "705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
X-Firefox-Spdy: h2

                                        
                                            GET /no/pop/multisport/1-background-black.jpg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
content-length: 98453
cache-control: public, max-age=900, immutable
content-md5: jm2a9e8brf6Slbj8lnk8KA==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: "0x8DA52B6801D0B27"
x-ms-request-id: 512eda27-701e-0024-25fe-d7e4a2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Size:   98453
Md5:    8e6d9af5ef1badfe9295b8fc96793c28
Sha1:   e37cdf4093dc0a47246be7360e7945f91991f073
Sha256: de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
                                        
                                            GET /no/pop/multisport/Unibet_Pro_2020.woff2 HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
content-length: 10924
cache-control: public, max-age=900, immutable
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
last-modified: Mon, 20 Jun 2022 12:15:05 GMT
etag: "0x8DA52B682E2A11A"
x-ms-request-id: 5952368a-501e-000c-32fe-d7850a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Size:   10924
Md5:    0ea5bcff84ae44840b6e9c9d12c8b963
Sha1:   6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
Sha256: b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 14:42:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 14:42:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.133.15
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
content-length: 74320
x-amz-id-2: k+Rd+4MXXnXafL9w9FQ02nQrubAKNjFwHjB5MlOTfZKrjw8E/i/bXdY17Bt8M5edG8CIz+96t80=
x-amz-request-id: CHX0NFYW2GM8T3E1
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: "3638e62ea50e6f5859b6a15276c25c87"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 29661525
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kiRxvMzP0HF5cqT8FULF5p82KhmQxIFdNOO2rN5HqpV%2Fzqv6tZr%2BfrXVc2xdiTzHHpqdpbYzK%2FyF1j1fc4CRsnh2zsE8saIR4TvFRduWc1xiC7M7w5Iij0VcGuYzxHB%2F8B2wk4WE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754eaebb89e0745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Size:   74320
Md5:    3638e62ea50e6f5859b6a15276c25c87
Sha1:   f5aa1a463e223a294a42b314e1c63a614d594ec0
Sha256: 9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
                                        
                                            GET /no/pop/multisport/utv-logo.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_96BCCEC496394DBBA0895CFB8A506F0F&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: W/"0x8DA52B680312C74"
x-ms-request-id: 92891629-401e-0062-09fe-d7d025000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            GET /widget/betslip/betslip.js HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_96BCCEC496394DBBA0895CFB8A506F0F&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 4053cd17-101e-0032-60ff-d71275000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   20292
Md5:    41f0a8fc7b9bdb0e594f1d2f40eb1662
Sha1:   3f42aaae38e1e0722a4e1cf45fa8badfe46fc2cb
Sha256: 66a5a94b295fea263ae3843933bd92ee6a5bc6aab71b71570bee967a2490bd16
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 500881
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:21 GMT
expires: Thu, 28 Sep 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 500868
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size:   15740
Md5:    b9c29351c46f3e8c8631c4002457f48a
Sha1:   e57e59c5780995ff2937ab2b511a769212974a87
Sha256: f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
                                        
                                            GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 14:42:09 GMT
expires: Tue, 04 Oct 2022 14:42:09 GMT
cache-control: private, max-age=900
last-modified: Tue, 04 Oct 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79443
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (62112)
Size:   79443
Md5:    eff5985ab6fcbef8df93bda3a1e20ed6
Sha1:   f927205a0888e262c711b2542322498204495bb5
Sha256: 95ed07c79bca351af07866f1b1d8cd7a4cf2f777b87de005cfc13394c614183b
                                        
                                            GET / HTTP/1.1 
Host: no.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; clientId=polopoly_desktop
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         85.184.96.0
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=10
expires: Tue, 04 Oct 2022 14:42:12 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   12211
Md5:    f2fa7abbd490908041579f006636abc8
Sha1:   fe3c092986179e54c4ae2fb46eabbab684cd9f9c
Sha256: 1c7ce4f4f9b9456215b7d30707ce079283a5cbc763011925554f99128de6894a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 14:42:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1 HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 04 Oct 2022 14:42:10 GMT
content-length: 1540
access-control-expose-headers: CE-Version
ce-version: 11.4.10
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Tue, 04 Oct 2022 12:49:53 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 6737
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 754eaebcaf58b4ff-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (4015), with no line terminators
Size:   1540
Md5:    ca7f83926d0665da8800b1a49ff19929
Sha1:   b7dd909be1bf99b594825772695b554bcaec6fc6
Sha256: 795c815cf8173721fa29b453ffaf519d0f89a5431470db928513de966dc5772d
                                        
                                            GET /seg?add=9755599 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.210.212
HTTP/1.1 307 Redirection
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Tue, 04 Oct 2022 14:42:10 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: a3b6935f-5db0-4bcb-bb8d-3802f1476d71
Set-Cookie: uuid2=6605083162883345513; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 02-Jan-2023 14:42:10 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

                                        
                                            GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.210.212
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.21.3
Date: Tue, 04 Oct 2022 14:42:10 GMT
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 5a110f55-df29-4edf-9b4d-d02076c81c95
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2H`dtCm1p!@wnf-Te9(>wL5L!!'6]$Z8wY; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 02-Jan-2023 14:42:10 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    592ebefc7104d681d57852665e9ad514
Sha1:   15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
Sha256: 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 795
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 14:42:10 GMT
Last-Modified: Tue, 04 Oct 2022 14:28:55 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1664894529566 HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.229.34.254
HTTP/1.1 200 OK
Content-Type: application/json;charset=utf-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-1-v044-038a43fef.edge-irl1.demdex.com 3 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=91756495964579601022185704849032468938; Max-Age=15552000; Expires=Sun, 02 Apr 2023 14:42:10 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: LnxIwYZ8QaQ=
Content-Length: 498
Connection: keep-alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Size:   498
Md5:    2b9333ba08138644f0a20f65336bf12f
Sha1:   c7f8a96b7e6aa3e111a6f70df0dafb7af490e2c2
Sha256: aacda34684b3365db107f6838f70747ef92314406744b443cadc4e5507632856
                                        
                                            GET /pages/versioned/common-scripts/a18bb0e21d11a839b7adb013c92ee611.js HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 04 Oct 2022 14:42:10 GMT
content-length: 30751
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Sat, 17 Sep 2022 06:58:49 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 6738
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 754eaebe0992b4ff-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25693)
Size:   30751
Md5:    ab5a8229a8c945eab277a1c0e7c4881c
Sha1:   287691171aa268d85401aeface56177e43878acf
Sha256: b81b564da8f3295237daaa7c6bdfe7f32d48cba79bf66147bca00a18926bcd26
                                        
                                            GET /pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=462470 HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 04 Oct 2022 14:42:10 GMT
content-length: 144
access-control-expose-headers: CE-Version
ce-version: 11.4.10
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Tue, 04 Oct 2022 12:49:53 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 6737
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 754eaebedae0b4ff-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   144
Md5:    20527bbc0e43075729b50057e306734b
Sha1:   93e6c11ce82037c1cd4c96eda9c09df9ae655284
Sha256: 8fd81a9c4140d397da80763cc95178bf1fdb5f8ba12c7b6680d457e458aa7f42
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1078
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 14:42:10 GMT
Last-Modified: Tue, 04 Oct 2022 14:24:12 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=91762879556950587492187591687815996497&ts=1664894529738 HTTP/1.1 
Host: unibetlondonltd.d3.sc.omtrdc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         15.236.176.210
HTTP/2 200 OK
content-type: application/x-javascript;charset=utf-8
                                        
access-control-allow-origin: https://welcome.unibet.com
access-control-allow-credentials: true
date: Tue, 04 Oct 2022 14:42:10 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET /healthcheck HTTP/1.1 
Host: pagestates-tracking.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.20
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 19
date: Thu, 14 Jul 2022 06:23:23 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GSQ5_TYq8fWoQ1jekAUNmf2Klcd92W8W0Lav1NH54UgBK8hzW3hnrw==
age: 7114728
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   19
Md5:    d06f04fccf68d0b228a5923187ce1afd
Sha1:   5de9df9fdd66a91eed06e31981553d4ab9ccf490
Sha256: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
                                        
                                            GET /healthcheck HTTP/1.1 
Host: assets-tracking.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.114
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 19
date: Mon, 22 Aug 2022 11:33:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YqFkmauVliWQK8HWvDO-ennDiyUGiPT12RPvfUY0_ssTtmJj735g_A==
age: 3726535
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   19
Md5:    d06f04fccf68d0b228a5923187ce1afd
Sha1:   5de9df9fdd66a91eed06e31981553d4ab9ccf490
Sha256: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
                                        
                                            GET /dest5.html?d_nsid=0 HTTP/1.1 
Host: unibet.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         52.209.199.248
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
date: Tue, 4 Oct 2022 14:42:10 GMT
DCS: dcs-prod-irl1-2-v044-041e262a1.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 29 Sep 2022 16:47:43 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: trFHEG5JTGM=
Content-Length: 2791
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Size:   2791
Md5:    ccbdcb1e84c241950763ec4cd516cdfc
Sha1:   55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
Sha256: de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
                                        
                                            GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s6422640880851?AQB=1&ndh=1&pf=1&t=4%2F9%2F2022%2014%3A42%3A9%202%200&mid=91762879556950587492187591687815996497&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86075577-37950%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26bid%3D37950%26campaignId%3D2750545%26pid%3D86075577&r=https%3A%2F%2Fvatcalf.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86075577-37950%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26bid%3D37950%26campaignId%3D2750545%26pid%3D86075577&v1=welcome.unibet.com%3A%3A%3Adesktop%3Ano%3Apop%3Amultisport%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=2%3A42%20PM%7CTuesday&v6=2%3A42%20PM%7CTuesday&v11=GBP&c14=New&v14=New&c16=1664894530&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A86075577-37950&v122=NONE&v124=2750545&v125=127656177_96BCCEC496394DBBA0895CFB8A506F0F&v126=86075577&v127=37950&v134=1664894529&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1 
Host: unibetlondonltd.d3.sc.omtrdc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         15.236.176.210
HTTP/2 200 OK
content-type: image/gif;charset=utf-8
                                        
access-control-allow-origin: *
date: Tue, 04 Oct 2022 14:42:10 GMT
expires: Mon, 03 Oct 2022 14:42:10 GMT
last-modified: Wed, 05 Oct 2022 14:42:10 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3575333779071434752-4619662245118466447
vary: *
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 2 x 2\012- data
Size:   43
Md5:    ad480fd0732d0f6f1a8b06359e3a42bb
Sha1:   a544538683a2dfe574eeb2e358ac8fcc78289d50
Sha256: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 14:42:10 GMT
Last-Modified: Tue, 04 Oct 2022 12:59:00 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LPBSOIB-B9CGde4PhhZ4IXLpVAYECxIFiV8oKt5oECdHXpeapnWdIQ==
Age: 6190

                                        
                                            GET /cm/dd?d_uuid=91756495964579601022185704849032468938 HTTP/1.1 
Host: cm.everesttech.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.74.40.111
HTTP/1.1 302
                                        
Date: Tue, 04 Oct 2022 14:42:10 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~YzxGQgAAAIY0fQMx; Domain=.everesttech.net; Expires=Wed, 04-Oct-2023 14:42:10 GMT; Path=/ everest_session_v2=YzxGQgAAAIY0fgMx; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzxGQgAAAIY0fQMx
Server: AMO-cookiemap/1.1

                                        
                                            GET /ibs:dpid=411&dpuuid=YzxGQgAAAIY0fQMx HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.229.34.254
HTTP/1.1 302 Found
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v044-0c2c7cff5.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzxGQgAAAIY0fQMx
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=33797473148261695083730873605022239869; Max-Age=15552000; Expires=Sun, 02 Apr 2023 14:42:10 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: qajDkBwYS2M=
Content-Length: 0
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 14:42:10 GMT
Last-Modified: Tue, 04 Oct 2022 13:39:43 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EcptCrTgTEbUfntOyDkv_ZQ_PoA7njQ0hhb3w4CrnP0-IYuBwILfgg==
Age: 3747

                                        
                                            GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzxGQgAAAIY0fQMx HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.229.34.254
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-2-v044-0925a81f5.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: e7wXUWsQQt4=
Content-Length: 59
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   59
Md5:    1251cd5e5c2def4c046309375f87c1c1
Sha1:   e02d6b0c6a5c495c15985e2832e335eda8528c80
Sha256: 4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
                                        
                                            GET /clock?t=1664894529930 HTTP/1.1 
Host: tracking.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.171.173.69
HTTP/2 200 OK
content-type: text/plain
                                        
server: awselb/2.0
date: Tue, 04 Oct 2022 14:42:10 GMT
content-length: 26
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   26
Md5:    3ce48a661273a29b96bae922a723e0c4
Sha1:   6335319dbc475acdcd2f67a588188eb332f195fe
Sha256: 4ae383ebcdbe08f373158843acd36b44790955a1c1db3468ecf2e8428ac21d02
                                        
                                            GET /pages/scripts/0012/9242.js HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.4.10
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=5675
last-modified: Tue, 04 Oct 2022 12:49:50 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 6739
vary: Accept-Encoding
server: cloudflare
cf-ray: 754eaebc6efeb4ff-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/1-styles.css HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_96BCCEC496394DBBA0895CFB8A506F0F&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Mon, 20 Jun 2022 12:15:00 GMT
etag: W/"0x8DA52B67FB09D8F"
x-ms-request-id: 9c664a1d-601e-0028-04fe-d773aa000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/1-main.js HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_96BCCEC496394DBBA0895CFB8A506F0F&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68343779E"
x-ms-request-id: 498bfb14-201e-0039-0afe-d7e91e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/app-sports-icon.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_96BCCEC496394DBBA0895CFB8A506F0F&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B682FA1D49"
x-ms-request-id: ee80e586-201e-0074-10fe-d726f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pages/scripts/0012/9242.js?462470 HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 04 Oct 2022 14:42:10 GMT
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.4.10
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=5675
last-modified: Tue, 04 Oct 2022 12:49:50 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 6740
vary: Accept-Encoding
server: cloudflare
cf-ray: 754eaebc9f39b4ff-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: no.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; clientId=polopoly_desktop
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         85.184.96.0
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=10
expires: Tue, 04 Oct 2022 14:42:12 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/unibet-logo.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_96BCCEC496394DBBA0895CFB8A506F0F&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: W/"0x8DA52B6805B919A"
x-ms-request-id: a3aa04d3-d01e-002d-4efe-d7a171000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/app-store-ro.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_96BCCEC496394DBBA0895CFB8A506F0F&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68300D310"
x-ms-request-id: 17121e28-901e-002c-3bfe-d7fead000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /releases/v5.7.1/css/all.css HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.133.15
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
x-amz-id-2: yGm6IVdCl/eZvDCLuTph3IvRafGPZvLOVSzlhtObUtQLFiHcElid7TPyqEboXBdWb8BJ9LJMeI0=
x-amz-request-id: MZGCZCF8C1T3EMF3
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 29661530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFtD2sBPBrndxMYH8d42kIWhjFy54vp0ym5stRuBYMYzcP1gXyMqBVrjkesF%2FMSjP0HTt8RObnFQA698hVrawikq4mCnnj4cX53LRLLW6j%2BZucLITjagxjYnrMeGeP2sRLgxRpci"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754eaeba7feb745b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/com-payments.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_96BCCEC496394DBBA0895CFB8A506F0F&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 20 Jun 2022 12:15:02 GMT
etag: W/"0x8DA52B680877D2F"
x-ms-request-id: 7c5d41f3-201e-0029-56fd-d72c76000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_96BCCEC496394DBBA0895CFB8A506F0F&bid=37950&campaignId=2750545&pid=86075577 HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vatcalf.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
cache-control: public, max-age=900, immutable
content-md5: NGkNgKvE41ztpclvs1gdSA==
last-modified: Mon, 20 Jun 2022 12:15:00 GMT
etag: W/"0x8DA52B67FA63ED8"
x-ms-request-id: 1dae1f32-a01e-0008-69fd-d7080d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /custom.js HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_96BCCEC496394DBBA0895CFB8A506F0F&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: 4a9f3e36-901e-003c-2ccd-d73bc5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1 
Host: cdn.bannerflow.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.171.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Tue, 04 Oct 2022 14:42:11 GMT
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 227
vary: Accept-Encoding
server: cloudflare
cf-ray: 754eaec4ba70b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1 
Host: cdn.bannerflow.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.171.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Tue, 04 Oct 2022 14:42:11 GMT
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 227
vary: Accept-Encoding
server: cloudflare
cf-ray: 754eaec4ca78b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Roboto:300,400,500 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 14:42:09 GMT
date: Tue, 04 Oct 2022 14:42:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1 
Host: bannerflow-feed-builder.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.40.147.180
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 04 Oct 2022 14:42:11 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=6b200a7d47afaf218332bbd3a632f753be50a6e6debbae1f1e27bc6892cf42c3;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net ARRAffinitySameSite=6b200a7d47afaf218332bbd3a632f753be50a6e6debbae1f1e27bc6892cf42c3;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1 
Host: cdn.bannerflow.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.171.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Tue, 04 Oct 2022 14:42:11 GMT
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 248
vary: Accept-Encoding
server: cloudflare
cf-ray: 754eaec4ba6db4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/read_json.js HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_96BCCEC496394DBBA0895CFB8A506F0F&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B6834CEC1B"
x-ms-request-id: 5b2100fd-301e-0057-03fe-d7bc31000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/google-play-ro.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_96BCCEC496394DBBA0895CFB8A506F0F&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68307D6EA"
x-ms-request-id: 15f1705d-501e-0041-4aff-d74ae6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/icon-trust.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_96BCCEC496394DBBA0895CFB8A506F0F&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B68201D7DE"
x-ms-request-id: db3de830-201e-005b-67fe-d72b39000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/icon-expert.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_96BCCEC496394DBBA0895CFB8A506F0F&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664894529139)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221041442%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228182111617%7c1%22%7d%5d; __ucbt=node0nl52xfoevhwl1mykum6avgh1o; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_96BCCEC496394DBBA0895CFB8A506F0F; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_96BCCEC496394DBBA0895CFB8A506F0F%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Tue, 04 Oct 2022 14:42:09 GMT
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B6820929CB"
x-ms-request-id: 7fc1b7d5-e01e-0009-65ff-d757d1000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---