Report - exnnan.com/play-2_1?h=waWQiOjExMjU2MzUsInNpZCI6MTE1NTgzOSwid2lkIjozNzAwOTIsInNyYyI6Mn0=eyJ&click_id=a6a5ehoqnbg2twj6d2&si1=&si2=intent://exnnan.com/play-2_1?h=waWQiOjExMjU2MzUsInNpZCI6MTE1NTgzOSwid2lkIjozNzAwOTIsInNyYyI6Mn0=eyJ&click_id=a6a5ehoqnbg2twj6d2&si1=&si2=intent://exnnan.com/play-2_1?h=waWQiOjExMjU2MzUsInNpZCI6MTE1NTgzOSwid2lkIjozNzAwOTIsInNyYyI6Mn0=eyJ&click_id=a6a5ehoqnbg2twj6d2&si1=&si2=intent://exnnan.com/play-2_1?h=waWQiOjExMjU2MzUsInNpZCI6MTE1NTgzOSwid2lkIjozNzAwOTIsInNyYyI6Mn0=eyJ&click

Report Overview

Visited public
2023-09-20 02:42:33
Tags
URL
exnnan.com/play-2_1?h=waWQiOjExMjU2MzUsInNpZCI6MTE1NTgzOSwid2lkIjozNzAwOTIsInNyYyI6Mn0=eyJ&click_id=a6a5ehoqnbg2twj6d2&si1=&si2=intent://exnnan.com/play-2_1?h=waWQiOjExMjU2MzUsInNpZCI6MTE1NTgzOSwid2lkIjozNzAwOTIsInNyYyI6Mn0=eyJ&click_id=a6a5ehoqnbg2twj6d2&si1=&si2=intent://exnnan.com/play-2_1?h=waWQiOjExMjU2MzUsInNpZCI6MTE1NTgzOSwid2lkIjozNzAwOTIsInNyYyI6Mn0=eyJ&click_id=a6a5ehoqnbg2twj6d2&si1=&si2=intent://exnnan.com/play-2_1?h=waWQiOjExMjU2MzUsInNpZCI6MTE1NTgzOSwid2lkIjozNzAwOTIsInNyYyI6Mn0=eyJ&click_id=a6a5ehoqnbg2twj6d2&si1=&si2=
Finishing URL
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
IP / ASN
88.208.45.26
#39572 DataWeb Global Group B.V.
Title
Unibet

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
s.viidirectory.com	unknown	2023-08-10	2023-09-07 11:44:03	2023-09-19 19:27:55	3.2 kB	471 B	31.220.27.134
alvsx.cloudpsh.top	unknown	2023-01-18	2023-01-23 00:24:08	2023-09-19 07:24:12	578 B	615 B	5.75.133.219
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-09-19 21:40:14	2.2 kB	51 kB	142.250.74.35
bcuiaw.com	unknown	2023-07-31	2023-07-31 21:17:58	2023-09-19 21:19:03	579 B	184 B	185.162.85.19
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-09-19 19:07:29	1.7 kB	120 kB	151.101.2.137
welcome.unibet.com	242429	1997-12-11	2017-01-30 06:39:28	2023-09-19 21:40:12	32 kB	300 kB	104.18.43.104
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-09-19 19:23:54	445 B	7.0 kB	142.250.74.106
c.darkdepthdriller.top	unknown	unknown	No data	No data	2.6 kB	159 kB	104.21.73.160
d.darkdepthdriller.top	unknown	unknown	No data	No data	3.2 kB	38 kB	104.21.73.160
use.fontawesome.com	942	2012-10-18	2017-01-30 05:43:25	2023-09-19 18:20:22	1.0 kB	187 kB	172.64.103.11
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-09-19 18:12:02	2.3 kB	4.9 kB	142.250.74.131
cdnstatic.darkdepthdriller.top	unknown	unknown	No data	No data	2.5 kB	50 kB	104.21.73.160
b.darkdepthdriller.top	unknown	unknown	No data	No data	2.7 kB	50 kB	104.21.73.160
bannerflow-feed-builder.azurewebsites.net	659103	2012-01-24	2017-11-23 14:27:15	2023-09-19 21:12:21	596 B	5.5 kB	104.40.147.180
a1s-cdn.unibet.com	283505	1997-12-11	2014-04-23 17:07:51	2023-09-19 20:44:47	1.4 kB	1.7 kB	85.184.96.5
a1s.unibet.com	297625	1997-12-11	2017-01-30 01:44:42	2023-09-19 20:44:47	1.4 kB	2.5 kB	85.184.96.5
cdn.bannerflow.com	23819	2008-06-03	2018-02-22 13:57:21	2023-09-19 18:47:52	1.4 kB	33 kB	104.17.111.249
5pyqt.exnnan.com	unknown	2023-08-07	2023-09-20 04:42:15	2023-09-20 04:42:15	4.4 kB	48 kB	88.208.45.26
ecrwqu.com	577459	2021-11-09	2021-11-09 21:59:02	2023-09-19 09:55:43	550 B	2.6 kB	185.162.85.20
alvsx.darkdepthdriller.top	unknown	2023-09-19	2023-09-19 09:55:45	2023-09-20 00:19:07	3.9 kB	64 kB	104.21.73.160
www.unibet.com	318338	1997-12-11	2014-04-29 03:07:51	2023-09-19 20:44:47	8.9 kB	36 kB	85.184.96.0
goto.trackpshgoto.win	unknown	2023-02-17	2023-02-19 19:00:41	2023-09-19 04:34:18	591 B	1.3 kB	20.113.67.50
adserving.unibet.com	98000	1997-12-11	2015-05-26 08:56:53	2023-09-19 21:40:12	586 B	1.4 kB	13.107.246.53
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-09-19 22:24:04	435 B	31 kB	172.217.21.170
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-09-19 22:18:27	2.7 kB	83 kB	216.58.207.227
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-09-19 19:48:43	427 B	272 kB	142.250.74.168
a.darkdepthdriller.top	unknown	2023-09-19	2023-09-19 09:02:15	2023-09-19 09:02:15	2.6 kB	66 kB	104.21.73.160
www.highcpmrevenuenetwork.com	unknown	2022-12-23	2022-12-23 15:30:56	2023-09-20 04:42:09	2.5 kB	4.0 kB	173.233.137.44

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-20 02:42:16	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-20	medium	exnnan.com	Sinkholed
2023-09-20	medium	exnnan.com	Sinkholed
2023-09-19	medium	bcuiaw.com	Sinkholed
2023-09-20	medium	exnnan.com	Sinkholed
2023-09-20	medium	exnnan.com	Sinkholed
2023-09-20	medium	exnnan.com	Sinkholed
2023-09-20	medium	exnnan.com	Sinkholed
2023-09-20	medium	exnnan.com	Sinkholed
2023-09-19	medium	ecrwqu.com	Sinkholed
2023-09-19	medium	highcpmrevenuenetwork.com	Sinkholed
2023-09-19	medium	highcpmrevenuenetwork.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (39)

	URL	From	Size	First Seen	Last Seen
	unknown	ScriptElement	2.6 kB	2023-06-27	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-27 20:23 Last Seen2024-08-21 09:44 Times Seen622 Hash ad7758eb138c7191d0a0971cb82723a7 215eda05bdf32c92ec6bb35336574d2b4dee24cc cbe2f2fba8dd9216c085aee09fb2d7b1a0689335ac5ee68631e76bdd380e9f8b Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js	ScriptElement	5.4 kB	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js IP 104.18.43.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5792 Hash ac64b59c98bbe50cf69b6c98fa39585c 0a5cc9fb43b8a208481baaf752dbd504078a764b 28ac02c7302149814ed1c1b8a31b96e1ea94247c3b64888a598f66955d28312c Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218	ScriptElement	147 B	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218 IP 104.18.43.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5793 Hash 1d18cffe3fc76896ca02254b5879b535 1a8fec7049c5644eaab6f7aecf8672f3f858d037 cb934bad0e7cb0b0b2edbc619a28b2d7ee4960dba893c3c2ce2a63e458d8af5b Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218	ScriptElement	307 B	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218 IP 104.18.43.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5790 Hash 5633bd464ac4d5c3fab4b6c6db04c743 e9b255450e7612595382082329b0fe88904abcee ca8576fcf8d4ca2350c9fe2a7976729e6e3c6b42ca948060a509a1eed46e93fd Loading...

	a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js	ScriptElement	956 B	2023-03-07	2025-02-02
Pretty URL a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js IP 85.184.96.5 ASN #47171 Unibet Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12 Last Seen2025-02-02 17:17 Times Seen4811 Hash fd48e87ecd4d06d9c5df490b91dc813e a65a437db44444634e4f41732c590c1d14433b3f 2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47 Loading...

	welcome.unibet.com/custom.js	ScriptElement	5.9 kB	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/custom.js IP 104.18.43.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5794 Hash 7bf01e92dd55d5fa298f55fbcb9afd30 4db58eaa64d33bce2d1ae88d5ed6919d8986f8dc 2c13bba84b390447c18343fd8319ca7aea45208f53fb3143ed27c354fd5b2b1f Loading...

	unknown	ScriptElement	37 kB	2023-03-07	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen1297 Hash 93db3dee4c43b7d39a245c49591ba4b5 e22687abedfc3b2496fa1b3ba61a2f567f1211b8 0dc951e8d75c93a7d625da52744fcecb22b197c2f92783dd71f1cfead1b9b043 Loading...

	unknown	ScriptElement	229 B	2023-06-27	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-27 20:23 Last Seen2024-08-21 09:44 Times Seen1299 Hash 7fa3bc3bb74dbf0be49e37460a000b2e 318a5e404c016ab5ffbc4c25c8ac053cb08b7435 14751db63efb95ad450adeabcff7aec5e2d9018a106cf38a31b794f52ad781a3 Loading...

	unknown	ScriptElement	7.6 kB	2023-08-08	2023-10-12
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-08 18:00 Last Seen2023-10-12 05:21 Times Seen644 Hash efeee1496d32783302e993e004380450 bb62d0332764257611d1925f47f5124242caf865 990a3717f24e31a5f11a56234a960dd40e8480bcda53ad3984469e81baa6801a Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js	ScriptElement	4.5 kB	2023-03-07	2025-02-02
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js IP 104.18.43.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-02-02 17:17 Times Seen5795 Hash 04fc48de78cbfc5d1557e9df399c7733 e1bf77a4fef1943b0eab404c4abbe9477cb373e0 4c6d70ebaf667a642560297cdca94fa760d3624e1f4cab0da08711f0c492fed6 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC	ScriptElement	272 kB	2023-09-20	2023-09-20
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-20 04:33 Last Seen2023-09-20 04:42 Times Seen3 Hash 95152d72cfd089ae2130f0d7d32e0784 c3fbf02f167e0cf4ab229a28d3a927b13eb7c34b 2d26ae24ce827a4e16732b9b7870b014d3bcaa00ede2811187b197c16486608a Loading...

	unknown	ScriptElement	59 kB	2023-03-07	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen625 Hash b7fb41ed89500bb6a8f482f91216cfac caf092ff1935a3a13e8608d56ce60c008b498d68 4a2dbda07d552ad5d425033fcd10ccb1addc5140a177cbb0d11bb3f2f7974a8c Loading...

	unknown	ScriptElement	2.2 kB	2023-03-07	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen622 Hash c0f99959e76a9ae3302a785606121738 b7121b4e8dfd06a376a210933831917cf22131a7 8635426cb6fbc3d728559ba093c8aa5455f2d5338aefb695ef68aa88a406f615 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218	ScriptElement	295 B	2023-09-13	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218 IP 104.18.43.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-13 20:26 Last Seen2024-08-21 06:57 Times Seen5369 Hash c19afddc1697308e0ef68fc2225c7f22 c77de15393ad1ee1d0d49afd6cc7c1cdefa9a5b4 7d80f28d2d8c0b322d667bc27797d7e01c2e90fa2a7d1025db04252d5b83f202 Loading...

	unknown	ScriptElement	277 B	2023-03-07	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen550 Hash a06048fa305b7e3bd9b89366aee69071 05699ca86b944c67a0fc3240aeace995d9563200 4bdeff956fa33cb08c22fb884ba60fbb1f06c137b1df07e5f493ae4e3d6f88ff Loading...

	a1s.unibet.com/orval/tracking/lastclick.min.js	ScriptElement	1.8 kB	2023-03-07	2025-02-02
Pretty URL a1s.unibet.com/orval/tracking/lastclick.min.js IP 85.184.96.5 ASN #47171 Unibet Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-02-02 17:17 Times Seen4745 Hash 8027969a31091dd0d3a7813f95ee7e10 591677c488b8b98532778e11adc9348253a014a4 5166be250f7de7d316b5fb9778843cc3268ce3e00f917530f65e99dcdb355b60 Loading...

	unknown	ScriptElement	667 B	2023-03-07	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen552 Hash 2d41aac452b14ef4b388a79a47791b35 cee1071dcf7b8095fe214afc02177dc39bd4f973 44ed144c670270401a2ba9d624c2d98dc2e31c3df30ce612a7c94041cb2210de Loading...

	unknown	ScriptElement	715 B	2023-06-27	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-27 20:23 Last Seen2024-08-21 09:44 Times Seen553 Hash 6e46183de80d98ad3c01c6587fa8d034 c98fd0c68bbeaec17f38180c6356c0ee6713f94c 6d37d92d377fcd254e844561f573bda758f6bc343011e7c433b0ffae568f3819 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-05-10
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 172.217.21.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 23:27 Times Seen57528 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218	ScriptElement	218 B	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218 IP 104.18.43.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 06:57 Times Seen5369 Hash 91824c153a2424389807187ea41b9137 0ac7bf21044c90de1568152896efb9466c90b412 74abc0c84e63335fab7da57b01856b457f332b55d1ae539baadb180b13be726c Loading...

	welcome.unibet.com/widget/betslip/betslip.js	ScriptElement	15 kB	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/widget/betslip/betslip.js IP 104.18.43.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5796 Hash 5770dc60397ffb834d1280aa7bcebbd0 f0bbf2136b83babe5a8f70eeff2308279e9a0d3a 42e08e8d4858e610d87679ab66e8a7cf4b575614c0aa1423d8a1c0245bda9a52 Loading...

	unknown	ScriptElement	9.1 kB	2023-08-08	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-08 18:00 Last Seen2024-08-21 09:44 Times Seen550 Hash f6969cb2330a499b08e0366afa764684 c1c7151cd2ee0a83efd69461b5b5b5d130278ffa 80b7123040269a170ecddc358ac77eea42d877a5c4107a26191205d70820cdbc Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218	ScriptElement	92 B	2023-03-07	2025-02-02
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218 IP 104.18.43.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2025-02-02 17:17 Times Seen5784 Hash 7f0f3c1a6218ba26e0a2303513a4b789 a8d06c9a0d0b367220509b18213f6b102f4b4fc0 faffe243fd7f581af68fd7dafdf86ff1e5c0824831f03d5758cb309da65fddda Loading...

	unknown	ScriptElement	2.6 kB	2023-03-07	2025-02-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-02-02 17:17 Times Seen5802 Hash cd03538fc58df8693fe9af9337788f0f 408a15551710117d0538fc9442a55b5678bb85a5 cc933dd733a6db1a1a9ff1d7c0adb26717fa27d4d177b7a5a2cab0bfdb353562 Loading...

	unknown	ScriptElement	7.6 kB	2023-06-27	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-27 20:23 Last Seen2024-08-21 09:44 Times Seen551 Hash 87c693ddc401fd6f0e242f0e616a8bca 8972c24905c28d2b8a89fdd2f9e9b2a0b6840a4e 7b102cd1fdb10d209b209582a24d096077a2ffa9679926089da5c1fd6f5cba24 Loading...

	www.unibet.com/kindred_snow/s3.7.0/kindred_s.js	ScriptElement	74 kB	2023-03-12	2025-04-01
Pretty URL www.unibet.com/kindred_snow/s3.7.0/kindred_s.js IP 85.184.96.0 ASN #47171 Unibet Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:47 Last Seen2025-04-01 10:09 Times Seen6322 Hash 3fb00dbb8acb3c68fd5ddb674f22bb88 cf7bc4f71f0ff66037ac2e564963ff4c2737e766 7d3d84e73da67922341950d1542a5a5da2420ea18026e314a9aec22f631e4246 Loading...

	unknown	ScriptElement	196 B	2023-08-08	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-08 18:00 Last Seen2024-08-21 09:44 Times Seen1296 Hash f961397e9b7af411a956f049cde5ef71 99f694c728313531a5a64ac6841ad8cbccdad6a1 07270979a42d41686bd08a22cf40a278ed470f18e67f15f71caf51bb5e5c6fa4 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218	ScriptElement	364 B	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218 IP 104.18.43.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5771 Hash b7207d294237fb810195b41fdd3cac28 ff7ef257957cbc2074fa5814177bb7cbbac44eb2 12f39122cef3c11903118c0f4769199ddc1e0e5ba13d7dbe8373e5c77391baf5 Loading...

	unknown	ScriptElement	992 B	2023-08-08	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-08 18:00 Last Seen2024-08-21 09:44 Times Seen550 Hash e76a17c30614360a91ac1e53f18540c7 d191c401be06c42b5708ac338f4d165c25367033 a749b3078071d135c33d4a141a4f19da622ac346318d0a715341afacc94a960a Loading...

		Size	First Seen	Last Seen
	#1 Eval - d66a51311c2681be9b2814403d8e8308	60 B	2023-03-07 01:11	2025-01-27 14:29
Pretty Observations First Seen2023-03-07 01:11 Last Seen2025-01-27 14:29 Times Seen691 Hash d66a51311c2681be9b2814403d8e8308 284b626b87d046fe1adfc6899ade214d57f09655 9d51544cc513110b130345a977b1e9e630b5a7aa01518f7f7898758b79a9699f Loading...

	#2 Eval - dddc8519e9834ad5d3074584ccf9f8b7	132 B	2023-03-07 01:11	2024-08-21 09:44
Pretty Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen631 Hash dddc8519e9834ad5d3074584ccf9f8b7 829d5d1a21eff85f38994e567322cc3bcce9c9cd 0a23e511994a2c03a725773de07810ff171878b9c0177f40a663038e4e251168 Loading...

	#3 Eval - 596da5f7bb09f22c58c4073eb41d604e	62 B	2023-03-07 01:11	2024-08-21 09:44
Pretty Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen631 Hash 596da5f7bb09f22c58c4073eb41d604e 66603b30823c3a560dae4f1b6afb92ab5a0f91d5 adf0ca592504ef680d5ea02d5161b15be0572fd3e5b41d152b74f0c76aea6c42 Loading...

	#4 Eval - 4b4768884dd164bcabacb4edf182609a	61 B	2023-03-07 01:11	2024-08-21 09:44
Pretty Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen631 Hash 4b4768884dd164bcabacb4edf182609a 881cdbd84f94dc256c40f2ee489d83f956c1b36b 9259355921509ced00b4d7d3e76c151037a06c88a646cd7d47d5d9c96984697c Loading...

	#5 Eval - add2d829cf386f4838b0cdef5348451c	71 B	2023-03-07 01:11	2025-04-14 20:51
Pretty Observations First Seen2023-03-07 01:11 Last Seen2025-04-14 20:51 Times Seen636 Hash add2d829cf386f4838b0cdef5348451c c8295463ce81113f7396d77c108349f473285c49 dcdd7e7e286c45c94638f28053384616d6ca9a1b396b0109cb51f1298ba342bb Loading...

	#6 Eval - 84b2cd04a3e6a53dd1e2d2281b4ec9d0	55 B	2023-03-07 01:11	2024-08-21 09:44
Pretty Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen631 Hash 84b2cd04a3e6a53dd1e2d2281b4ec9d0 453fd8561e4859d9adbbe37e66110d2584bc2c1d 14986cbd70f8b8a1770adf9800c113847daf392c2999dfff9dc71d2be98f3282 Loading...

	#7 Eval - 0df47f7ec8a7025bea46266133fe90c1	54 B	2023-03-07 01:11	2025-04-15 03:11
Pretty Observations First Seen2023-03-07 01:11 Last Seen2025-04-15 03:11 Times Seen660 Hash 0df47f7ec8a7025bea46266133fe90c1 407aeb860ef834517df3dfa568905e7c95d42d9f fc490a09c28110ae2a7c965801ebeb5c572587f55c3524889f547dbcc34c1d81 Loading...

	#8 Eval - a2bcebb48aaee0300030cf8123020f69	135 B	2023-03-07 01:11	2024-08-21 09:44
Pretty Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen631 Hash a2bcebb48aaee0300030cf8123020f69 365d67c7f5ce945805339efb40c083cc97d1f9b2 fc7b851f30df68c5cc6d1fb3f06c300b2b1d7271f76cc187224050270141f0ed Loading...

	#9 Eval - 52a838bf9957f0cff2021c034f169cb0	88 B	2023-03-07 01:11	2024-08-21 09:44
Pretty Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen1304 Hash 52a838bf9957f0cff2021c034f169cb0 30a7327c54334eb310944b6fd01ddf34b4e2ad9d 5e05e2cf30322e8f71d65a22aa5f4a095923b67286a61d83b7787e3468f42f62 Loading...

		Size	First Seen	Last Seen
	#1 Write - ac798ac2b2c9559c3e64b701f845c78e	50 B	2023-03-07 01:11	2024-08-21 09:44
Pretty Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5804 Hash ac798ac2b2c9559c3e64b701f845c78e 288602cbfebecea88ca238ce32c92d133bf59bff a2b051fa7d206df6e4eeee27678781de0752c1ac7adcfd359c1a2fc7ff507449 Loading...

HTTP Transactions (101)

URL IP Response Size

5pyqt.exnnan.com/images/play-2/icon1.png

88.208.45.26

7.3 kB

URL
5pyqt.exnnan.com/images/play-2/icon1.png
IP
88.208.45.26:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
7.3 kB (7252 bytes)
Hash
3d0ab5834c8bf7134e4d21fa3288317f
c31d1a6b9df206f67ea194f4c424cdc372a423c2
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/play-2/icon1.png HTTP/1.1
Host: 5pyqt.exnnan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5pyqt.exnnan.com/play-2_1?h=waWQiOjExMjU2MzUsInNpZCI6MTE1NTgzOSwid2lkIjozNzAwOTIsInNyYyI6Mn0=eyJ&click_id=a6a5ehoqnbg2twj6d2&si2=intent://exnnan.com/play-2_1&i=1
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.1
date: Wed, 20 Sep 2023 02:42:15 GMT
content-type: image/png
content-length: 7252
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-1c54"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2

5pyqt.exnnan.com/images/play-2/icon2.png

88.208.45.26

4.6 kB

URL
5pyqt.exnnan.com/images/play-2/icon2.png
IP
88.208.45.26:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4576 bytes)
Hash
c947d439eb93367f1af5b2a3d222f057
5b4c10820d39e624bc6df72a113679da80a8e44e
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/play-2/icon2.png HTTP/1.1
Host: 5pyqt.exnnan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5pyqt.exnnan.com/play-2_1?h=waWQiOjExMjU2MzUsInNpZCI6MTE1NTgzOSwid2lkIjozNzAwOTIsInNyYyI6Mn0=eyJ&click_id=a6a5ehoqnbg2twj6d2&si2=intent://exnnan.com/play-2_1&i=1
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.1
date: Wed, 20 Sep 2023 02:42:15 GMT
content-type: image/png
content-length: 4576
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-11e0"
x-zone: eu3
accept-ranges: bytes
X-Firefox-Spdy: h2

bcuiaw.com/rpe?a=1&s=1&act=17&src=2&p=1125635&st=1155839&wd=370092&d=exnnan.com&tpl=78&rnd=0.3552984660527363&sbid=&sbid2=intent%3A%2F%2Fexnnan.com%2Fplay-2_1

185.162.85.19

0 B

URL
bcuiaw.com/rpe?a=1&s=1&act=17&src=2&p=1125635&st=1155839&wd=370092&d=exnnan.com&tpl=78&rnd=0.3552984660527363&sbid=&sbid2=intent%3A%2F%2Fexnnan.com%2Fplay-2_1
IP
185.162.85.19:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rpe?a=1&s=1&act=17&src=2&p=1125635&st=1155839&wd=370092&d=exnnan.com&tpl=78&rnd=0.3552984660527363&sbid=&sbid2=intent%3A%2F%2Fexnnan.com%2Fplay-2_1 HTTP/1.1
Host: bcuiaw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://5pyqt.exnnan.com
DNT: 1
Connection: keep-alive
Referer: https://5pyqt.exnnan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 20 Sep 2023 02:42:15 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2

5pyqt.exnnan.com/images/play-2/icon4.png

88.208.45.26

7.0 kB

URL
5pyqt.exnnan.com/images/play-2/icon4.png
IP
88.208.45.26:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
7.0 kB (7032 bytes)
Hash
7ad7f32c1c0df7b4975cc41bda4ac435
81d57e996ee6cd9e122592e68ffa3d55c1ba10ff
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/play-2/icon4.png HTTP/1.1
Host: 5pyqt.exnnan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5pyqt.exnnan.com/play-2_1?h=waWQiOjExMjU2MzUsInNpZCI6MTE1NTgzOSwid2lkIjozNzAwOTIsInNyYyI6Mn0=eyJ&click_id=a6a5ehoqnbg2twj6d2&si2=intent://exnnan.com/play-2_1&i=1
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.1
date: Wed, 20 Sep 2023 02:42:15 GMT
content-type: image/png
content-length: 7032
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-1b78"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2

5pyqt.exnnan.com/play-2_1?h=waWQiOjExMjU2MzUsInNpZCI6MTE1NTgzOSwid2lkIjozNzAwOTIsInNyYyI6Mn0=eyJ&click_id=a6a5ehoqnbg2twj6d2&si2=intent://exnnan.com/play-2_1&i=1

88.208.45.26

17 kB

URL
5pyqt.exnnan.com/play-2_1?h=waWQiOjExMjU2MzUsInNpZCI6MTE1NTgzOSwid2lkIjozNzAwOTIsInNyYyI6Mn0=eyJ&click_id=a6a5ehoqnbg2twj6d2&si2=intent://exnnan.com/play-2_1&i=1
IP
88.208.45.26:0
ASN
#39572 DataWeb Global Group B.V.

File type
gzip compressed data, from Unix\012- data
Size
17 kB (16714 bytes)
Hash
f8e61d0cd79e0807799570c7f06124a4
32bab7049f37efa3412f557a9e46cabc55ea2d16
467592f58fda12614e5fb7a1433a49e6ccd7f1d92b4290b79ac18b4e37b016d6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /play-2_1?h=waWQiOjExMjU2MzUsInNpZCI6MTE1NTgzOSwid2lkIjozNzAwOTIsInNyYyI6Mn0=eyJ&click_id=a6a5ehoqnbg2twj6d2&si2=intent://exnnan.com/play-2_1&i=1 HTTP/1.1
Host: 5pyqt.exnnan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exnnan.com/
Cookie: truniq=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.1
date: Wed, 20 Sep 2023 02:42:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-zone: eu3
content-encoding: gzip
X-Firefox-Spdy: h2

5pyqt.exnnan.com/images/play-2/icon5.png

88.208.45.26

3.3 kB

URL
5pyqt.exnnan.com/images/play-2/icon5.png
IP
88.208.45.26:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3264 bytes)
Hash
1e1a7582b5da63e10485d63f97abc9a0
ca3ee3067f96c732f455bc7c99ec5100194f13f6
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/play-2/icon5.png HTTP/1.1
Host: 5pyqt.exnnan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5pyqt.exnnan.com/play-2_1?h=waWQiOjExMjU2MzUsInNpZCI6MTE1NTgzOSwid2lkIjozNzAwOTIsInNyYyI6Mn0=eyJ&click_id=a6a5ehoqnbg2twj6d2&si2=intent://exnnan.com/play-2_1&i=1
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.1
date: Wed, 20 Sep 2023 02:42:15 GMT
content-type: image/png
content-length: 3264
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-cc0"
x-zone: eu3
accept-ranges: bytes
X-Firefox-Spdy: h2

5pyqt.exnnan.com/images/play-2/icon7.png

88.208.45.26

3.3 kB

URL
5pyqt.exnnan.com/images/play-2/icon7.png
IP
88.208.45.26:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3283 bytes)
Hash
b512735542cb07b3b2dcf153a7dfe456
93bde8875412ce266600e2af1c37123483a50376
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/play-2/icon7.png HTTP/1.1
Host: 5pyqt.exnnan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5pyqt.exnnan.com/play-2_1?h=waWQiOjExMjU2MzUsInNpZCI6MTE1NTgzOSwid2lkIjozNzAwOTIsInNyYyI6Mn0=eyJ&click_id=a6a5ehoqnbg2twj6d2&si2=intent://exnnan.com/play-2_1&i=1
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.1
date: Wed, 20 Sep 2023 02:42:15 GMT
content-type: image/png
content-length: 3283
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-cd3"
x-zone: eu4
accept-ranges: bytes
X-Firefox-Spdy: h2

5pyqt.exnnan.com/images/play-2/icon8.png

88.208.45.26

4.1 kB

URL
5pyqt.exnnan.com/images/play-2/icon8.png
IP
88.208.45.26:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4064 bytes)
Hash
f92d6474ebc6a3a0b576749cfb4afe98
0f4ce3dcf04873b8098c01d20c44967fb9fce0cc
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/play-2/icon8.png HTTP/1.1
Host: 5pyqt.exnnan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5pyqt.exnnan.com/play-2_1?h=waWQiOjExMjU2MzUsInNpZCI6MTE1NTgzOSwid2lkIjozNzAwOTIsInNyYyI6Mn0=eyJ&click_id=a6a5ehoqnbg2twj6d2&si2=intent://exnnan.com/play-2_1&i=1
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.1
date: Wed, 20 Sep 2023 02:42:15 GMT
content-type: image/png
content-length: 4064
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-fe0"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2

ecrwqu.com/cuclc?aid=5599131203654337142&t=1695177735&s=74

185.162.85.20

1.3 kB

URL
ecrwqu.com/cuclc?aid=5599131203654337142&t=1695177735&s=74
IP
185.162.85.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1262), with no line terminators
Size
1.3 kB (1262 bytes)
Hash
f60125f259e854486f4674938141b4a0
faf47df8eae382c1b9b6473aa2a982b1c752cd67
968a8f48aae205f8c79ca4a6d6ab32b4e1ead86663845b30d79c3a27732c23c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cuclc?aid=5599131203654337142&t=1695177735&s=74 HTTP/1.1
Host: ecrwqu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5pyqt.exnnan.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.18.0
date: Wed, 20 Sep 2023 02:42:16 GMT
content-type: text/html; charset=utf-8
content-length: 1262
location: https://s.viidirectory.com/h/254/m2tuuqoctv7vvh6d4wnitlgjwktuk54u4tmlvcgw355hqgd2n57hyeduafrcp2xs4h7e4kqvzm33gwpmk2h7o7osgo2ie6piohfo5rxmucizxzg4nsbesonaipay5hhflo2fn4nm37fdd4tqtxlyhulj2zxffyklmm4sf6skp2cuaz75gfziqrswwnzxjgrqopzhxhe46vx44342u73gbn3os7dpd3saufidircztrkk5k5w745ze4ppkkmes36gndl7hygjohhu4uthpz5umyqbpjxxoytxibcfoc2aivgwmr3tlz2f2zt77fsxnp2ol27u7flzwq7kiuhflwqhvedk2r5ju4ehpoxglhdikrfftzdwr5heskfqizr5wm2mzbavny3u4xx3rxt6nlkxeqxuv2nvew65qfixks3ipyieqe4thussn3cwswax3urtx32hbodrtspe5fsrnava6akyfyww67lvjnrqel3jo5rxoryukvluira2m4khectrlzrxg4ahcpwuqso6jlmjxjbu2vnfb2sbm3blgcvxod57rc35xnchxz42ogixlox5xt547mw4t7nezosh3fbbsaiwijef2vzxd47ac2ayeivcucqhdyrc6oj4fvosixzdo52webbfcejq2eitcuqe27c5ojkwa63pcipbsl3vm55xartdab4w65ddpjduyvqbinkbwmief4esshrjoz4fgqklfetskpd7ib6qmcdvobysmciba5abyeyub4ms4uzfaith4liejzmh24dgpqqeeyacpfxckybgi5bqabiwjiogoqtzkz7quncrbrvx2xdypbsha5kkmqdxisgjt345rrufxkx3q6ly6cpinhdjcjgzrftqx66u6bwmzg6nemiv3dxn5dt2cwbitoxzqcxy7nmri4cfhw2ix7cmjysoorxuudkjc4ssymbhpfpfub2ecmlbsjrpfenrsdzafaxt4rs4p56w4633luyfsidihj7ucqps3kn5u5ccmv4ew5uqtrmgxbphp5abqaol6f37jedeorquiv2dgfp4waongohhqlffdypem3ydluywgbk6hfem3kjc5mujqzy=?u=
X-Firefox-Spdy: h2

s.viidirectory.com/favicon.ico

31.220.27.134

0 B

URL
s.viidirectory.com/favicon.ico
IP
31.220.27.134:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: s.viidirectory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.viidirectory.com/h/254/m2tuuqoctv7vvh6d4wnitlgjwktuk54u4tmlvcgw355hqgd2n57hyeduafrcp2xs4h7e4kqvzm33gwpmk2h7o7osgo2ie6piohfo5rxmucizxzg4nsbesonaipay5hhflo2fn4nm37fdd4tqtxlyhulj2zxffyklmm4sf6skp2cuaz75gfziqrswwnzxjgrqopzhxhe46vx44342u73gbn3os7dpd3saufidircztrkk5k5w745ze4ppkkmes36gndl7hygjohhu4uthpz5umyqbpjxxoytxibcfoc2aivgwmr3tlz2f2zt77fsxnp2ol27u7flzwq7kiuhflwqhvedk2r5ju4ehpoxglhdikrfftzdwr5heskfqizr5wm2mzbavny3u4xx3rxt6nlkxeqxuv2nvew65qfixks3ipyieqe4thussn3cwswax3urtx32hbodrtspe5fsrnava6akyfyww67lvjnrqel3jo5rxoryukvluira2m4khectrlzrxg4ahcpwuqso6jlmjxjbu2vnfb2sbm3blgcvxod57rc35xnchxz42ogixlox5xt547mw4t7nezosh3fbbsaiwijef2vzxd47ac2ayeivcucqhdyrc6oj4fvosixzdo52webbfcejq2eitcuqe27c5ojkwa63pcipbsl3vm55xartdab4w65ddpjduyvqbinkbwmief4esshrjoz4fgqklfetskpd7ib6qmcdvobysmciba5abyeyub4ms4uzfaith4liejzmh24dgpqqeeyacpfxckybgi5bqabiwjiogoqtzkz7quncrbrvx2xdypbsha5kkmqdxisgjt345rrufxkx3q6ly6cpinhdjcjgzrftqx66u6bwmzg6nemiv3dxn5dt2cwbitoxzqcxy7nmri4cfhw2ix7cmjysoorxuudkjc4ssymbhpfpfub2ecmlbsjrpfenrsdzafaxt4rs4p56w4633luyfsidihj7ucqps3kn5u5ccmv4ew5uqtrmgxbphp5abqaol6f37jedeorquiv2dgfp4waongohhqlffdypem3ydluywgbk6hfem3kjc5mujqzy=?u=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx/1.23.2
date: Wed, 20 Sep 2023 02:42:16 GMT
X-Firefox-Spdy: h2

s.viidirectory.com/cnt/api/index

31.220.27.134

0 B

URL
s.viidirectory.com/cnt/api/index
IP
31.220.27.134:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cnt/api/index HTTP/1.1
Host: s.viidirectory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 3288
Origin: https://s.viidirectory.com
DNT: 1
Connection: keep-alive
Referer: https://s.viidirectory.com/h/254/m2tuuqoctv7vvh6d4wnitlgjwktuk54u4tmlvcgw355hqgd2n57hyeduafrcp2xs4h7e4kqvzm33gwpmk2h7o7osgo2ie6piohfo5rxmucizxzg4nsbesonaipay5hhflo2fn4nm37fdd4tqtxlyhulj2zxffyklmm4sf6skp2cuaz75gfziqrswwnzxjgrqopzhxhe46vx44342u73gbn3os7dpd3saufidircztrkk5k5w745ze4ppkkmes36gndl7hygjohhu4uthpz5umyqbpjxxoytxibcfoc2aivgwmr3tlz2f2zt77fsxnp2ol27u7flzwq7kiuhflwqhvedk2r5ju4ehpoxglhdikrfftzdwr5heskfqizr5wm2mzbavny3u4xx3rxt6nlkxeqxuv2nvew65qfixks3ipyieqe4thussn3cwswax3urtx32hbodrtspe5fsrnava6akyfyww67lvjnrqel3jo5rxoryukvluira2m4khectrlzrxg4ahcpwuqso6jlmjxjbu2vnfb2sbm3blgcvxod57rc35xnchxz42ogixlox5xt547mw4t7nezosh3fbbsaiwijef2vzxd47ac2ayeivcucqhdyrc6oj4fvosixzdo52webbfcejq2eitcuqe27c5ojkwa63pcipbsl3vm55xartdab4w65ddpjduyvqbinkbwmief4esshrjoz4fgqklfetskpd7ib6qmcdvobysmciba5abyeyub4ms4uzfaith4liejzmh24dgpqqeeyacpfxckybgi5bqabiwjiogoqtzkz7quncrbrvx2xdypbsha5kkmqdxisgjt345rrufxkx3q6ly6cpinhdjcjgzrftqx66u6bwmzg6nemiv3dxn5dt2cwbitoxzqcxy7nmri4cfhw2ix7cmjysoorxuudkjc4ssymbhpfpfub2ecmlbsjrpfenrsdzafaxt4rs4p56w4633luyfsidihj7ucqps3kn5u5ccmv4ew5uqtrmgxbphp5abqaol6f37jedeorquiv2dgfp4waongohhqlffdypem3ydluywgbk6hfem3kjc5mujqzy=?u=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.23.2
date: Wed, 20 Sep 2023 02:42:16 GMT
content-type: application/json
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://s.viidirectory.com
X-Firefox-Spdy: h2

goto.trackpshgoto.win/15GTdq?camp=634900&site=1325064704969431&category=126&cost=3.0E-4&external_id=cnv5de957804b13446a7e66b7d8d72389fd

20.113.67.50

320 B

URL
goto.trackpshgoto.win/15GTdq?camp=634900&site=1325064704969431&category=126&cost=3.0E-4&external_id=cnv5de957804b13446a7e66b7d8d72389fd
IP
20.113.67.50:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document, ASCII text, with very long lines (320), with no line terminators
Size
320 B (320 bytes)
Hash
e55d71713264ab75a673e1353510b27b
90c860b04b956461e58990a7c626a13d33ca4aba
b6366b41bf2dcac32057d69ef7865e4463a832fd5706144bafca5fec4d4b1d8a

HTTP Headers

GET /15GTdq?camp=634900&site=1325064704969431&category=126&cost=3.0E-4&external_id=cnv5de957804b13446a7e66b7d8d72389fd HTTP/1.1
Host: goto.trackpshgoto.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.23.0
Date: Wed, 20 Sep 2023 02:42:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 320
Connection: keep-alive
X-Powered-By: Express
Set-Cookie: 15GTdqo=20230920051695177877645; domain=.goto.trackpshgoto.win; path=/;expires=Thu, 21 Sep 2023 02:42:16 GMT;  httpOnly=true;SameSite=None; Secure;
_pc_lc_id=15GTdq; domain=.goto.trackpshgoto.win; path=/;expires=Thu, 21 Sep 2023 02:42:16 GMT;  httpOnly=true;SameSite=None; Secure;
peerclickcid=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920; domain=.goto.trackpshgoto.win; path=/;expires=Thu, 21 Sep 2023 02:42:16 GMT;  httpOnly=true;SameSite=None; Secure;
_norg=1; domain=.goto.trackpshgoto.win; path=/;expires=Thu, 21 Sep 2023 02:42:16 GMT;  httpOnly=true;SameSite=None; Secure;
Location: https://alvsx.cloudpsh.top/?pl=ewFXUS8HLUyIQl_3c1i3OA&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431
Vary: Accept

alvsx.cloudpsh.top/?pl=ewFXUS8HLUyIQl_3c1i3OA&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431

5.75.133.219

0 B

URL
alvsx.cloudpsh.top/?pl=ewFXUS8HLUyIQl_3c1i3OA&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431
IP
5.75.133.219:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?pl=ewFXUS8HLUyIQl_3c1i3OA&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431 HTTP/1.1
Host: alvsx.cloudpsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Wed, 20 Sep 2023 02:42:16 GMT
content-length: 0
location: https://alvsx.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
set-cookie: ewFXUS8HLUyIQl_3c1i3OA=1; max-age=345600; path=/; samesite=lax
__pl=cdd3d5f9-0e93-4dd1-81c0-f4735602b292; expires=Sat, 20 Sep 2025 02:42:16 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2

alvsx.darkdepthdriller.top/space-robot/assets/corner.png

104.21.73.160

300 B

URL
alvsx.darkdepthdriller.top/space-robot/assets/corner.png
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 44 x 44, 8-bit colormap, non-interlaced\012- data
Size
300 B (300 bytes)
Hash
f66c38fa2cd7c50bd1989d41da28fb80
e1de333eca72647f3c1831083fe678cfa8fe9eab
3059be4046e0315ad1c0d1cb163d9daaf759bdf16e906e908842fac07e5608a2

HTTP Headers

GET /space-robot/assets/corner.png HTTP/1.1
Host: alvsx.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:17 GMT
content-type: image/png
content-length: 300
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
etag: "649c0dba-12c"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5213
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AplmI%2BiHAdwvrxRdsc5MTb%2BZP44W4iuH%2BtYuLB2PGDr3m92n4%2BjG0JlpnRE8M62R0sTPbVTLHeqA86mq8LeHnIW8LtuXWMmuQwkzgIAR4bbDt5XRrasNMfLbEgmPNJ%2FDomnyoDY3WQRaIAPKTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6d96c2fb4f4-OSL
alt-svc: h3=":443"; ma=86400

code.jquery.com/jquery-2.1.4.min.js

151.101.2.137

30 kB

URL
code.jquery.com/jquery-2.1.4.min.js
IP
151.101.2.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32025)
Size
30 kB (29519 bytes)
Hash
f9c7afd05729f10f55b689f36bb20172
43dc554608df885a59ddeece1598c6ace434d747
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

HTTP Headers

GET /jquery-2.1.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.darkdepthdriller.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-14979"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 20 Sep 2023 02:42:17 GMT
age: 377084
x-served-by: cache-lga21971-LGA, cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 67, 7968
x-timer: S1695177737.277581,VS0,VE0
vary: Accept-Encoding
content-length: 29519
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f53b2b7aa921ea170cc18d0871f87f8b
c38b9e04da43fd752005c1c82a277856f322e366
e204019f2aecb95f0b6dc967adfa49dbbfa747eb080814f62b8e91f218198c73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 20 Sep 2023 02:42:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

alvsx.darkdepthdriller.top/space-robot/assets/style.css

104.21.73.160

18 kB

URL
alvsx.darkdepthdriller.top/space-robot/assets/style.css
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
18 kB (17618 bytes)
Hash
7feec4414f4e2edba88689df63afec05
675c9be930c44dbd09c44195df4cd5e4bc91be8c
ffbc9a90757bba679af7f0ff813ce5168d68f98f9e752b194f8d05b02d5445f7

HTTP Headers

GET /space-robot/assets/style.css HTTP/1.1
Host: alvsx.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:17 GMT
content-type: text/css
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
etag: W/"649c0dba-251e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5699
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rh7eObPD%2FjjJIBClP75yBatNl79zvALSBP6poq9NbIlohh2TH1cAWf0dN%2FjQTdbN9Di6gROBoZKH%2F5YAZA22pyOui66mNvO%2FsFpIDk9PH4jAUZuQhIbIumBGO4sGXkrkbL6PGeHzg8EQicvaBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6d96c2db4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f53b2b7aa921ea170cc18d0871f87f8b
c38b9e04da43fd752005c1c82a277856f322e366
e204019f2aecb95f0b6dc967adfa49dbbfa747eb080814f62b8e91f218198c73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 20 Sep 2023 02:42:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

alvsx.darkdepthdriller.top/space-robot/assets/apple-touch-icon.png

104.21.73.160

23 kB

URL
alvsx.darkdepthdriller.top/space-robot/assets/apple-touch-icon.png
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
23 kB (23177 bytes)
Hash
f500ba7eee0ae7d1ceb44236ac253165
0614de220ecadb48038ed894d91120ba102c8367
ba5a3083c38d71a2191ee7e614a96812d1f9d88bbfb360d3b61dbb1ffcd51de5

HTTP Headers

GET /space-robot/assets/apple-touch-icon.png HTTP/1.1
Host: alvsx.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:17 GMT
content-type: image/png
content-length: 23177
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
etag: "649c0dba-5a89"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3894
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwphPW3kyxfeVVnVaFWZfJ2sDTA02gkgSFnu3tKdjKtZ3D%2Ftor4e5JChDtQ0sxLb0%2FLth7rLNsWnbxrwUS%2FByYruRLd1UeFVMa3ccUqc60NuW40eblYOyORxiJEZ1B73%2FLGRdWFkHMHRQAranw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6db8d2ab4f4-OSL
alt-svc: h3=":443"; ma=86400

alvsx.darkdepthdriller.top/space-robot/assets/favicon-16x16.png

104.21.73.160

1.2 kB

URL
alvsx.darkdepthdriller.top/space-robot/assets/favicon-16x16.png
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
1.2 kB (1163 bytes)
Hash
9d35b617fd258f648c37812252297dd3
7e32fd007f1c6fe1466d15439173082c0fbe82da
e8a768f8122da75777dc64b6d35e756a1848c4f330f293920c18480df085000a

HTTP Headers

GET /space-robot/assets/favicon-16x16.png HTTP/1.1
Host: alvsx.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:17 GMT
content-type: image/png
content-length: 1163
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
etag: "649c0dba-48b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 577
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKxgD2d1TDoJ5LftsD5efve0XchswpHnFtTuVjkS922FMRz0QTHpjBfPgxA3wfuz9VtPhlWGzdtxrnCPN8jOdD5chvX5qZHqHR3r2WkKY%2FYmBrm6e4c1q72L0jL0HfRY6MGN8DkEnaP9mBKbsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6db8d31b4f4-OSL
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/8.4.1/firebase-app.js

142.250.74.35

6.8 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-app.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (21158)
Size
6.8 kB (6763 bytes)
Hash
e20da9cfaabf0b23d89c2335c06e2b03
b1af5616825acaba44bd714bd2685327abe896fd
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2

HTTP Headers

GET /firebasejs/8.4.1/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.darkdepthdriller.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 6763
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 01:03:30 GMT
expires: Tue, 17 Sep 2024 01:03:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 178730
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

alvsx.darkdepthdriller.top/space-robot/assets/trls.js

104.21.73.160

14 kB

URL
alvsx.darkdepthdriller.top/space-robot/assets/trls.js
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (357), with CRLF line terminators
Size
14 kB (14308 bytes)
Hash
59f05330688d8f2e5212cc7d7c5aea35
005ada82704b96f73669d53d8ac1373aa8852c48
19d86cc07a7da0beb9ede38f5c79c41e0e2576883c63593a548e3fe0d7c95f1e

HTTP Headers

GET /space-robot/assets/trls.js HTTP/1.1
Host: alvsx.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:17 GMT
content-type: application/javascript
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
etag: W/"649c0dba-1e7e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5699
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78ecJFqQ3JOst4pK9IqRhzUp3nulCdMvMRiqrZaKfpAVy2zWHJgDx6pv3LZExbaWKCcigm4VaOBymjLphWIBoIdKu7VcGtmPP9yvXAZeFaQuxag6RyAHFp9eIFckjMYwJ1Z5oYeUPhhayafnMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6d96c2bb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.darkdepthdriller.top/space-robot/assets/corner.png

104.21.73.160

300 B

URL
a.darkdepthdriller.top/space-robot/assets/corner.png
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 44 x 44, 8-bit colormap, non-interlaced\012- data
Size
300 B (300 bytes)
Hash
f66c38fa2cd7c50bd1989d41da28fb80
e1de333eca72647f3c1831083fe678cfa8fe9eab
3059be4046e0315ad1c0d1cb163d9daaf759bdf16e906e908842fac07e5608a2

HTTP Headers

GET /space-robot/assets/corner.png HTTP/1.1
Host: a.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:20 GMT
content-type: image/png
content-length: 300
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
etag: "649c0dba-12c"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4343
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzBqP5jJPw%2FW%2Bpaj9Qgt9%2BNWaEJfNYtabaHcRaxAG9MlZgGajvDj4TjD7CNhfAmKyd2tW%2BFBma6Bgvmn3OrS6PhrVJPwGAmssPP3elMVZEDwoqc35GKlzApj3ctcZAZHmQa4WabpPhFS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6f0f8e1b4f4-OSL
alt-svc: h3=":443"; ma=86400

code.jquery.com/jquery-2.1.4.min.js

151.101.2.137

30 kB

URL
code.jquery.com/jquery-2.1.4.min.js
IP
151.101.2.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32025)
Size
30 kB (29519 bytes)
Hash
f9c7afd05729f10f55b689f36bb20172
43dc554608df885a59ddeece1598c6ace434d747
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

HTTP Headers

GET /jquery-2.1.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.darkdepthdriller.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-14979"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 20 Sep 2023 02:42:20 GMT
age: 377088
x-served-by: cache-lga21971-LGA, cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 67, 7969
x-timer: S1695177741.965334,VS0,VE0
vary: Accept-Encoding
content-length: 29519
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

16 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://a.darkdepthdriller.top
DNT: 1
Connection: keep-alive
Referer: https://a.darkdepthdriller.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 05:45:56 GMT
expires: Wed, 18 Sep 2024 05:45:56 GMT
cache-control: public, max-age=31536000
age: 75384
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

a.darkdepthdriller.top/space-robot/assets/style.css

104.21.73.160

3.2 kB

URL
a.darkdepthdriller.top/space-robot/assets/style.css
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
3.2 kB (3229 bytes)
Hash
7feec4414f4e2edba88689df63afec05
675c9be930c44dbd09c44195df4cd5e4bc91be8c
ffbc9a90757bba679af7f0ff813ce5168d68f98f9e752b194f8d05b02d5445f7

HTTP Headers

GET /space-robot/assets/style.css HTTP/1.1
Host: a.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:20 GMT
content-type: text/css
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
etag: W/"649c0dba-251e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4343
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZ8inNYdYHALkZLBveMlYdMyfPgmlblq467rDGDYR8SuyBkb67UteA8eRBRB78l8tNSV1vPRb4qORR8GRKvbOOYN4S8j8Y6Ai1tdNDfAJjrvtxfAj9tUtJzeidYcAHFSDMyZhR8PFKUi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6f0f8e0b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036

104.21.73.160

30 kB

URL
a.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (474)
Size
30 kB (30150 bytes)
Hash
362cc16a13356513da97f2aba48e92be
64d308482d64fd8a452759d1b5b714820860d312
d03b8912673e855345ce2beb15eff3625410ab371e4dbe2ac3f4643a23e4abc7

HTTP Headers

GET /space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036 HTTP/1.1
Host: a.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.darkdepthdriller.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:20 GMT
content-type: text/html
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oubLs38c6mYX1f5lcFhefWDQXl4aN3vezw5pcJZ788C2oFzofiKeeaKvSmymxQmvsTAfLwX6JEi1JaBDB9w3yAdHMHSOnUd6AHuBZrJIfk%2B8bpAIz5vcN6%2B89oNYNWh%2FsgI%2Ftv%2FFKO80"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8096b6f068a3b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdnstatic.darkdepthdriller.top/ps/config.js?id=ewFXUS8HLUyIQl_3c1i3OA

104.21.73.160

7.0 kB

URL
cdnstatic.darkdepthdriller.top/ps/config.js?id=ewFXUS8HLUyIQl_3c1i3OA
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
7.0 kB (6993 bytes)
Hash
819df168f0587f04b31966844a79e07a
4e4ff7cf09a4460655810d1fd9572268dba920a9
7b3e429fd07d2831236e33f6ba0862a6d27b55cd14bd966541a369b0b1bbbbe5

HTTP Headers

GET /ps/config.js?id=ewFXUS8HLUyIQl_3c1i3OA HTTP/1.1
Host: cdnstatic.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.darkdepthdriller.top/
Cookie: __psu=59e6571d-6ff5-49bc-bf33-af13be3699c6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:21 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfpBFHcOzYvcFuWWuyAJWyMaYBsIU%2Fxk7hx4un%2BAsWJoFY%2BzkAwBKnl%2Flp4ckQp%2BefQGlFIMSfGm5IXeaBJrSD8Kg9c8okkLffwdi8bGN4747%2BY2q2xGxheNubK0KJ%2BybQaqzowbJLbupJrjvm7fL9E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6f1c940b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js

142.250.74.35

11 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (40976)
Size
11 kB (10908 bytes)
Hash
a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7

HTTP Headers

GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.darkdepthdriller.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 15:30:29 GMT
expires: Wed, 18 Sep 2024 15:30:29 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 40312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

b.darkdepthdriller.top/space-robot/assets/corner.png

104.21.73.160

300 B

URL
b.darkdepthdriller.top/space-robot/assets/corner.png
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 44 x 44, 8-bit colormap, non-interlaced\012- data
Size
300 B (300 bytes)
Hash
f66c38fa2cd7c50bd1989d41da28fb80
e1de333eca72647f3c1831083fe678cfa8fe9eab
3059be4046e0315ad1c0d1cb163d9daaf759bdf16e906e908842fac07e5608a2

HTTP Headers

GET /space-robot/assets/corner.png HTTP/1.1
Host: b.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:21 GMT
content-type: image/png
content-length: 300
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
etag: "649c0dba-12c"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4335
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0aipXM7sfT6XeDbmmxhHEPN48d6rDZ6O0fjefFr%2BvWxzkEAet4x0PGQ9OGp%2B5taoD8JcJvDJFY6V5O4ZVWymDL7A1WfvEgXfdNrdHZ7rfP5dgEhjJ1qd50%2BbA%2F83tKvtSXM%2BTZMd3ES"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6f319dab4f4-OSL
alt-svc: h3=":443"; ma=86400

a.darkdepthdriller.top/space-robot/assets/main.js

104.21.73.160

30 kB

URL
a.darkdepthdriller.top/space-robot/assets/main.js
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1794), with no line terminators
Size
30 kB (30008 bytes)
Hash
e007064d63d81a6d97c2f89715028389
2d198eb80febf99c6378586092731c6d1cf72c7a
f392f08652d464570cdc9c514ba60a5fa93b8837d6e12fe1b225e700cde8fa72

HTTP Headers

GET /space-robot/assets/main.js HTTP/1.1
Host: a.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:20 GMT
content-type: application/javascript
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
etag: W/"649c0dba-702"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4343
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=an4MeJ%2BVPrRAwHAKsFWdyJ6BbbPGmLZKdjId%2BrL%2BBcZRhfNWR5NIO%2BnAoX6zu1abuHodsgZr2jbSszg5ECm2oW6%2Fesv52UJK9bE%2Fevvx%2F5TFnkjUh7YGLBtJsGZPhYgGT7E9oQ8nDINH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6f0f8e4b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036

104.21.73.160

22 kB

URL
b.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (474)
Size
22 kB (22490 bytes)
Hash
362cc16a13356513da97f2aba48e92be
64d308482d64fd8a452759d1b5b714820860d312
d03b8912673e855345ce2beb15eff3625410ab371e4dbe2ac3f4643a23e4abc7

HTTP Headers

GET /space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036 HTTP/1.1
Host: b.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.darkdepthdriller.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:21 GMT
content-type: text/html
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJScOPzDLAWpd8eeVojGvFnvrt7N4BE%2FyKBn9jd4e8kQBiOJi5CK0k2yFfC3ylH18s4URNl5vlWCerx16BjMrWbiswS4ARgOx5OUYIogtTqiw18%2BC0Zw3TEnywerFcC8bwNmO5Vfmxld"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8096b6f299a9b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b.darkdepthdriller.top/space-robot/assets/apple-touch-icon.png

104.21.73.160

23 kB

URL
b.darkdepthdriller.top/space-robot/assets/apple-touch-icon.png
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
23 kB (23177 bytes)
Hash
f500ba7eee0ae7d1ceb44236ac253165
0614de220ecadb48038ed894d91120ba102c8367
ba5a3083c38d71a2191ee7e614a96812d1f9d88bbfb360d3b61dbb1ffcd51de5

HTTP Headers

GET /space-robot/assets/apple-touch-icon.png HTTP/1.1
Host: b.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:21 GMT
content-type: image/png
content-length: 23177
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
etag: "649c0dba-5a89"
cache-control: max-age=14400
cf-cache-status: HIT
age: 7012
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEkGGb7uymCvQ6J%2FoLDk%2FANB36eU%2BbIhoIJcuMNjXTXWklivSYwpyELfA6%2BI8Umw3Yo0tjfUKNa%2FjlVUljNQU%2BEZImVdSc%2F51%2FUgHYvg8D6r8%2FgOHX6RJnh%2FS0ByEEfH%2Bkewm6iqvSYr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6f3da28b4f4-OSL
alt-svc: h3=":443"; ma=86400

b.darkdepthdriller.top/space-robot/assets/favicon-16x16.png

104.21.73.160

1.2 kB

URL
b.darkdepthdriller.top/space-robot/assets/favicon-16x16.png
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
1.2 kB (1163 bytes)
Hash
9d35b617fd258f648c37812252297dd3
7e32fd007f1c6fe1466d15439173082c0fbe82da
e8a768f8122da75777dc64b6d35e756a1848c4f330f293920c18480df085000a

HTTP Headers

GET /space-robot/assets/favicon-16x16.png HTTP/1.1
Host: b.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:21 GMT
content-type: image/png
content-length: 1163
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
etag: "649c0dba-48b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 580
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCSkAKPtY7T8fgCyD88RU4OEn1nF8Iy1zrws7pJatl%2B6Weg4Uq1jv7UB1PMy6AAqNdjMFdQngNCqBmrVCN%2BCWeiKV760ANB%2FLl3YQExZBnRTmm4mst3gk6Kem%2BNrWuzlGIe%2BvRrqNS6r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6f3da2ab4f4-OSL
alt-svc: h3=":443"; ma=86400

cdnstatic.darkdepthdriller.top/ps/config.js?id=ewFXUS8HLUyIQl_3c1i3OA

104.21.73.160

7.0 kB

URL
cdnstatic.darkdepthdriller.top/ps/config.js?id=ewFXUS8HLUyIQl_3c1i3OA
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
7.0 kB (6993 bytes)
Hash
819df168f0587f04b31966844a79e07a
4e4ff7cf09a4460655810d1fd9572268dba920a9
7b3e429fd07d2831236e33f6ba0862a6d27b55cd14bd966541a369b0b1bbbbe5

HTTP Headers

GET /ps/config.js?id=ewFXUS8HLUyIQl_3c1i3OA HTTP/1.1
Host: cdnstatic.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.darkdepthdriller.top/
Cookie: __psu=59e6571d-6ff5-49bc-bf33-af13be3699c6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:21 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5AW5P%2FcLqehWikhE6bmcQTkKfDfsikE6Vce%2FLzwt3%2BazwHzt5VL4b2wcFDMxhJS2b9WWNUMSndyS3kmmg0OsRHjk8K1sVM9k4WxdbWvEfDO75HuiqAgfSKmNKNx5mGb1eGB66JoObMnaSZ3P54nEp%2BQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6f3fa37b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js

142.250.74.35

11 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (40976)
Size
11 kB (10908 bytes)
Hash
a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7

HTTP Headers

GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.darkdepthdriller.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 15:30:29 GMT
expires: Wed, 18 Sep 2024 15:30:29 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 40312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdnstatic.darkdepthdriller.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&appspot=&d=https%3A%2F%2Fcdnstatic.darkdepthdriller.top

104.21.73.160

9.3 kB

URL
cdnstatic.darkdepthdriller.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&appspot=&d=https%3A%2F%2Fcdnstatic.darkdepthdriller.top
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (24963), with no line terminators
Size
9.3 kB (9266 bytes)
Hash
ac2b8826845c3d79e77e4a5f2404c2d4
0d17b85ba1dbc1976c6ef6ad87159e9875bbb3cf
a18c9b65d5924dbe659c3f3510ff309c95da2a62d992b7e205d5286de6bbe3a8

HTTP Headers

GET /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&appspot=&d=https%3A%2F%2Fcdnstatic.darkdepthdriller.top HTTP/1.1
Host: cdnstatic.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.darkdepthdriller.top/
Cookie: __psu=59e6571d-6ff5-49bc-bf33-af13be3699c6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:21 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwDOsuB7kwj4p%2BpkykchbGtVXp00NY%2Bt5gK5%2B9hmnlsmZOjMN2X1zQOdLwP0av582k3%2FYvBN65jthaCe5Xz3B0BGEwv5I0vKd5Zx9ha04p0pOGKZ1LOiKWhJ3fOQN%2FkEKNgqVx%2BwpEeFmOvNuZ3E3aQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6f38a0fb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

code.jquery.com/jquery-2.1.4.min.js

151.101.2.137

30 kB

URL
code.jquery.com/jquery-2.1.4.min.js
IP
151.101.2.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32025)
Size
30 kB (29519 bytes)
Hash
f9c7afd05729f10f55b689f36bb20172
43dc554608df885a59ddeece1598c6ace434d747
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

HTTP Headers

GET /jquery-2.1.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.darkdepthdriller.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-14979"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 20 Sep 2023 02:42:21 GMT
age: 377089
x-served-by: cache-lga21971-LGA, cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 67, 7971
x-timer: S1695177742.649325,VS0,VE0
vary: Accept-Encoding
content-length: 29519
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

16 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://c.darkdepthdriller.top
DNT: 1
Connection: keep-alive
Referer: https://c.darkdepthdriller.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 05:45:56 GMT
expires: Wed, 18 Sep 2024 05:45:56 GMT
cache-control: public, max-age=31536000
age: 75385
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

c.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036

104.21.73.160

30 kB

URL
c.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (474)
Size
30 kB (30115 bytes)
Hash
362cc16a13356513da97f2aba48e92be
64d308482d64fd8a452759d1b5b714820860d312
d03b8912673e855345ce2beb15eff3625410ab371e4dbe2ac3f4643a23e4abc7

HTTP Headers

GET /space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036 HTTP/1.1
Host: c.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.darkdepthdriller.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:21 GMT
content-type: text/html
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2FZnlCg%2Fq627eEgsLZsofOvp43jKyNegsaUNs54NjHNnKGn4%2FWw2HA8QgfTvF8SiMqs5bM7golsBlqxgx5TnKtegTHJPGkgUJjaLAuZ4AotIIjIUgVsu%2Be%2FQR%2F%2FkRpeULdrnv8yNLyn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8096b6f4cabfb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c.darkdepthdriller.top/space-robot/assets/favicon-16x16.png

104.21.73.160

1.2 kB

URL
c.darkdepthdriller.top/space-robot/assets/favicon-16x16.png
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
1.2 kB (1163 bytes)
Hash
9d35b617fd258f648c37812252297dd3
7e32fd007f1c6fe1466d15439173082c0fbe82da
e8a768f8122da75777dc64b6d35e756a1848c4f330f293920c18480df085000a

HTTP Headers

GET /space-robot/assets/favicon-16x16.png HTTP/1.1
Host: c.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:21 GMT
content-type: image/png
content-length: 1163
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
etag: "649c0dba-48b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 580
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ElE6dVL%2F3ptaCRI6jgVb7GEVlERfFdbzsllzpDXuuM2TCJiwmKO8f6RzNL1zhlH6aAkQN%2FArF05f05qIsUdb7hm1WHoJKMxE4x3N6yEfXvBZMmjrfHKRdIkti3qD3dL%2FWzd5stNiKdp3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6f61b52b4f4-OSL
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/8.4.1/firebase-app.js

142.250.74.35

6.8 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-app.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (21158)
Size
6.8 kB (6763 bytes)
Hash
e20da9cfaabf0b23d89c2335c06e2b03
b1af5616825acaba44bd714bd2685327abe896fd
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2

HTTP Headers

GET /firebasejs/8.4.1/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.darkdepthdriller.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 6763
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 01:03:30 GMT
expires: Tue, 17 Sep 2024 01:03:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 178731
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

c.darkdepthdriller.top/space-robot/assets/main.js

104.21.73.160

12 kB

URL
c.darkdepthdriller.top/space-robot/assets/main.js
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1794), with no line terminators
Size
12 kB (11627 bytes)
Hash
e007064d63d81a6d97c2f89715028389
2d198eb80febf99c6378586092731c6d1cf72c7a
f392f08652d464570cdc9c514ba60a5fa93b8837d6e12fe1b225e700cde8fa72

HTTP Headers

GET /space-robot/assets/main.js HTTP/1.1
Host: c.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:21 GMT
content-type: application/javascript
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
etag: W/"649c0dba-702"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4326
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwPEnAKIUT2QqNaZhll21wCTUrVWRkE5yXfyx9ozzDhLZCyVwIN%2FcmavMNiuMa8vxe2eRjmLQwcqN1gcrhf9mP%2B9mqNfuW%2BV8NYeDWRkuCNF0%2Fe4l2G8JZlrjviE2tvwdzjaaAMUS%2B4O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6f55b17b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

code.jquery.com/jquery-2.1.4.min.js

151.101.2.137

30 kB

URL
code.jquery.com/jquery-2.1.4.min.js
IP
151.101.2.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32025)
Size
30 kB (29519 bytes)
Hash
f9c7afd05729f10f55b689f36bb20172
43dc554608df885a59ddeece1598c6ace434d747
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

HTTP Headers

GET /jquery-2.1.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.darkdepthdriller.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-14979"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 20 Sep 2023 02:42:21 GMT
age: 377089
x-served-by: cache-lga21971-LGA, cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 67, 7972
x-timer: S1695177742.984437,VS0,VE0
vary: Accept-Encoding
content-length: 29519
X-Firefox-Spdy: h2

d.darkdepthdriller.top/space-robot/assets/corner.png

104.21.73.160

300 B

URL
d.darkdepthdriller.top/space-robot/assets/corner.png
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 44 x 44, 8-bit colormap, non-interlaced\012- data
Size
300 B (300 bytes)
Hash
f66c38fa2cd7c50bd1989d41da28fb80
e1de333eca72647f3c1831083fe678cfa8fe9eab
3059be4046e0315ad1c0d1cb163d9daaf759bdf16e906e908842fac07e5608a2

HTTP Headers

GET /space-robot/assets/corner.png HTTP/1.1
Host: d.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:21 GMT
content-type: image/png
content-length: 300
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
etag: "649c0dba-12c"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3137
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLGUf0vi4SYopfvhDdWynxe0Ju5QJ4VG9koXmbFL4EyTVX5vnUtYpY6jn%2FVOCWF0wIH%2F4dOuGrB6hq3P8jC3K2dGidRSTHv8kIX2REFqSmogrLrVtWYwaIcMRKwacHgTPnmXqk7CN7UY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6f75bf5b4f4-OSL
alt-svc: h3=":443"; ma=86400

104.21.73.160

24 kB

URL
cdnstatic.darkdepthdriller.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&appspot=&d=https%3A%2F%2Fcdnstatic.darkdepthdriller.top
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (24963), with no line terminators
Size
24 kB (24518 bytes)
Hash
ac2b8826845c3d79e77e4a5f2404c2d4
0d17b85ba1dbc1976c6ef6ad87159e9875bbb3cf
a18c9b65d5924dbe659c3f3510ff309c95da2a62d992b7e205d5286de6bbe3a8

HTTP Headers

GET /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&appspot=&d=https%3A%2F%2Fcdnstatic.darkdepthdriller.top HTTP/1.1
Host: cdnstatic.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.darkdepthdriller.top/
Cookie: __psu=59e6571d-6ff5-49bc-bf33-af13be3699c6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:21 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FmwH5Qp0NCjW0LsrNYc4WPLKR0sWZu4cygQer5Oe3ezlFSHV7VzcFxjwIf5LSoYmpUrsxQ2ew2Cm0XEtM0iPhq1zkcv1bKshxU1ebgPtnsaLr%2FfyTHppgz2C5XNHvK48UkQAyJPsXQ%2BS0F0k10rfv8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6f5cb3bb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

d.darkdepthdriller.top/space-robot/assets/apple-touch-icon.png

104.21.73.160

23 kB

URL
d.darkdepthdriller.top/space-robot/assets/apple-touch-icon.png
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
23 kB (23177 bytes)
Hash
f500ba7eee0ae7d1ceb44236ac253165
0614de220ecadb48038ed894d91120ba102c8367
ba5a3083c38d71a2191ee7e614a96812d1f9d88bbfb360d3b61dbb1ffcd51de5

HTTP Headers

GET /space-robot/assets/apple-touch-icon.png HTTP/1.1
Host: d.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:22 GMT
content-type: image/png
content-length: 23177
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
etag: "649c0dba-5a89"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6993
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gwCoThhre%2FWMwhL1h904H7KDA%2B4xOcCBc2jGNIWXHdJbZC91SmFtaOufoh0TQsiv6RB1J%2FvXASCLuiTLXDtTbOnCGgy7%2BCz3t64jgDVgWcXe1Koph%2FoMhCt3%2F6JCCw5e2%2FykkKPGTmc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6f83c3fb4f4-OSL
alt-svc: h3=":443"; ma=86400

d.darkdepthdriller.top/space-robot/assets/favicon-16x16.png

104.21.73.160

1.2 kB

URL
d.darkdepthdriller.top/space-robot/assets/favicon-16x16.png
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
1.2 kB (1163 bytes)
Hash
9d35b617fd258f648c37812252297dd3
7e32fd007f1c6fe1466d15439173082c0fbe82da
e8a768f8122da75777dc64b6d35e756a1848c4f330f293920c18480df085000a

HTTP Headers

GET /space-robot/assets/favicon-16x16.png HTTP/1.1
Host: d.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:22 GMT
content-type: image/png
content-length: 1163
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
etag: "649c0dba-48b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 581
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPretCDaDjXhQB1%2Bwtoj5GfGHiV5qMZSyJWtUmt0UF4%2BP1LJsWNybUPjN4EwZ20YTFbYn9P8ijTpSA1BvsoQjsGHf71JSBgDOPpFnN6vLc55sNXQMJ9%2BAMBBuqBNgjtbYH45Uy1kNaT4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6f83c40b4f4-OSL
alt-svc: h3=":443"; ma=86400

d.darkdepthdriller.top/space-robot/assets/style.css

104.21.73.160

8.8 kB

URL
d.darkdepthdriller.top/space-robot/assets/style.css
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
8.8 kB (8829 bytes)
Hash
7feec4414f4e2edba88689df63afec05
675c9be930c44dbd09c44195df4cd5e4bc91be8c
ffbc9a90757bba679af7f0ff813ce5168d68f98f9e752b194f8d05b02d5445f7

HTTP Headers

GET /space-robot/assets/style.css HTTP/1.1
Host: d.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:21 GMT
content-type: text/css
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
etag: W/"649c0dba-251e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3137
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FP51J7YxfSBNHz6dZzB78HTVaZ2UwnHhMdb1wOjb8vjA90I1pz4vlKc2V6xb3PK%2BnsgmgbVmWYYNuRE7nLoBY0UiymK3vHABcly8MHQyRnTre2fo5chNT5WnJ6czMxoFQiQ%2BJCwK%2FjG%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6f75bf4b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js

142.250.74.35

11 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (40976)
Size
11 kB (10908 bytes)
Hash
a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7

HTTP Headers

GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.darkdepthdriller.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 15:30:29 GMT
expires: Wed, 18 Sep 2024 15:30:29 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 40313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

d.darkdepthdriller.top/shared-js/assets/static-pl.js

104.21.73.160

1.6 kB

URL
d.darkdepthdriller.top/shared-js/assets/static-pl.js
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
1.6 kB (1575 bytes)
Hash
0eb67b3f8ad843ac2a8bc2c055216e6b
ac24b0abe03ffd2f82600ae8b9dd4c6146069af3
93972bbc62d530dd23e06c5174b3e9ed4fb5719279ecef774d0a7eacf1040a18

HTTP Headers

GET /shared-js/assets/static-pl.js HTTP/1.1
Host: d.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:21 GMT
content-type: application/javascript
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
etag: W/"649c0dba-bf3"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7gB%2F%2FwGRI0px%2Bd05UIxJm1kiZ3844axKFpdmUt6r2l1NShCmL86W%2Fl1LfTcPwhBbnAkEaiEb66oiqwV%2FVF%2BgxO2lKvgjkn0kUHabwLosO6EYB71eis5AALc%2FEMwtznOq9Ys8FmB8FVV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6f76bfbb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.highcpmrevenuenetwork.com/swicednn0s?key=a1a6e26b9d32252d7ab1f90c2e7ebb32

173.233.137.44

1.4 kB

URL
www.highcpmrevenuenetwork.com/swicednn0s?key=a1a6e26b9d32252d7ab1f90c2e7ebb32
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (468)
Size
1.4 kB (1397 bytes)
Hash
5225b307a5fd78af51aa029b087d04c8
95c7f24ad5b422355c33b7ef0d1beb70e3981bcc
520289c611e198554635b47c2ef05d4044ee133bdd6d5591f54bddc18e1db396

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /swicednn0s?key=a1a6e26b9d32252d7ab1f90c2e7ebb32 HTTP/1.1
Host: www.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.darkdepthdriller.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 20 Sep 2023 02:42:22 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17984656; expires=Thu, 21 Sep 2023 02:42:22 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk4NDY1NiwiayI6ImExYTZlMjZiOWQzMjI1MmQ3YWIxZjkwYzJlN2ViYjMyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDgyMzUyLCJwaWQiOjYxOTU0NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjoyOCwicHQiOjQsInBrIjoic3dpY2Vkbm4wcyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxNzkwODg5NDgsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTI0Mzg2LCJibiI6IkZpcmVmb3giLCJidiI6IjExMS4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2QuZGFya2RlcHRoZHJpbGxlci50b3AvIn19.RcHlfoWYRcyoBXOyi6Hn26cSo_zAAZkb4rJ6G4szIXU; expires=Wed, 20 Sep 2023 02:43:22 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4dfbc6fae0b0aa85a9bf9c631e23c810
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.highcpmrevenuenetwork.com/api/users?token=L3N3aWNlZG5uMHM_a2V5PWExYTZlMjZiOWQzMjI1MmQ3YWIxZjkwYzJlN2ViYjMyJnBzdD0xNjk1MTc3ODAyJnJlZmVyPWh0dHBzJTNBJTJGJTJGZC5kYXJrZGVwdGhkcmlsbGVyLnRvcCUyRiZybXRjPXQmc2h1PTEyYmVkODBjODY4ZDUzYzQyNDFhNDQ0NzIzMGNmN2IzMWQ0NTY2Nzg2MjgzZGQ1OGY3NWJmM2I4NGY0YjgyZDk2ZDNiODcyMTc5NWI2YWMzYTljZTU2YzUyOTM1ZDE1NDc4MDU5YmM5YWJiODEwMzgxNGI4MTJiYWZhNGEzZGVjY2U3YWUyMWE1YjUyYjJmZDdlODBhMmUzMTYyN2JmMTYzNDA2YTA2NWEzOTY4MmE3YjU3NjQ4MWRmODdj&uuid=&pii=&in=false

192.243.61.225

302 Found

0 B

URL User Request GET HTTP/1.1
www.highcpmrevenuenetwork.com/api/users?token=L3N3aWNlZG5uMHM_a2V5PWExYTZlMjZiOWQzMjI1MmQ3YWIxZjkwYzJlN2ViYjMyJnBzdD0xNjk1MTc3ODAyJnJlZmVyPWh0dHBzJTNBJTJGJTJGZC5kYXJrZGVwdGhkcmlsbGVyLnRvcCUyRiZybXRjPXQmc2h1PTEyYmVkODBjODY4ZDUzYzQyNDFhNDQ0NzIzMGNmN2IzMWQ0NTY2Nzg2MjgzZGQ1OGY3NWJmM2I4NGY0YjgyZDk2ZDNiODcyMTc5NWI2YWMzYTljZTU2YzUyOTM1ZDE1NDc4MDU5YmM5YWJiODEwMzgxNGI4MTJiYWZhNGEzZGVjY2U3YWUyMWE1YjUyYjJmZDdlODBhMmUzMTYyN2JmMTYzNDA2YTA2NWEzOTY4MmE3YjU3NjQ4MWRmODdj&uuid=&pii=&in=false
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Certificate
IssuerLet's Encrypt
Subjecthighcpmrevenuenetwork.com
FingerprintDE:6B:FD:8F:4F:66:E5:C6:1D:0F:7F:FA:0D:2B:29:84:C2:D0:A7:9C
ValiditySun, 20 Aug 2023 06:36:17 GMT - Sat, 18 Nov 2023 06:36:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L3N3aWNlZG5uMHM_a2V5PWExYTZlMjZiOWQzMjI1MmQ3YWIxZjkwYzJlN2ViYjMyJnBzdD0xNjk1MTc3ODAyJnJlZmVyPWh0dHBzJTNBJTJGJTJGZC5kYXJrZGVwdGhkcmlsbGVyLnRvcCUyRiZybXRjPXQmc2h1PTEyYmVkODBjODY4ZDUzYzQyNDFhNDQ0NzIzMGNmN2IzMWQ0NTY2Nzg2MjgzZGQ1OGY3NWJmM2I4NGY0YjgyZDk2ZDNiODcyMTc5NWI2YWMzYTljZTU2YzUyOTM1ZDE1NDc4MDU5YmM5YWJiODEwMzgxNGI4MTJiYWZhNGEzZGVjY2U3YWUyMWE1YjUyYjJmZDdlODBhMmUzMTYyN2JmMTYzNDA2YTA2NWEzOTY4MmE3YjU3NjQ4MWRmODdj&uuid=&pii=&in=false HTTP/1.1
Host: www.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.highcpmrevenuenetwork.com/swicednn0s?key=a969ca5c9ad2611762f11b79a526e2d2&submetric=17984656
Cookie: u_pl=17984656; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk4NDY1NiwiayI6ImExYTZlMjZiOWQzMjI1MmQ3YWIxZjkwYzJlN2ViYjMyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDgyMzUyLCJwaWQiOjYxOTU0NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjoyOCwicHQiOjQsInBrIjoic3dpY2Vkbm4wcyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxNzkwODg5NDgsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTI0Mzg2LCJibiI6IkZpcmVmb3giLCJidiI6IjExMS4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2QuZGFya2RlcHRoZHJpbGxlci50b3AvIn19.RcHlfoWYRcyoBXOyi6Hn26cSo_zAAZkb4rJ6G4szIXU; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Wed, 20 Sep 2023 02:42:23 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17984656
Set-Cookie: pdhtkv=true; expires=Thu, 21 Sep 2023 02:42:23 GMT
uncs=1; expires=Thu, 21 Sep 2023 02:42:23 GMT
pdhtkv28=true; expires=Thu, 21 Sep 2023 02:42:23 GMT
uncs28=1; expires=Thu, 21 Sep 2023 02:42:23 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f1ac40f9e9cb6848f738109222c2bdb2
Strict-Transport-Security: max-age=0; includeSubdomains

adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17984656

13.107.246.53

307 Temporary Redirect

0 B

URL User Request GET HTTP/2
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17984656
IP
13.107.246.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerTrustwave Holdings, Inc.
Subjectaffiliates.kindredplc.com
Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F
ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17984656 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmrevenuenetwork.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
cache-control: private,no-cache, no-store
pragma: no-cache
content-type: text/html
location: https://www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&sref=ADST&ADST=17984656&affiliateId=1&pid=87019218&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; domain=.unibet.com; expires=Fri, 20-Sep-3022 02:42:23 GMT; path=/; secure; SameSite=Strict
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
x-powered-by: ASP.NET
x-azure-ref: 0D1wKZQAAAAD4qMZ4JQT9T7duHdzBhL6JU1ZHMjBFREdFMDUxMwAyZDk5MzlkMy05NTUxLTQ2ZmYtOGEyNi01ZWZmY2FhMWQ5OGM=
x-cache: CONFIG_NOCACHE
date: Wed, 20 Sep 2023 02:42:23 GMT
content-length: 0
X-Firefox-Spdy: h2

www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&sref=ADST&ADST=17984656&affiliateId=1&pid=87019218&bid=37950

85.184.96.0

301 Moved Permanently

0 B

URL User Request GET HTTP/2
www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&sref=ADST&ADST=17984656&affiliateId=1&pid=87019218&bid=37950
IP
85.184.96.0:443
ASN
#47171 Unibet Services Limited

Certificate
IssuerLet's Encrypt
Subjectunibet.com
FingerprintE2:5A:07:12:2E:ED:7F:DA:51:0B:67:88:72:2C:21:3C:B9:85:09:22
ValidityWed, 06 Sep 2023 01:18:21 GMT - Tue, 05 Dec 2023 01:18:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&sref=ADST&ADST=17984656&affiliateId=1&pid=87019218&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmrevenuenetwork.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Wed, 20 Sep 2023 02:42:23 GMT
content-length: 0
location: https://www.unibet.com:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&sref=ADST&ADST=17984656&affiliateId=1&pid=87019218&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A87019218-37950
set-cookie: JSESSIONID=node0iyydxfb9uphe1qsfd27x3xsxx4994220.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; Path=/; Domain=.unibet.com; Expires=Fri, 19-Sep-2025 02:42:23 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.com; Expires=Fri, 19-Sep-2025 02:42:23 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://www.highcpmrevenuenetwork.com/"; Path=/; Domain=.unibet.com; Expires=Fri, 19-Sep-2025 02:42:23 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.com; Secure; SameSite=None
B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; Path=/; Domain=.unibet.com; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.com; Secure; SameSite=None
PID=87019218; Path=/; Domain=.unibet.com; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; Path=/; Domain=.unibet.com; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; Path=/; Domain=.unibet.com; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.com; Path=/; SameSite=None; Secure
referer: https://www.highcpmrevenuenetwork.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Wed, 20 Sep 2023 02:42:23 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2

www.unibet.com/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&sref=ADST&ADST=17984656&affiliateId=1&pid=87019218&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A87019218-37950

85.184.96.0

301 Moved Permanently

0 B

URL User Request GET HTTP/2
www.unibet.com/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&sref=ADST&ADST=17984656&affiliateId=1&pid=87019218&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A87019218-37950
IP
85.184.96.0:443
ASN
#47171 Unibet Services Limited

Certificate
IssuerLet's Encrypt
Subjectunibet.com
FingerprintE2:5A:07:12:2E:ED:7F:DA:51:0B:67:88:72:2C:21:3C:B9:85:09:22
ValidityWed, 06 Sep 2023 01:18:21 GMT - Tue, 05 Dec 2023 01:18:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&sref=ADST&ADST=17984656&affiliateId=1&pid=87019218&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A87019218-37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmrevenuenetwork.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
date: Wed, 20 Sep 2023 02:42:23 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Wed, 20 Sep 2023 02:42:23 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png

104.18.43.104

302 Found

0 B

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint1E:BC:69:03:45:99:B8:D0:67:20:89:31:4F:24:49:C1:1A:9E:B2:83
ValidityFri, 01 Sep 2023 17:59:50 GMT - Thu, 30 Nov 2023 17:59:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Wed, 20 Sep 2023 02:42:24 GMT
content-length: 0
location: https://www.unibet.com/
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b705d8140afa-OSL
X-Firefox-Spdy: h2

a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js

85.184.96.5

200 OK

956 B

URL GET HTTP/2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP
85.184.96.5:443
ASN
#47171 Unibet Services Limited

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectunibet.com
FingerprintE2:5A:07:12:2E:ED:7F:DA:51:0B:67:88:72:2C:21:3C:B9:85:09:22
ValidityWed, 06 Sep 2023 01:18:21 GMT - Tue, 05 Dec 2023 01:18:20 GMT

File type
ASCII text
Size
956 B (956 bytes)
Hash
fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47

HTTP Headers

GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2

alvsx.darkdepthdriller.top/shared-js/assets/static-pl.js

104.21.73.160

3.0 kB

URL
alvsx.darkdepthdriller.top/shared-js/assets/static-pl.js
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
3.0 kB (3048 bytes)
Hash
0eb67b3f8ad843ac2a8bc2c055216e6b
ac24b0abe03ffd2f82600ae8b9dd4c6146069af3
93972bbc62d530dd23e06c5174b3e9ed4fb5719279ecef774d0a7eacf1040a18

HTTP Headers

GET /shared-js/assets/static-pl.js HTTP/1.1
Host: alvsx.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:17 GMT
content-type: application/javascript
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
etag: W/"649c0dba-bf3"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5844
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=im501aNs%2FtkXlT4pqLMC0uWVjeVVGMOGdpn6YSLoi4URd%2B4Db7GYRGgY4Aof87VvNh5m6svD4Pk%2FVfPn9wwO7zXnUWIsQZF%2B%2FcOaV40LAEXXq7R4LL8rkSlPTb7dmQZAvVPdPqr4lAG80Ps0tA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6d96c31b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg

104.18.43.104

200 OK

935 B

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint1E:BC:69:03:45:99:B8:D0:67:20:89:31:4F:24:49:C1:1A:9E:B2:83
ValidityFri, 01 Sep 2023 17:59:50 GMT - Thu, 30 Nov 2023 17:59:49 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (807), with no line terminators
Size
935 B (935 bytes)
Hash
41acdc0efbe24c5e799972ff33c90259
1e5df73ad5bfb5f075815bcb520fabe2e107fe2d
1a91fab46f128a63c74943fe6db7de41509d69ae9f4e36aab9f984cac94fa451

HTTP Headers

GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: image/svg+xml
cf-ray: 8096b705c8030afa-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 557932
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702B2489E0"
last-modified: Wed, 13 Sep 2023 15:43:25 GMT
vary: Accept-Encoding
content-md5: QazcDvviTF55mXL/M8kCWQ==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: a6840894-301e-001a-3359-e673dd000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

172.217.21.170

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
172.217.21.170:443
ASN
#15169 GOOGLE

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38
ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT

File type
ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 17:49:37 GMT
expires: Tue, 17 Sep 2024 17:49:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 118367
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg

104.18.43.104

200 OK

4.9 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint1E:BC:69:03:45:99:B8:D0:67:20:89:31:4F:24:49:C1:1A:9E:B2:83
ValidityFri, 01 Sep 2023 17:59:50 GMT - Thu, 30 Nov 2023 17:59:49 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356)
Size
4.9 kB (4872 bytes)
Hash
7a982245aa6326903b0e7893885e42fb
47fa69cfed4819f23a8764170e04f5744bd47cd6
18b0e4aa1e8678befe4e7db06e054447b9f96684d817b6424a6b8824042a45fb

HTTP Headers

GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: image/svg+xml
cf-ray: 8096b705c8050afa-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 557932
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702DD4C2C5"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: epgiRapjJpA7DniTiF5C+w==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 59266808-601e-004a-5d59-e6b18d000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
da172efb0fd6da2c4ee844abac50aadc
084492ced57dd89b321f15d24352c905bee1e06a
d2e1252e318b7c2f54dd7b9701c1d2ad991f35719d474031202b2ad0b9fe666b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 20 Sep 2023 02:42:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png

104.18.43.104

302 Found

0 B

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint1E:BC:69:03:45:99:B8:D0:67:20:89:31:4F:24:49:C1:1A:9E:B2:83
ValidityFri, 01 Sep 2023 17:59:50 GMT - Thu, 30 Nov 2023 17:59:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Wed, 20 Sep 2023 02:42:24 GMT
content-length: 0
location: https://www.unibet.com/
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b707b8730afa-OSL
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.7.1/css/all.css

172.64.103.11

200 OK

110 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.7.1/css/all.css
IP
172.64.103.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
Fingerprint23:04:2D:9B:C5:BA:9D:AA:AC:6A:FD:14:B0:96:18:D6:EB:A5:B3:65
ValidityFri, 01 Sep 2023 05:27:58 GMT - Thu, 30 Nov 2023 05:27:57 GMT

File type
ASCII text, with very long lines (54456), with no line terminators
Size
110 kB (110300 bytes)
Hash
7b1d7f457d056ace7b230b587b9f3753
4e0b45eedbe0c405f1faff0d5236a9ee0ff2065b
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

HTTP Headers

GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: text/css
x-amz-id-2: kIWUcp4/gRprxrhG4Bo7YL49QfCfoJzgcb+lBni7kDeALpU6YcOHbXZK3Ce3+VKgInDBPr7yuoA=
x-amz-request-id: GQJ6HHGYZ6JW9X6Q
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1574902
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TKhvylRoDMZkSO1tzpsPO3s0Do8u7USZE6y%2F7%2BUzSpxNtvQfKv%2Bw5TOMT%2BrwbKA5RWNuWy%2BYIs%2BmkkrsHwXDGyZsxqsum3%2Fb5fHNO6dKZPzoMhI0yZCoH9D2gjaddwkuiTKSzhl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8096b7062b477714-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d96cb786152bb72d6f09e98ca29809ac
ffb619a4d1e6a68fd44ad11d4ed2ca52d7a88c37
16c972ddd6ec3ecd9c906cb4a6ece797e6b95416637da172a1d905fd38866995

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 20 Sep 2023 02:42:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js

104.18.43.104

200 OK

12 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint1E:BC:69:03:45:99:B8:D0:67:20:89:31:4F:24:49:C1:1A:9E:B2:83
ValidityFri, 01 Sep 2023 17:59:50 GMT - Thu, 30 Nov 2023 17:59:49 GMT

File type
HTML document, ASCII text
Size
12 kB (12509 bytes)
Hash
ac64b59c98bbe50cf69b6c98fa39585c
0a5cc9fb43b8a208481baaf752dbd504078a764b
28ac02c7302149814ed1c1b8a31b96e1ea94247c3b64888a598f66955d28312c

HTTP Headers

GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 8096b705bffb0afa-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 557932
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702E25208C"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: e76a50f3-101e-0050-1159-e6d052000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

c.darkdepthdriller.top/space-robot/assets/style.css

104.21.73.160

114 kB

URL
c.darkdepthdriller.top/space-robot/assets/style.css
IP
104.21.73.160:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
114 kB (113510 bytes)
Hash
7feec4414f4e2edba88689df63afec05
675c9be930c44dbd09c44195df4cd5e4bc91be8c
ffbc9a90757bba679af7f0ff813ce5168d68f98f9e752b194f8d05b02d5445f7

HTTP Headers

GET /space-robot/assets/style.css HTTP/1.1
Host: c.darkdepthdriller.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.darkdepthdriller.top/space-robot/?pl=ewFXUS8HLUyIQl_3c1i3OA&sm=space-robot&click_id=ecfac95f1c5fbdf2fca80ed1c6b0f498-42510-0920&sub_id=1325064704969431&hash=_4IwcXJTwhtLmkdNTRinYA&exp=1695178036
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 20 Sep 2023 02:42:21 GMT
content-type: text/css
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
etag: W/"649c0dba-251e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4326
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19KFHrRhvIaFqGTpz%2BNYTEocqB10DG70W37MI8G%2FOvY3tJ9U2Am52KQV7yaiAhLjos4QDEpKgHef%2Fce6t6JUMEqXVmCtkrqYtRWy2CfMh21sLOlJcBh8WsxX2NB0p9RFdimlNEAHCcK6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b6f54b0fb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f53b2b7aa921ea170cc18d0871f87f8b
c38b9e04da43fd752005c1c82a277856f322e366
e204019f2aecb95f0b6dc967adfa49dbbfa747eb080814f62b8e91f218198c73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 20 Sep 2023 02:42:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f53b2b7aa921ea170cc18d0871f87f8b
c38b9e04da43fd752005c1c82a277856f322e366
e204019f2aecb95f0b6dc967adfa49dbbfa747eb080814f62b8e91f218198c73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 20 Sep 2023 02:42:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2

172.64.103.11

200 OK

74 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
IP
172.64.103.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
Fingerprint23:04:2D:9B:C5:BA:9D:AA:AC:6A:FD:14:B0:96:18:D6:EB:A5:B3:65
ValidityFri, 01 Sep 2023 05:27:58 GMT - Thu, 30 Nov 2023 05:27:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Size
74 kB (74320 bytes)
Hash
3638e62ea50e6f5859b6a15276c25c87
f5aa1a463e223a294a42b314e1c63a614d594ec0
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9

HTTP Headers

GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: font/woff2
content-length: 74320
x-amz-id-2: zLySQhvPRUOnWbasYFRj44pP1+UhqQwMCjVbxRqX9iTzqKIcww3WZ0qrH7wA11dtIpUYeMS7E0w=
x-amz-request-id: CQR64ZQQFYZQTPAR
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: "3638e62ea50e6f5859b6a15276c25c87"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2652696
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1H45%2Fb5vOb0Dd30WQBkDUlOfE5zU%2FlK%2Fb6treB0NT7YnD%2BWXQuUaZyJyHU80Ld6tYNKsp8jkkIeeCDW4gW1oSJXleGXY%2B3cBwz0yIamSNsWSuyftUiQYM7%2FAdrZ38rTQOGNwxwqC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8096b7086cf57714-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 14 Sep 2023 04:50:55 GMT
expires: Fri, 13 Sep 2024 04:50:55 GMT
cache-control: public, max-age=31536000
age: 510689
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg

104.18.43.104

200 OK

43 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint1E:BC:69:03:45:99:B8:D0:67:20:89:31:4F:24:49:C1:1A:9E:B2:83
ValidityFri, 01 Sep 2023 17:59:50 GMT - Thu, 30 Nov 2023 17:59:49 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (966), with no line terminators
Size
43 kB (42638 bytes)
Hash
678df4d8ef9b4aa957e5433dd94fb7e4
fd8a4109a2f00c19679f25d18be017541ff6fea5
bdbca379909a5f57b65b90094901804655f8cd82c05312a754320b7ae30c5187

HTTP Headers

GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: image/svg+xml
cf-ray: 8096b705d80c0afa-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 557932
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702CE70450"
last-modified: Wed, 13 Sep 2023 15:43:28 GMT
vary: Accept-Encoding
content-md5: Z4302O+bSqlX5UM92U+35A==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: a68408e0-301e-001a-7759-e673dd000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d96cb786152bb72d6f09e98ca29809ac
ffb619a4d1e6a68fd44ad11d4ed2ca52d7a88c37
16c972ddd6ec3ecd9c906cb4a6ece797e6b95416637da172a1d905fd38866995

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 20 Sep 2023 02:42:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 14 Sep 2023 15:25:53 GMT
expires: Fri, 13 Sep 2024 15:25:53 GMT
cache-control: public, max-age=31536000
age: 472591
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg

104.18.43.104

200 OK

26 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint1E:BC:69:03:45:99:B8:D0:67:20:89:31:4F:24:49:C1:1A:9E:B2:83
ValidityFri, 01 Sep 2023 17:59:50 GMT - Thu, 30 Nov 2023 17:59:49 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
26 kB (25815 bytes)
Hash
bf06fba2ca517eddb1cc60ed26f47758
d184102516fbb91e198b99a09ac6f739d13d836d
6a91f72758fb0426e2cf9b5f36432666b620d80d825989e9dd6175a251c78475

HTTP Headers

GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: image/svg+xml
cf-ray: 8096b705e8170afa-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 557932
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702B7E8320"
last-modified: Wed, 13 Sep 2023 15:43:26 GMT
vary: Accept-Encoding
content-md5: vwb7ospRft2xzGDtJvR3WA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 5b697d26-701e-0034-5359-e621ca000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.unibet.com/kindred_snow/s3.7.0/kindred_s.js

85.184.96.0

200 OK

28 kB

URL GET HTTP/2
www.unibet.com/kindred_snow/s3.7.0/kindred_s.js
IP
85.184.96.0:443
ASN
#47171 Unibet Services Limited

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectunibet.com
FingerprintE2:5A:07:12:2E:ED:7F:DA:51:0B:67:88:72:2C:21:3C:B9:85:09:22
ValidityWed, 06 Sep 2023 01:18:21 GMT - Tue, 05 Dec 2023 01:18:20 GMT

File type
ASCII text, with very long lines (65378)
Size
28 kB (27643 bytes)
Hash
3fb00dbb8acb3c68fd5ddb674f22bb88
cf7bc4f71f0ff66037ac2e564963ff4c2737e766
7d3d84e73da67922341950d1542a5a5da2420ea18026e314a9aec22f631e4246

HTTP Headers

GET /kindred_snow/s3.7.0/kindred_s.js HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=BLP.1.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; clientId=polopoly_desktop; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19621%7CvVersion%7C4.4.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: application/javascript
last-modified: Tue, 19 Sep 2023 20:59:42 GMT
vary: Accept-Encoding
etag: W/"650a0bbe-12240"
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
content-encoding: gzip
X-Firefox-Spdy: h2

www.unibet.com/tp2

85.184.96.0

200 OK

2 B

URL POST HTTP/2
www.unibet.com/tp2
IP
85.184.96.0:443
ASN
#47171 Unibet Services Limited

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectunibet.com
FingerprintE2:5A:07:12:2E:ED:7F:DA:51:0B:67:88:72:2C:21:3C:B9:85:09:22
ValidityWed, 06 Sep 2023 01:18:21 GMT - Tue, 05 Dec 2023 01:18:20 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /tp2 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 3078
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=BLP.1.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; clientId=polopoly_desktop; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19621%7CvVersion%7C4.4.0; _sp_ses.ab54=*; _sp_id.ab54=67244c42-4c8c-4fb2-8bdf-c44c2167a9c5.1695177745.1.1695177745..4c50a32a-0d7d-4330-9d8f-a3c8dc9c33f0..25975024-9a28-4cd1-acf6-dcc51b65b94b.1695177745169.1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:25 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
set-cookie: sp=3600b1e6-03eb-4b81-99d7-5a34579163b4; Expires=Thu, 19 Sep 2024 02:42:25 GMT; Domain=unibet.com; Path=/; Secure; HttpOnly; SameSite=Lax
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://welcome.unibet.com
access-control-allow-credentials: true
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2

a1s.unibet.com/orval/tracking/lastclick.min.js

85.184.96.5

200 OK

1.8 kB

URL GET HTTP/2
a1s.unibet.com/orval/tracking/lastclick.min.js
IP
85.184.96.5:443
ASN
#47171 Unibet Services Limited

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectunibet.com
FingerprintE2:5A:07:12:2E:ED:7F:DA:51:0B:67:88:72:2C:21:3C:B9:85:09:22
ValidityWed, 06 Sep 2023 01:18:21 GMT - Tue, 05 Dec 2023 01:18:20 GMT

File type
ASCII text, with very long lines (1881), with no line terminators
Size
1.8 kB (1797 bytes)
Hash
695e4c30089ed5d35b5096257b69bbec
64897f4cdac1a6e4f5d6ed9dcb8b246e3b942841
40fab43e8fa29c9c648a5d56139fe8c35b1fbfb5c826d2fd58c4ceec7a548206

HTTP Headers

GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2

104.18.43.104

200 OK

11 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint1E:BC:69:03:45:99:B8:D0:67:20:89:31:4F:24:49:C1:1A:9E:B2:83
ValidityFri, 01 Sep 2023 17:59:50 GMT - Thu, 30 Nov 2023 17:59:49 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Size
11 kB (10924 bytes)
Hash
0ea5bcff84ae44840b6e9c9d12c8b963
6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b

HTTP Headers

GET /nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: font/woff2
content-length: 10924
cf-ray: 8096b70818860afa-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 557932
cache-control: public, max-age=900, immutable
etag: "0x8DBB4702DB224D1"
last-modified: Wed, 13 Sep 2023 15:43:29 GMT
vary: Accept-Encoding
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: e76a5471-101e-0050-6e59-e6d052000000
x-ms-version: 2014-02-14
server: cloudflare
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218

104.18.43.104

200 OK

17 kB

URL User Request GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint1E:BC:69:03:45:99:B8:D0:67:20:89:31:4F:24:49:C1:1A:9E:B2:83
ValidityFri, 01 Sep 2023 17:59:50 GMT - Thu, 30 Nov 2023 17:59:49 GMT

File type

Size
17 kB (17265 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmrevenuenetwork.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:23 GMT
content-type: text/html; charset=utf-8
cf-ray: 8096b7036f9b0afa-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
last-modified: Wed, 13 Sep 2023 15:43:24 GMT
vary: Accept-Encoding
content-md5: aY23filpvIp9zBTCFZm2tg==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 68ae567d-901e-0013-366c-eb360e000000
x-ms-version: 2014-02-14
set-cookie: btag=127656177_54037A54D08A4B73A2A1A76F7222DE41;max-age=2592000; domain=.unibet.com;path=/;secure;samesite=none;httponly
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg

104.17.111.249

200 OK

25 kB

URL GET HTTP/2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP
104.17.111.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1D:7A:63:AD:26:C4:EA:3F:E9:47:1D:1D:DE:FF:EF:66:52:E5:DD:F7
ValidityThu, 09 Mar 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
25 kB (24901 bytes)
Hash
7857f5fa35651d9795bac512238caaf4
107c2b86078dd49ffd18c76724bd290018719037
bf1b321fe365e6fdb5429bcebb8a6b5b9ed554d84f4eced5e69cc31038455a81

HTTP Headers

GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:25 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 162
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b70b2d07b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css

104.18.43.104

200 OK

22 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint1E:BC:69:03:45:99:B8:D0:67:20:89:31:4F:24:49:C1:1A:9E:B2:83
ValidityFri, 01 Sep 2023 17:59:50 GMT - Thu, 30 Nov 2023 17:59:49 GMT

File type
ASCII text
Size
22 kB (22452 bytes)
Hash
cd7901ab004cbe23cf68ae6b0486a998
11c4422439ed8b081e672eceef735ed1fcad6e90
01d6d6271e9cfda8348fcde699bbb334310b6ba858f1d01fbe2b08b6ceba6c1b

HTTP Headers

GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: text/css; charset=utf-8
cf-ray: 8096b705aff60afa-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 557932
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702AA0A0C4"
last-modified: Wed, 13 Sep 2023 15:43:24 GMT
vary: Accept-Encoding
content-md5: zXkBqwBMviPPaK5rBIapmA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 7462e08c-901e-0071-0d59-e6f429000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg

104.18.43.104

200 OK

16 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint1E:BC:69:03:45:99:B8:D0:67:20:89:31:4F:24:49:C1:1A:9E:B2:83
ValidityFri, 01 Sep 2023 17:59:50 GMT - Thu, 30 Nov 2023 17:59:49 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (15888), with no line terminators
Size
16 kB (15888 bytes)
Hash
2e6f9dbfba55dfa91376da363e813261
b14b92d60cdf76622b9f91b3a56c7a8d98649c23
ec5264587927f5d20d839f8f7d97e98e8dd4d9cce69ffd27a0d63d13d2102498

HTTP Headers

GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: image/svg+xml
cf-ray: 8096b705c8040afa-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 557932
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702DCB4E58"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 68bcfd9b-b01e-0066-1c59-e65d22000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC

142.250.74.168

200 OK

272 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintE6:F7:82:C1:10:AC:08:76:A1:97:70:B7:56:B7:EF:92:30:BA:1E:12
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT

File type
ASCII text, with very long lines (62053)
Size
272 kB (271620 bytes)
Hash
95152d72cfd089ae2130f0d7d32e0784
c3fbf02f167e0cf4ab229a28d3a927b13eb7c34b
2d26ae24ce827a4e16732b9b7870b014d3bcaa00ede2811187b197c16486608a

HTTP Headers

GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 20 Sep 2023 02:42:24 GMT
expires: Wed, 20 Sep 2023 02:42:24 GMT
cache-control: private, max-age=900
last-modified: Wed, 20 Sep 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90677
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg

104.17.111.249

200 OK

1.1 kB

URL GET HTTP/2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP
104.17.111.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1D:7A:63:AD:26:C4:EA:3F:E9:47:1D:1D:DE:FF:EF:66:52:E5:DD:F7
ValidityThu, 09 Mar 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1065), with no line terminators
Size
1.1 kB (1053 bytes)
Hash
8994f187d31c33e41e6af6c078d8b4f3
e65a39fb2b4d56343b2af57a19ba38612eaa262f
e4f28e35c66413fc59cb5bdb97c30fd7de981c9408b0f38068c3f71661f52872

HTTP Headers

GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:25 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: 055487c9-801e-000f-2844-26646e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 137
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b70b4d11b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.unibet.com/

85.184.96.0

200 OK

0 B

URL GET HTTP/2
www.unibet.com/
IP
85.184.96.0:443
ASN
#47171 Unibet Services Limited

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectunibet.com
FingerprintE2:5A:07:12:2E:ED:7F:DA:51:0B:67:88:72:2C:21:3C:B9:85:09:22
ValidityWed, 06 Sep 2023 01:18:21 GMT - Tue, 05 Dec 2023 01:18:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; clientId=polopoly_desktop; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: text/html;charset=utf-8
x-request-id: 444f49e244c1033d6902800cd4753adf
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Wed, 20 Sep 2023 02:42:15 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg

104.18.43.104

200 OK

5.7 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint1E:BC:69:03:45:99:B8:D0:67:20:89:31:4F:24:49:C1:1A:9E:B2:83
ValidityFri, 01 Sep 2023 17:59:50 GMT - Thu, 30 Nov 2023 17:59:49 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5942), with no line terminators
Size
5.7 kB (5740 bytes)
Hash
e78a89d4d455992dad24f8d5a66e1d25
bff521852ffdf8934c26a627aaea680d84cd08bb
cba1b2c9cc48a01ef1a542ec799e6005cedf390479ad761b3840c999b6ed8b70

HTTP Headers

GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: image/svg+xml
cf-ray: 8096b705c8060afa-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 557932
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702DDE5E49"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: 2fR27yW0b9kBp/ebW9u59A==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: fce28668-d01e-0012-7759-e669d2000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg

104.18.43.104

200 OK

98 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint1E:BC:69:03:45:99:B8:D0:67:20:89:31:4F:24:49:C1:1A:9E:B2:83
ValidityFri, 01 Sep 2023 17:59:50 GMT - Thu, 30 Nov 2023 17:59:49 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Size
98 kB (98453 bytes)
Hash
8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407

HTTP Headers

GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: image/jpeg
content-length: 98453
cf-ray: 8096b707d87c0afa-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 557932
cache-control: public, max-age=900, immutable
etag: "0x8DBB4702B1549FF"
last-modified: Wed, 13 Sep 2023 15:43:25 GMT
vary: Accept-Encoding
cf-bgj: h2pri
content-md5: jm2a9e8brf6Slbj8lnk8KA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 2ceb0755-701e-0056-4059-e6e3ed000000
x-ms-version: 2014-02-14
server: cloudflare
X-Firefox-Spdy: h2

cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg

104.17.111.249

200 OK

4.9 kB

URL GET HTTP/2
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP
104.17.111.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1D:7A:63:AD:26:C4:EA:3F:E9:47:1D:1D:DE:FF:EF:66:52:E5:DD:F7
ValidityThu, 09 Mar 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4999), with no line terminators
Size
4.9 kB (4873 bytes)
Hash
7506851c12654bfc54bb813a52957b68
b88e0179a85912068c3480f522a8b0958a23046c
0217e3f9fd1201390e06eee878ccbf84feba0077e7cdd01754170f78e18c274d

HTTP Headers

GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:25 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 137
vary: Accept-Encoding
server: cloudflare
cf-ray: 8096b70b3d0cb509-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/widget/betslip/betslip.js

104.18.43.104

200 OK

15 kB

URL GET HTTP/2
welcome.unibet.com/widget/betslip/betslip.js
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint1E:BC:69:03:45:99:B8:D0:67:20:89:31:4F:24:49:C1:1A:9E:B2:83
ValidityFri, 01 Sep 2023 17:59:50 GMT - Thu, 30 Nov 2023 17:59:49 GMT

File type
ASCII text, with very long lines (693)
Size
15 kB (14810 bytes)
Hash
5770dc60397ffb834d1280aa7bcebbd0
f0bbf2136b83babe5a8f70eeff2308279e9a0d3a
42e08e8d4858e610d87679ab66e8a7cf4b575614c0aa1423d8a1c0245bda9a52

HTTP Headers

GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 8096b70768640afa-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 123949
cache-control: public, max-age=900, immutable
etag: W/"0x8D67ACF6D112CB5"
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
vary: Accept-Encoding
content-md5: V3DcYDl/+4NNEoCqe8670A==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 556a432d-701e-0079-3f03-03ee26000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico

104.18.43.104

200 OK

421 B

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint1E:BC:69:03:45:99:B8:D0:67:20:89:31:4F:24:49:C1:1A:9E:B2:83
ValidityFri, 01 Sep 2023 17:59:50 GMT - Thu, 30 Nov 2023 17:59:49 GMT

File type
PNG image data, 33 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size
421 B (421 bytes)
Hash
ad2d9f441c6692a806c7b427bb3e536d
4978e1ffc5b62c3e2231d22aeb8f7ac679764abe
95efe0e48a145adb6c6c385cecb0e2a7a3dd2e9a3f7a01ca0647e373602770ed

HTTP Headers

GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19621%7CvVersion%7C4.4.0; sessionPageNumber=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: image/x-icon
cf-ray: 8096b70938b20afa-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 557932
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702ABA666E"
last-modified: Wed, 13 Sep 2023 15:43:24 GMT
vary: Accept-Encoding
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 9680140c-301e-0025-2e59-e6bb7e000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/custom.js

104.18.43.104

200 OK

5.9 kB

URL GET HTTP/2
welcome.unibet.com/custom.js
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint1E:BC:69:03:45:99:B8:D0:67:20:89:31:4F:24:49:C1:1A:9E:B2:83
ValidityFri, 01 Sep 2023 17:59:50 GMT - Thu, 30 Nov 2023 17:59:49 GMT

File type
ASCII text, with very long lines (6078), with no line terminators
Size
5.9 kB (5881 bytes)
Hash
f1d301b9a66fabf51fc0630bdcaf0bf8
45100e61056b88ffd1f2f4bc02f393cda328b595
9f86f4c23e72c39fe76f986ada1f7649af6abc8a1da08760e287498c84c772d5

HTTP Headers

GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: application/javascript
cf-ray: 8096b705bffd0afa-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 480744
etag: W/"0x8DA115DA300B0C1"
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
vary: Accept-Encoding
content-md5: e/Aekt1V1fopj1X7y5r9MA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg

104.18.43.104

200 OK

3.2 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint1E:BC:69:03:45:99:B8:D0:67:20:89:31:4F:24:49:C1:1A:9E:B2:83
ValidityFri, 01 Sep 2023 17:59:50 GMT - Thu, 30 Nov 2023 17:59:49 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3287), with no line terminators
Size
3.2 kB (3207 bytes)
Hash
910a470c87e6907732caefbe1b43f25c
709f3846db3c983a502d081a17c95404c545141c
c1912c86d189996a4995f3c142f73f88150fd922a203f914e1a17992f07a2db5

HTTP Headers

GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: image/svg+xml
cf-ray: 8096b705bffe0afa-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 557932
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702B55A494"
last-modified: Wed, 13 Sep 2023 15:43:25 GMT
vary: Accept-Encoding
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 4e5092f0-d01e-005f-0959-e6a63e000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg

104.18.43.104

200 OK

1.1 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint1E:BC:69:03:45:99:B8:D0:67:20:89:31:4F:24:49:C1:1A:9E:B2:83
ValidityFri, 01 Sep 2023 17:59:50 GMT - Thu, 30 Nov 2023 17:59:49 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1092), with no line terminators
Size
1.1 kB (1066 bytes)
Hash
72ece8ff11191ced6c715b6dffb50c8e
f31de9cc333fe23b895c701ac6bfe4a9388f456a
e51fdf1e222c2590c5436e649fbe707d5f80e6b3888bca1509510b9504b43949

HTTP Headers

GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: image/svg+xml
cf-ray: 8096b705d8090afa-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 557932
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702CDF8B61"
last-modified: Wed, 13 Sep 2023 15:43:28 GMT
vary: Accept-Encoding
content-md5: 9k4H3E55HXB5I94VinrUOQ==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 968012d8-301e-0025-1a59-e6bb7e000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 16 Sep 2023 11:13:54 GMT
expires: Sun, 15 Sep 2024 11:13:54 GMT
cache-control: public, max-age=31536000
age: 314910
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no

104.40.147.180

200 OK

4.7 kB

URL GET HTTP/2
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP
104.40.147.180:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerMicrosoft Corporation
Subject*.azurewebsites.net
Fingerprint0A:12:F7:66:D9:79:A1:83:48:0D:FC:30:BC:F5:BD:27:AF:F4:1A:84
ValidityTue, 01 Aug 2023 09:55:22 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (5178), with no line terminators
Size
4.7 kB (4706 bytes)
Hash
631915d845ca82d33ab60022714e1ff6
30f782357bfb04d2a311b19a4e116c7a0d00253a
225138234c65e4185b4d10ccddffeec9f5b674156fb2ca1819f5a89baf92f4a0

HTTP Headers

GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Wed, 20 Sep 2023 02:42:24 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=b6a6b22b299115b3d4b856cc5731ebc530a75064785679765d09fb338eda1272;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=b6a6b22b299115b3d4b856cc5731ebc530a75064785679765d09fb338eda1272;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js

104.18.43.104

200 OK

4.5 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint1E:BC:69:03:45:99:B8:D0:67:20:89:31:4F:24:49:C1:1A:9E:B2:83
ValidityFri, 01 Sep 2023 17:59:50 GMT - Thu, 30 Nov 2023 17:59:49 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (4762), with no line terminators
Size
4.5 kB (4514 bytes)
Hash
cc638d634c8efd9452a05f3ed63a2c15
d680da0e128220e8310269d900408fb3727eca2d
9d2ff7f3c0209be9a5ba2736e033c4117893aed259278008797f0bfd43dea7fb

HTTP Headers

GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 8096b705aff70afa-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 557932
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702E1B3700"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: ba4b4fb1-001e-0011-5559-e688b6000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,500

142.250.74.106

200 OK

6.4 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38
ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT

File type
ASCII text, with very long lines (6530), with no line terminators
Size
6.4 kB (6362 bytes)
Hash
feddc562097e437af08febef83792dbe
4d1d430f50e555657f1a135bcf655877597b38ca
284e88ea80c2a259fedfeb2cd060bd55616e22a73693c779061741385239c46b

HTTP Headers

GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 20 Sep 2023 02:42:24 GMT
date: Wed, 20 Sep 2023 02:42:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg

104.18.43.104

200 OK

1.5 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint1E:BC:69:03:45:99:B8:D0:67:20:89:31:4F:24:49:C1:1A:9E:B2:83
ValidityFri, 01 Sep 2023 17:59:50 GMT - Thu, 30 Nov 2023 17:59:49 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1513), with no line terminators
Size
1.5 kB (1481 bytes)
Hash
49bb8022b31261533a9fc360618129c2
35ab11ba839506015fe62c50a79bf3aff01d049c
559f2bd484ade1ad03ed79c5a5de1604fe9acc174164d3fd28d68eff7acbe2b3

HTTP Headers

GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: image/svg+xml
cf-ray: 8096b705d80d0afa-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 557932
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702D1E3897"
last-modified: Wed, 13 Sep 2023 15:43:28 GMT
vary: Accept-Encoding
content-md5: Kch+tYuo05USS5JaESq1rA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 0df8519a-b01e-0014-1259-e65a6d000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.unibet.com/

85.184.96.0

200 OK

0 B

URL GET HTTP/2
www.unibet.com/
IP
85.184.96.0:443
ASN
#47171 Unibet Services Limited

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:87019218-37950&btag=127656177_54037A54D08A4B73A2A1A76F7222DE41&bid=37950&campaignId=2799402&pid=87019218
Certificate
IssuerLet's Encrypt
Subjectunibet.com
FingerprintE2:5A:07:12:2E:ED:7F:DA:51:0B:67:88:72:2C:21:3C:B9:85:09:22
ValidityWed, 06 Sep 2023 01:18:21 GMT - Tue, 05 Dec 2023 01:18:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a87019218%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1695177743627)%5c%2f%22%2c%22CookieTag%22%3a%223795087019218451240919C2023920242%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210224346029%7c1%22%7d%5d; __ucbt=node0iyydxfb9uphe1qsfd27x3xsxx; uniattr=ST.0.T; uniattr_ref="https://www.highcpmrevenuenetwork.com/"; affiliateId=1; B-TAG=127656177_54037A54D08A4B73A2A1A76F7222DE41; BID=37950; PID=87019218; REFERER=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_54037A54D08A4B73A2A1A76F7222DE41%26sref%3DADST%26ADST%3D17984656%26affiliateId%3D1%26pid%3D87019218%26bid%3D37950; clientId=polopoly_desktop; btag=127656177_54037A54D08A4B73A2A1A76F7222DE41
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 20 Sep 2023 02:42:24 GMT
content-type: text/html;charset=utf-8
x-request-id: 444f49e244c1033d6902800cd4753adf
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Wed, 20 Sep 2023 02:42:15 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (39)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML