lopaset.com/camp5?bundle=3003503&cost=0.101&source_id=98&stage=1&country=VN&difficulty=0.5&campaignid=570522&site_id=hclips.com
172.67.152.234301 Moved Permanently 0 B URL HTTP/1.1 lopaset.com/camp5?bundle=3003503&cost=0.101&source_id=98&stage=1&country=VN&difficulty=0.5&campaignid=570522&site_id=hclips.com
IP 172.67.152.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /camp5?bundle=3003503&cost=0.101&source_id=98&stage=1&country=VN&difficulty=0.5&campaignid=570522&site_id=hclips.com HTTP/1.1
Host: lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 15 Jan 2023 04:45:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 15 Jan 2023 05:45:13 GMT
Location: https://lopaset.com/camp5?bundle=3003503&cost=0.101&source_id=98&stage=1&country=VN&difficulty=0.5&campaignid=570522&site_id=hclips.com
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2B57KaV9w3yD6AO0Ywtgi6AfkY3wodNXcjY3my%2F6qrC9P43%2B8GO47Km%2Fsb703pQiLjrU2nSQ4TWhIunSN%2Fad%2F3FTFGt%2B9W9vuXF9eZkztd1Ll%2BQqPRIP4jYMHCWjjg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 789bf5edfd180b39-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17613
Expires: Sun, 15 Jan 2023 09:38:46 GMT
Date: Sun, 15 Jan 2023 04:45:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3063227f59d1935298b0620fa7919145
478e1d8bef04b1f95381cac01829c03b6779d420
619281d3b9753bc6d2845786da75e8566687362769517aacf90f953ffbb8407c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "619281D3B9753BC6D2845786DA75E8566687362769517AACF90F953FFBB8407C"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8544
Expires: Sun, 15 Jan 2023 07:07:37 GMT
Date: Sun, 15 Jan 2023 04:45:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 15 Jan 2023 03:48:57 GMT
content-type: application/json
age: 3376
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7bd85a261739c122eefb74ffddaec99
e2e059b0740592e8591d432249aafe5fcb8af23c
71bdd130b8d143f228542f678e91c98ab4e5844fb9f47b036e15372660be25fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71BDD130B8D143F228542F678E91C98AB4E5844FB9F47B036E15372660BE25FD"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13703
Expires: Sun, 15 Jan 2023 08:33:36 GMT
Date: Sun, 15 Jan 2023 04:45:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: J9hxj5lhU0ndp/9xsLC6aEnEQjFWxH6g77E0LJ4+bIXGDy3MSD+avvZ7CMx7a0XbusLhRh25iEA=
x-amz-request-id: 5W7EDGVJCAZRNXA9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 15 Jan 2023 03:55:13 GMT
age: 3000
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 04:45:13 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ak.onpluslean.com/afu.php?zoneid=5178792&ymid=16737579135982dl9ca08u&var=98
23.36.76.107200 OK 2.3 kB URL HTTP/2 ak.onpluslean.com/afu.php?zoneid=5178792&ymid=16737579135982dl9ca08u&var=98
IP 23.36.76.107:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3064)
Hash 5df198740f6a530cd6703289ec35cb29
4d99e0eb9e2f7a9c4fb03cf8dd60b70cbdcc6265
ad35faed87a0d372c5acc6c1d727720a02310459fbb6ecd18ebd587a6c42fd26
Analyzer Verdict Alert quad9 Sinkholed
GET /afu.php?zoneid=5178792&ymid=16737579135982dl9ca08u&var=98 HTTP/1.1
Host: ak.onpluslean.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lopaset.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: 7af04b871af2567e2d380d9b31f5ae78
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
vary: Accept-Encoding
x-akamai-transformed: 9 679 0 pmb=mRUM,1
content-encoding: gzip
expires: Sun, 15 Jan 2023 04:45:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 15 Jan 2023 04:45:14 GMT
content-length: 2329
set-cookie: OAID=9866ccdf44474a25a1cbe20781667d46; expires=Mon, 15 Jan 2024 04:45:14 GMT; path=/; secure; SameSite=None
oaidts=1673757914; expires=Mon, 15 Jan 2024 04:45:14 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=165, origin; dur=13
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 15 Jan 2023 04:17:25 GMT
age: 1669
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
lopaset.com/camp5?bundle=3003503&cost=0.101&source_id=98&stage=1&country=VN&difficulty=0.5&campaignid=570522&site_id=hclips.com
172.67.152.234200 OK 11 kB URL HTTP/2 lopaset.com/camp5?bundle=3003503&cost=0.101&source_id=98&stage=1&country=VN&difficulty=0.5&campaignid=570522&site_id=hclips.com
IP 172.67.152.234:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (24312), with no line terminators
Hash 08a80af366c9c20456934e1c5776d686
bb527b710b6855442576b8bb64313137900f8163
9822a03701c8521e14f796a7e86c05717fe17d507803d9a2016d0c2a073d3d33
GET /camp5?bundle=3003503&cost=0.101&source_id=98&stage=1&country=VN&difficulty=0.5&campaignid=570522&site_id=hclips.com HTTP/1.1
Host: lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:13 GMT
content-type: text/html;charset=UTF-8
content-language: en-US
set-cookie: visit=16737579135982dl9ca08u;Max-age=86400; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HQC0wScTCzT8so4NBtMXKi4NZ0A3o4wFg8MfEqdny7z%2B%2FnXNEvx5G%2Bvv7qrrOSnUJrw4me0U5rXyyIKW0meNjzgMswbUO75Nn32a%2F787dyYoDzD%2Bnp6%2FC2bL6jCXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5effbf5b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c01ec61f7ca77158f474b3ab519c12fa
fc82ae0fcd73a83a980b75709a08e65239894e4a
f533e0fac9b92e79d4fbd6e70b42a83067de95f0a13cc737d7e5fa459baa4c54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2448
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:45:14 GMT
Last-Modified: Sun, 15 Jan 2023 04:04:26 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 726086b75b5570c59597a0fb31c3b5b0
6931c1b1fe3d79e91ce7f3b6b64b2554610dd37d
6af992c64022aca6c270d7b851c025f341c96ead113221690334da8f9b33c602
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AF992C64022ACA6C270D7B851C025F341C96EAD113221690334DA8F9B33C602"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2554
Expires: Sun, 15 Jan 2023 05:27:48 GMT
Date: Sun, 15 Jan 2023 04:45:14 GMT
Connection: keep-alive
ak.onpluslean.com/favicon.ico
23.36.76.107204 No Content 0 B URL HTTP/2 ak.onpluslean.com/favicon.ico
IP 23.36.76.107:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: ak.onpluslean.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: OAID=9866ccdf44474a25a1cbe20781667d46; oaidts=1673757914
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
expires: Sun, 15 Jan 2023 04:45:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 15 Jan 2023 04:45:14 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=19, origin; dur=7
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eaf7064ae4e678f067fdbe2a55a6fa8e
1061780430c53d9d3d2ea3d4fbbfc98cad64f992
b8a4d64c0b0988bd0a6834c86d166a6db90636bd0a52d6f0d91b957037f6a588
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8A4D64C0B0988BD0A6834C86D166A6DB90636BD0A52D6F0D91B957037F6A588"
Last-Modified: Sat, 14 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5193
Expires: Sun, 15 Jan 2023 06:11:47 GMT
Date: Sun, 15 Jan 2023 04:45:14 GMT
Connection: keep-alive
my.rtmark.net/img.gif?f=merge&userId=9866ccdf44474a25a1cbe20781667d46
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=9866ccdf44474a25a1cbe20781667d46
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=9866ccdf44474a25a1cbe20781667d46 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 04:45:14 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9866ccdf44474a25a1cbe20781667d46; expires=Mon, 15 Jan 2024 04:45:14 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
eu.can-get-so.me/pr?ids=wbwsdgevdua&hash=9d2e850da28b60f5&ext_req_id=638349558354809658&subid1=5178792&cost=0.001260&rdk=rk1
157.90.33.73302 Found 0 B URL HTTP/2 eu.can-get-so.me/pr?ids=wbwsdgevdua&hash=9d2e850da28b60f5&ext_req_id=638349558354809658&subid1=5178792&cost=0.001260&rdk=rk1
IP 157.90.33.73:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pr?ids=wbwsdgevdua&hash=9d2e850da28b60f5&ext_req_id=638349558354809658&subid1=5178792&cost=0.001260&rdk=rk1 HTTP/1.1
Host: eu.can-get-so.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sun, 15 Jan 2023 04:45:14 GMT
content-length: 0
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
referrer-policy: no-referrer
location: http://35.227.234.222/2/PU_NO_CS_DT_KINDRED_?source=660936&geo=NO&device=desktop
set-cookie: rauid=3iRM9w_yRzmFP8QDRh2ADg; expires=Mon, 15 Jan 2024 04:45:14 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 726086b75b5570c59597a0fb31c3b5b0
6931c1b1fe3d79e91ce7f3b6b64b2554610dd37d
6af992c64022aca6c270d7b851c025f341c96ead113221690334da8f9b33c602
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AF992C64022ACA6C270D7B851C025F341C96EAD113221690334DA8F9B33C602"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2554
Expires: Sun, 15 Jan 2023 05:27:48 GMT
Date: Sun, 15 Jan 2023 04:45:14 GMT
Connection: keep-alive
35.227.234.222/2/PU_NO_CS_DT_KINDRED_?source=660936&geo=NO&device=desktop
35.227.234.222302 Found 0 B URL HTTP/1.1 35.227.234.222/2/PU_NO_CS_DT_KINDRED_?source=660936&geo=NO&device=desktop
IP 35.227.234.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /2/PU_NO_CS_DT_KINDRED_?source=660936&geo=NO&device=desktop HTTP/1.1
Host: 35.227.234.222
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Sun, 15 Jan 2023 04:45:14 GMT
Content-Length: 0
Location: https://adserving.unibet.com/redirect.aspx?bid=37672&pid=79982261&sref=GIG&GIG=NO_MOBILE_CASINO
Via: 1.1 google
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789749&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789749&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 8dde17b9ca01dc2cb904a21ccdd305fa
6af0a4c45f0c8b14d5e1ca828a409622279b1910
bb02df0cbeb3e7060d53332b0a9c238b5f70742b78afb2a9b8b4d8dd887be29a
GET /gid.js?pub=0&userId=&zoneId=4789749&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lopaset.com/
Origin: https://lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 04:45:14 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://lopaset.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=e547b689330d45bf9d13ccbf28b57def; expires=Mon, 15 Jan 2024 04:45:14 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.39.246.74101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.246.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: O0gW+HCmi/jIHPm6vyh5Cw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pMuDNBn8SJFnmR/P6RK0WODbAVw=
adserving.unibet.com/redirect.aspx?bid=37672&pid=79982261&sref=GIG&GIG=NO_MOBILE_CASINO
23.36.79.11307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37672&pid=79982261&sref=GIG&GIG=NO_MOBILE_CASINO
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37672&pid=79982261&sref=GIG&GIG=NO_MOBILE_CASINO HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2750544&affiliateId=1&unibetTarget=/nu/pop/casino/bookofdead/2023/index.html&targetDomain=https://welcome.unibet.nu&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&sref=GIG&GIG=NO_MOBILE_CASINO&affiliateId=1&pid=91003245&bid=37672
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sun, 15 Jan 2023 04:45:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 15 Jan 2023 04:45:14 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1673757914966)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C2023115445%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228694132655%7c1%22%7d%5d; domain=.unibet.com; expires=Tue, 15-Jan-3022 04:45:14 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=19, origin; dur=47
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://lopaset.com/
Origin: https://lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 04:45:14 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://lopaset.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash ab9d668879b07f0046d711441693f9cf
bd00ce0df79482ccb48f57cdc2b7299b7a34a241
00eae391bd571bc1c9d6c0d3ec35a79aeeb7e538f3dc216b1365ea48f8a6ddaf
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lopaset.com/
Content-Type: application/json
Origin: https://lopaset.com
Content-Length: 384
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 04:45:15 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 24374207a03e7ea23d13d0bf9f07a3d5
access-control-allow-origin: https://lopaset.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2750544&affiliateId=1&unibetTarget=/nu/pop/casino/bookofdead/2023/index.html&targetDomain=https://welcome.unibet.nu&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&sref=GIG&GIG=NO_MOBILE_CASINO&affiliateId=1&pid=91003245&bid=37672
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2750544&affiliateId=1&unibetTarget=/nu/pop/casino/bookofdead/2023/index.html&targetDomain=https://welcome.unibet.nu&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&sref=GIG&GIG=NO_MOBILE_CASINO&affiliateId=1&pid=91003245&bid=37672
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2750544&affiliateId=1&unibetTarget=/nu/pop/casino/bookofdead/2023/index.html&targetDomain=https://welcome.unibet.nu&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&sref=GIG&GIG=NO_MOBILE_CASINO&affiliateId=1&pid=91003245&bid=37672 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 15 Jan 2023 04:45:15 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2750544&affiliateId=1&unibetTarget=/nu/pop/casino/bookofdead/2023/index.html&targetDomain=https://welcome.unibet.nu&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&sref=GIG&GIG=NO_MOBILE_CASINO&affiliateId=1&pid=91003245&bid=37672&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%3Fmktid%3D1%3A320669908%3A91003245-37672
set-cookie: JSESSIONID=node01aoherwemex9w1tnvfavbdcebk908003.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01aoherwemex9w1tnvfavbdceb; Path=/; Domain=.unibet.nu; Expires=Tue, 14-Jan-2025 04:45:15 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Tue, 14-Jan-2025 04:45:15 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref=; Path=/; Domain=.unibet.nu; Expires=Tue, 14-Jan-2025 04:45:15 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=2750544; Path=/; Domain=.unibet.nu; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=30305624; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Sun, 15-Jan-2023 04:45:30 GMT; Max-Age=15; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=30305624; Secure; SameSite=None
B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; Path=/; Domain=.unibet.nu; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=30305624; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37672; Path=/; Domain=.unibet.nu; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=30305624; Secure; SameSite=None
PID=91003245; Path=/; Domain=.unibet.nu; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=30305624; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; Path=/; Domain=.unibet.nu; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=30305624; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=2750544; Path=/; Domain=.unibet.nu; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=30305624; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Sun, 15-Jan-2023 04:45:30 GMT; Max-Age=15; Secure; SameSite=None
campaignId=2750544; Path=/; Domain=.unibet.nu; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=30305624; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Sun, 15-Jan-2023 04:45:30 GMT; Max-Age=15; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Sun, 15 Jan 2023 04:45:15 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2750544&affiliateId=1&unibetTarget=/nu/pop/casino/bookofdead/2023/index.html&targetDomain=https://welcome.unibet.nu&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&sref=GIG&GIG=NO_MOBILE_CASINO&affiliateId=1&pid=91003245&bid=37672&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%3Fmktid%3D1%3A320669908%3A91003245-37672
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2750544&affiliateId=1&unibetTarget=/nu/pop/casino/bookofdead/2023/index.html&targetDomain=https://welcome.unibet.nu&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&sref=GIG&GIG=NO_MOBILE_CASINO&affiliateId=1&pid=91003245&bid=37672&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%3Fmktid%3D1%3A320669908%3A91003245-37672
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2750544&affiliateId=1&unibetTarget=/nu/pop/casino/bookofdead/2023/index.html&targetDomain=https://welcome.unibet.nu&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&sref=GIG&GIG=NO_MOBILE_CASINO&affiliateId=1&pid=91003245&bid=37672&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%3Fmktid%3D1%3A320669908%3A91003245-37672 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 15 Jan 2023 04:45:15 GMT
content-length: 0
location: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Sun, 15 Jan 2023 04:45:15 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f8d0a45517eb0dff8a34596ad9f1f279
d3034c4bdb2bdad4fd266e62ca137fe404d6e3d9
e51458555d9ac203f80b9da48196d3f94e6b670c33d4807effea2fa799657663
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:45:15 GMT
Etag: "63c28f8d-118"
Server: ECS (amb/6BC5)
Content-Length: 280
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/sofort-logo.png
104.18.24.188200 OK 6.3 kB URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/sofort-logo.png
IP 104.18.24.188:0
File type PNG image data, 200 x 63, 8-bit/color RGBA, non-interlaced\012- data
Hash 31ac3078aee688d28525b413b162067e
f39632d17ec3189f63d32cc9a050caf03c2c9904
2671d5e75f7d9928a374a5d8b4d1e9d0b4178ca90c67e553aa2bb2d4a75c8513
GET /nu/pop/casino/bookofdead/2023/sofort-logo.png HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:15 GMT
content-type: image/png
content-length: 6286
cache-control: public, max-age=900, immutable
content-md5: MawweK7miNKFJbQTsWIGfg==
last-modified: Wed, 21 Dec 2022 12:49:15 GMT
etag: "0x8DAE351C458438A"
x-ms-request-id: f178592c-201e-0016-51e9-17e4d5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 564792
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5fd58c10b59-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 83579ff88cab4d4d05d4741599104d9c
fe74c219f8655a4ca36fe397884e55ab63d1288a
a492a770e88739fac8094f7b73f87474cee4ad2ccbf9f1963b935474544ef3f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:45:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
85.184.96.5200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:15 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5304 Not Modified 0 B URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 304 Not Modified
date: Sun, 15 Jan 2023 04:45:15 GMT
etag: "705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/gambling-commission.png
104.18.24.188404 Not Found 643 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/gambling-commission.png
IP 104.18.24.188:0
File type XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Hash f80b9a34156d8574f36565bacd65f08b
c8773d98fb3e851b4f85e7b31025761621f83d20
1a00ec9ca208283bad75487653955f8146bc1005b991f6e13870a7999edf9054
GET /nu/pop/casino/bookofdead/2023/gambling-commission.png HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 15 Jan 2023 04:45:15 GMT
content-type: application/xml
x-ms-request-id: 08b5e450-b01e-0049-7e9b-2850e9000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 175
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5fd58c60b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
216.58.207.234200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 10:27:15 GMT
expires: Sun, 14 Jan 2024 10:27:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 65880
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/icon-expert.svg
104.18.24.188200 OK 996 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/icon-expert.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (966), with no line terminators
Hash 5e8f2826dee0d4719d18264a9bd6b1b4
d3ad0f107cd28d0ac575eae2307d856bcff2709a
395dfe7b126f45d676ca4c691c5a15bf52f63b6141b289a79662ae185553e886
GET /nu/pop/casino/bookofdead/2023/icon-expert.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:15 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Wed, 21 Dec 2022 12:49:13 GMT
etag: W/"0x8DAE351C3426860"
x-ms-request-id: d58c5460-101e-0022-5fe9-17d71d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 564792
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5fd58c40b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5304 Not Modified 0 B URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Cookie: clientId=polopoly_desktop
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 15 Jan 2023 04:45:15 GMT
etag: "705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/1-background-black.jpg
104.18.24.188200 OK 286 kB URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/1-background-black.jpg
IP 104.18.24.188:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1800x936, components 3\012- data
Size 286 kB (285519 bytes)
Hash 0cb33737fe30867f9a73465c6f98e89d
51df07b8881c10c5f1971b7f33150fb8f8212a95
57e8e060ab5ff032b341c66862cac41acb93a955c522caee9d4c931a95e2c394
GET /nu/pop/casino/bookofdead/2023/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/1-styles.css
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:15 GMT
content-type: image/jpeg
content-length: 285519
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: DLM3N/4whn+ac0Zcb5jonQ==
etag: "0x8DAE351C11B6C17"
last-modified: Wed, 21 Dec 2022 12:49:09 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 90250599-c01e-0043-4915-19f45e000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 497502
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5fe59190b59-OSL
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/com-payments.svg
104.18.24.188200 OK 21 kB URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/com-payments.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8eeca769d6285ba52f385dd4a6cd6e07
5c8c98b39c664cf8eacd13dd08bf2076b42897f0
1b3bd12177af11c5f240f08b4a18119b2c009d50a60c8338d50f9ed87e7bc70f
GET /nu/pop/casino/bookofdead/2023/com-payments.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:15 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Wed, 21 Dec 2022 12:49:10 GMT
etag: W/"0x8DAE351C1959348"
x-ms-request-id: 204f0846-701e-000b-48e9-17e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 564792
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5fd58c70b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/custom.js
104.18.24.188200 OK 76 kB URL HTTP/2 welcome.unibet.nu/custom.js
IP 104.18.24.188:0
Hash 1214807ff5f96e14c0ab5d22a8a72ed8
260b43bfdd05b7b425924abc78856a638d4fe162
ed5fabc55997574c77f75b4533721a28bb6062989c458bf77180522f87588821
GET /custom.js HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:15 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: 126f410e-701e-000b-2310-f9e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 385237
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5fd48be0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e804586be26c88b95d554afe0ef24d5c
6f99b1fe2330c4661608f17819a4490a92ca296c
38894b7977e8f8e790a71eedf8144799a77ccceb49771e7458392ad7916293db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:45:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:45:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:45:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/icon-sports.svg
104.18.24.188200 OK 16 kB URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/icon-sports.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1481), with no line terminators
Hash 8c94da05b1b3786912ec08a4c6730677
3131b364a0ee4313b12a079fdb0f134339c680c3
88afe8031a4e61b9b8cb8579d2c849035b79719ddd97fdbbb29efab7440a065f
GET /nu/pop/casino/bookofdead/2023/icon-sports.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:15 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Wed, 21 Dec 2022 12:49:13 GMT
etag: W/"0x8DAE351C388DCE4"
x-ms-request-id: b12efe15-c01e-001e-03e9-17feda000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 564792
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5fd58c50b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:45:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:300,400,500
142.250.74.106200 OK 17 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 142.250.74.106:0
Hash 89ae585d8bd954bfc8df380779ae7dc3
511928507d75fad13262f257f0ca0dc49ddfc38e
c020e7e91ed83e8107790cad4e91d60039407f7b5b0cd524c3751b3dd6dafd34
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 15 Jan 2023 04:45:15 GMT
date: Sun, 15 Jan 2023 04:45:15 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
142.250.74.40200 OK 81 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP 142.250.74.40:0
File type ASCII text, with very long lines (62112)
Hash 9d0b7f37c5bd92627ce7c2224302f133
726fb0e4b4ffcaeaa65ad5a0501343bd5bd4250e
4c25369e4dabfb44eb21fcfa30b4b2bb82261a77e70053b1f813904d9dc579d1
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 15 Jan 2023 04:45:16 GMT
expires: Sun, 15 Jan 2023 04:45:16 GMT
cache-control: private, max-age=900
last-modified: Sun, 15 Jan 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81446
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 10:26:49 GMT
expires: Sun, 14 Jan 2024 10:26:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
age: 65907
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:45:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/1-styles.css
104.18.24.188200 OK 5.4 kB URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/1-styles.css
IP 104.18.24.188:0
Hash 2c40ba6c8b3e05cd9d8e3b8bb6a93d60
332ce73bc716aa661a6ca1cbd3aacb333d7e7f52
5a15739168a3958f227e10c10396d99e4daeb62c81c84155b9a46cefb73255ee
GET /nu/pop/casino/bookofdead/2023/1-styles.css HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:15 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: MET9VhdZCoF3PKK/Q9YAzg==
last-modified: Wed, 21 Dec 2022 12:49:09 GMT
etag: W/"0x8DAE351C0B036D8"
x-ms-request-id: 4bdcda55-f01e-003a-49e9-17087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 564805
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5fd48bc0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=9755599
37.252.171.52307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 37.252.171.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 15 Jan 2023 04:45:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 7673771f-ccf0-4446-b1fb-0290215cbce9
Set-Cookie: uuid2=8791897725295927113; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 15-Apr-2023 04:45:16 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/unibet-logo.svg
104.18.24.188200 OK 3.6 kB URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/unibet-logo.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3207), with no line terminators
Hash f09b50da3e85ef9e4fd310bc31d75de3
c786952caa8a4d233937f9752498c09f619b34d0
3fa0f9f5852b9395a23f055fac90a2d2a08ec22e8deaa59fc596788d15ec8cb4
GET /nu/pop/casino/bookofdead/2023/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:15 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Wed, 21 Dec 2022 12:49:10 GMT
etag: W/"0x8DAE351C161B997"
x-ms-request-id: 2ab1bfc1-001e-0001-56e9-174dde000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 564792
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5fd58bf0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5367
Expires: Sun, 15 Jan 2023 06:14:43 GMT
Date: Sun, 15 Jan 2023 04:45:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5367
Expires: Sun, 15 Jan 2023 06:14:43 GMT
Date: Sun, 15 Jan 2023 04:45:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5367
Expires: Sun, 15 Jan 2023 06:14:43 GMT
Date: Sun, 15 Jan 2023 04:45:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5367
Expires: Sun, 15 Jan 2023 06:14:43 GMT
Date: Sun, 15 Jan 2023 04:45:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc75c5357-d038-4ff3-8b8f-9b5f26db0a5e.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc75c5357-d038-4ff3-8b8f-9b5f26db0a5e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bda8a71e1e7a2173911de887bcab274
a05c3182c259756d1a5327d5a133320313565fc8
b00ae81aae4e5867010548c35737058b2ccfd9a6a6e2a061c729a71d04a5a1a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc75c5357-d038-4ff3-8b8f-9b5f26db0a5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2965
x-amzn-requestid: b17939c4-4838-4ec7-8459-93f88392a966
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: euH1cFFaIAMFuCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c25355-4caee7f1070ed0c450f919f8;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 07:01:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fnUpBYZf6aDHW2v8vTN1O2N9GqPvYvbEytMf8fjkUVYzCjBCjU7grA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:46:14 GMT
etag: "a05c3182c259756d1a5327d5a133320313565fc8"
content-type: image/jpeg
age: 25142
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: eb427fd6-c342-4a22-af45-ecc528cf4a8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: epfDqEAZIAMFudQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0787d-4f61ecd2422081224869da76;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:15:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RRMRT2BC5p1x0Vh20ut0Kjbz2mnaNToUIbzIg9oczduvzYCckvFORA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 05:58:29 GMT
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
age: 82007
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e68a8bb-322d-4bae-b7c5-1119e3ee275e.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e68a8bb-322d-4bae-b7c5-1119e3ee275e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12751079fc17bca8630a1ea2b4334a75
0d0bb45beee28e37376cfc3de11074c6f981ff99
15b949a3524291d6c8bd8ef759d3cdb29d6fafd43f3ffba408f6aa7be7c14e7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e68a8bb-322d-4bae-b7c5-1119e3ee275e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6024
x-amzn-requestid: 0c4e6a89-2fbc-42c8-ae1b-0cf608c134cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewH9tFrJoAMFsVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c32057-0731faff3ab762d4793376e7;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pWzVYiC2sHEVtlZzGN8FfxB1K3i14JfYzRn60x18gNP01nzlsEve9A==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:46:07 GMT
age: 25149
etag: "0d0bb45beee28e37376cfc3de11074c6f981ff99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faef58504-f92f-4cd3-bd97-3b50a3784de1.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faef58504-f92f-4cd3-bd97-3b50a3784de1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 98b4bbbd2711ea868a79154cf2b53000
a3688a7892c5abeac934a5d0a13d4a64c359a2c3
e1565fb3b967e5aefec75f9943780da4a0de245dbc67469402de845e5b028e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faef58504-f92f-4cd3-bd97-3b50a3784de1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3866
x-amzn-requestid: 0d1e5cba-18d2-4632-b45c-1a4db0b83228
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewIRcFg6oAMFttA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c320d5-0d59bb2977949c053e99727b;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DhDulNcsTyy_OdLR0kogtF8v9jkKyVlyMunJnHTdRKg4wij0xwpUKA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:38:30 GMT
etag: "a3688a7892c5abeac934a5d0a13d4a64c359a2c3"
content-type: image/jpeg
age: 25606
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fa787b7-5a13-46f4-a39a-67e066ad269e.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fa787b7-5a13-46f4-a39a-67e066ad269e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d6a540f8fcb678253586f37929feae01
dd42bc0ba674caeb39de3983b4c6f042e6ade5ff
dab64cb69db90762f2b1e10bff05fe32ccc54a5b7e75801247ae41c173c00630
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fa787b7-5a13-46f4-a39a-67e066ad269e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6339
x-amzn-requestid: 90eb0826-d4c1-40a8-b501-325e07c538c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: essVEHbzIAMFd4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1c0ed-2da2b2463c3fb6fb225c9834;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 20:37:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FVTrOdPVYbFtdluF7aBgPL3p6kJQvVmpCmhU04Di9JmLfzMvZJjZuw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 07:18:51 GMT
age: 77185
etag: "dd42bc0ba674caeb39de3983b4c6f042e6ade5ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/18-plus.svg
104.18.24.188200 OK 7.6 kB URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/18-plus.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1053), with no line terminators
Hash 3a0e0dcf738f6713da5243a23ed74aea
775ac32178caa4e41729143c3eec4e2a4f858108
8806c5ef872e7d24792884b269b9f2a9966c2f493187e14b858b8d4a5c94c84a
GET /nu/pop/casino/bookofdead/2023/18-plus.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:16 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Wed, 21 Dec 2022 12:49:10 GMT
etag: W/"0x8DAE351C14423D9"
x-ms-request-id: 916b110e-201e-0039-25e9-17e91e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 564799
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5ffa9700b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2c0c7eb810731238d4a9a19ebd201912
4733e89ccc428454db903e41989770f0f21b0421
dc555a6a12c4467ad95ad0db229685e84da3e6d5249727547f2cc7532ac998b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2796
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:45:16 GMT
Etag: "63c24680-1d7"
Last-Modified: Sun, 15 Jan 2023 03:58:40 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
37.252.171.52200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 37.252.171.52:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 15 Jan 2023 04:45:16 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 2cacf56e-e429-4965-87d3-e29f5e16e4c8
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GTusxmo-!]tbP6j2F-XstGt!@D=L$W%m:; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 15-Apr-2023 04:45:16 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1673757916574
54.195.228.119200 OK 500 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1673757916574
IP 54.195.228.119:0
File type JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Hash f43a9e8a4887e67372406afcd9a0fd79
373396ff86f78b813b6ef4a1ffc719f071b2d427
a149b76b93fe975e86d6493ba74bd99c81e36b141e26ee4f87c7f6a8edd4732f
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1673757916574 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.nu
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-027dff91d.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=22863205240189277451645044690853886812; Max-Age=15552000; Expires=Fri, 14 Jul 2023 04:45:16 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: I7OT2wVBQOM=
Content-Length: 500
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 02d5c63024098aa3a0561ac1df57b2c4
b7a7cd06376a35e0f0208cb978b80e0b60db12ba
4ec0b9a44dfd8145e17dcef5c4bc4818f2952c311b0875b7f82ec3d5773266b3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4531
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 04:45:16 GMT
Last-Modified: Sun, 15 Jan 2023 03:29:45 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=22845669840082834181646789796805183175&ts=1673757916794
13.37.25.97200 OK 2 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=22845669840082834181646789796805183175&ts=1673757916794
IP 13.37.25.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=22845669840082834181646789796805183175&ts=1673757916794 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://welcome.unibet.nu
access-control-allow-credentials: true
date: Sun, 15 Jan 2023 04:45:16 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s73439283649760?AQB=1&ndh=1&pf=1&t=15%2F0%2F2023%204%3A45%3A16%200%200&mid=22845669840082834181646789796805183175&aamlh=6&ce=UTF-8&pageName=LP%3A2019%20-%20Casino%20-%20Book%20of%20Dead&g=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%3Fmktid%3D1%3A320669908%3A91003245-37672%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26bid%3D37672%26campaignId%3D2750544%26pid%3D91003245&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%3Fmktid%3D1%3A320669908%3A91003245-37672%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26bid%3D37672%26campaignId%3D2750544%26pid%3D91003245&v1=welcome.unibet.nu%3A%3A%3Adesktop%3Anu%3Apop%3Acasino%3Abookofdead%3A2023%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.nu&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=4%3A45%20AM%7CSunday&v6=4%3A45%20AM%7CSunday&v11=GBP&c14=New&v14=New&c16=1673757917&v21=Not%20Logged-In&c73=unibet&v120=affiliate&v121=1%3A320669908%3A91003245-37672&v122=NONE&v124=2750544&v125=320669908_5CA6F3187CC844D8B5663D67A65B24C9&v126=91003245&v127=37672&v134=1673757916&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
13.37.25.97200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s73439283649760?AQB=1&ndh=1&pf=1&t=15%2F0%2F2023%204%3A45%3A16%200%200&mid=22845669840082834181646789796805183175&aamlh=6&ce=UTF-8&pageName=LP%3A2019%20-%20Casino%20-%20Book%20of%20Dead&g=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%3Fmktid%3D1%3A320669908%3A91003245-37672%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26bid%3D37672%26campaignId%3D2750544%26pid%3D91003245&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%3Fmktid%3D1%3A320669908%3A91003245-37672%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26bid%3D37672%26campaignId%3D2750544%26pid%3D91003245&v1=welcome.unibet.nu%3A%3A%3Adesktop%3Anu%3Apop%3Acasino%3Abookofdead%3A2023%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.nu&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=4%3A45%20AM%7CSunday&v6=4%3A45%20AM%7CSunday&v11=GBP&c14=New&v14=New&c16=1673757917&v21=Not%20Logged-In&c73=unibet&v120=affiliate&v121=1%3A320669908%3A91003245-37672&v122=NONE&v124=2750544&v125=320669908_5CA6F3187CC844D8B5663D67A65B24C9&v126=91003245&v127=37672&v134=1673757916&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP 13.37.25.97:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s73439283649760?AQB=1&ndh=1&pf=1&t=15%2F0%2F2023%204%3A45%3A16%200%200&mid=22845669840082834181646789796805183175&aamlh=6&ce=UTF-8&pageName=LP%3A2019%20-%20Casino%20-%20Book%20of%20Dead&g=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%3Fmktid%3D1%3A320669908%3A91003245-37672%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26bid%3D37672%26campaignId%3D2750544%26pid%3D91003245&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%3Fmktid%3D1%3A320669908%3A91003245-37672%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26bid%3D37672%26campaignId%3D2750544%26pid%3D91003245&v1=welcome.unibet.nu%3A%3A%3Adesktop%3Anu%3Apop%3Acasino%3Abookofdead%3A2023%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.nu&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=4%3A45%20AM%7CSunday&v6=4%3A45%20AM%7CSunday&v11=GBP&c14=New&v14=New&c16=1673757917&v21=Not%20Logged-In&c73=unibet&v120=affiliate&v121=1%3A320669908%3A91003245-37672&v122=NONE&v124=2750544&v125=320669908_5CA6F3187CC844D8B5663D67A65B24C9&v126=91003245&v127=37672&v134=1673757916&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Sun, 15 Jan 2023 04:45:16 GMT
expires: Sat, 14 Jan 2023 04:45:16 GMT
last-modified: Mon, 16 Jan 2023 04:45:16 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3594367755551932416-4619678617129632050
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
unibet.demdex.net/dest5.html?d_nsid=0
52.30.252.118200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP 52.30.252.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sun, 15 Jan 2023 04:45:16 GMT
DCS: dcs-prod-irl1-2-v045-0eab94181.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:22:24 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 5YwYwmaLSUM=
transfer-encoding: chunked
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 9152c12195263780f8cb64bbab3de7f8
55732c1d8dfa8a065b63502d896fd80a58034c61
e8414210beab03da04796fa5c48284e5b8281235c1f3b81567d0de14976e793e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=124581
Date: Sun, 15 Jan 2023 04:45:16 GMT
Etag: "63c2b59b-1d7"
Expires: Mon, 16 Jan 2023 15:21:37 GMT
Last-Modified: Sat, 14 Jan 2023 14:00:59 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JY_FQbOrUm7VSIcpbrHBC5xnK477xlQeQbJi3C89loqM0kYb4BMr2w==
Age: 4838
cm.everesttech.net/cm/dd?d_uuid=22863205240189277451645044690853886812
54.229.62.148302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=22863205240189277451645044690853886812
IP 54.229.62.148:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=22863205240189277451645044690853886812 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Sun, 15 Jan 2023 04:45:16 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y8OE3AAAAImAgAN-; Domain=.everesttech.net; Expires=Mon, 15-Jan-2024 04:45:16 GMT; Path=/
everest_session_v2=Y8OE3AAAAImAgQN-; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y8OE3AAAAImAgAN-
Server: AMO-cookiemap/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y8OE3AAAAImAgAN-
54.195.228.119302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y8OE3AAAAImAgAN-
IP 54.195.228.119:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y8OE3AAAAImAgAN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-05e780d2b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y8OE3AAAAImAgAN-
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=26314115301540013232406365638282404306; Max-Age=15552000; Expires=Fri, 14 Jul 2023 04:45:16 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: +XNoo5aHSTI=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y8OE3AAAAImAgAN-
54.195.228.119200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y8OE3AAAAImAgAN-
IP 54.195.228.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y8OE3AAAAImAgAN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-0bb46f593.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 2v4uKnauTG4=
Content-Length: 59
Connection: keep-alive
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/gb-derby.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/gb-derby.svg
IP 104.18.24.188:0
GET /nu/pop/casino/bookofdead/2023/gb-derby.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:16 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Rg5ggSvQeRWtE4Tg0KHTXw==
last-modified: Wed, 21 Dec 2022 12:49:13 GMT
etag: W/"0x8DAE351C3098656"
x-ms-request-id: 2bf6461a-701e-0056-416b-15e3ed000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 282979
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5ff996a0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/icon-trust.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/icon-trust.svg
IP 104.18.24.188:0
GET /nu/pop/casino/bookofdead/2023/icon-trust.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:15 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Wed, 21 Dec 2022 12:49:13 GMT
etag: W/"0x8DAE351C33B3D6B"
x-ms-request-id: 92037f3b-801e-0030-2fe9-17accd000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 564792
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5fd58c30b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/gb-when-the-fun-stops.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/gb-when-the-fun-stops.svg
IP 104.18.24.188:0
GET /nu/pop/casino/bookofdead/2023/gb-when-the-fun-stops.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:15 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: aKFt6UnI1NUrF+upCSAbIA==
last-modified: Wed, 21 Dec 2022 12:49:11 GMT
etag: W/"0x8DAE351C2138A7D"
x-ms-request-id: 453931fb-001e-002e-4ae9-174015000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 564792
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5fd68ca0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/favicon.ico
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/favicon.ico
IP 104.18.24.188:0
GET /nu/pop/casino/bookofdead/2023/favicon.ico HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:16 GMT
content-type: image/x-icon
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Wed, 21 Dec 2022 12:49:09 GMT
etag: W/"0x8DAE351C0D286E3"
x-ms-request-id: cd71020f-e01e-0044-77e9-17983d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 564778
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5ff595b0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/widget/betslip/betslip.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/widget/betslip/betslip.js
IP 104.18.24.188:0
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:15 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 9491108d-c01e-000e-6d20-ff3bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 325803
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5fe29020b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/1-main.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/1-main.js
IP 104.18.24.188:0
GET /nu/pop/casino/bookofdead/2023/1-main.js HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:15 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: sG6NdEOwHxesoMipEBfQ1Q==
last-modified: Wed, 21 Dec 2022 12:49:09 GMT
etag: W/"0x8DAE351C0EDD315"
x-ms-request-id: f65428b6-601e-0065-02e9-17bc46000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 564805
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5fd48bd0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/darts-european.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/darts-european.svg
IP 104.18.24.188:0
GET /nu/pop/casino/bookofdead/2023/darts-european.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:16 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: zoYCq/GGL4hzx6fLGfy4TA==
last-modified: Wed, 21 Dec 2022 12:49:09 GMT
etag: W/"0x8DAE351C0DB5F35"
x-ms-request-id: 2d2dcec5-101e-0022-33dd-16d71d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 564799
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5ffa96d0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.133.15:0
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:15 GMT
content-type: text/css
x-amz-id-2: XztB0KDVeffD+P52HuuSabTuRwCIblaxKZjc/Bel4Ltq6PJi6SwRcVJmWejvLKxwNxgdDz6vMBw=
x-amz-request-id: MX14F2QTHGART04X
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1343522
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anllVrZTWHKwYJZs5VmsY9HSQaHck2mE4B6Z9zPuOuRE5%2BYE9iC6FBtq162Ld8fJ701BLtU5Fr6eWa6HyDOf3rB8cyR2xThL%2FMgSDDpt148Yd73mOAOvu%2B7yG1Zzr8bZ%2BH4b0%2BFQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 789bf5fdb94d7719-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lopaset.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 04:45:14 GMT
content-type: application/javascript
last-modified: Wed, 21 Dec 2022 12:58:18 GMT
etag: W/"63a302ea-1c7e8"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
IP 104.18.24.188:0
GET /nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245 HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:15 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: GNyxnhDIawKMkSTrWvHPHw==
last-modified: Wed, 21 Dec 2022 12:49:09 GMT
x-ms-request-id: 34ad54f4-601e-004a-3a9c-28b18d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
set-cookie: btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9;max-age=2592000; domain=.unibet.nu;path=/;secure;samesite=none;httponly
server: cloudflare
cf-ray: 789bf5fb781b0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/utv-logo.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/utv-logo.svg
IP 104.18.24.188:0
GET /nu/pop/casino/bookofdead/2023/utv-logo.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:15 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Wed, 21 Dec 2022 12:49:09 GMT
etag: W/"0x8DAE351C132C13F"
x-ms-request-id: fb37afd4-201e-005b-1ce9-172b39000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 564792
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5fd58c00b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/darts-premier-league.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/darts-premier-league.svg
IP 104.18.24.188:0
GET /nu/pop/casino/bookofdead/2023/darts-premier-league.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:16 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: tUWryfanLH11PuSSk/UuDw==
last-modified: Wed, 21 Dec 2022 12:49:09 GMT
etag: W/"0x8DAE351C1024279"
x-ms-request-id: 7f0ce38c-d01e-0012-7edd-1669d2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 136551
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5ff996b0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/mga-logo.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/mga-logo.svg
IP 104.18.24.188:0
GET /nu/pop/casino/bookofdead/2023/mga-logo.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:16 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Wed, 21 Dec 2022 12:49:11 GMT
etag: W/"0x8DAE351C229F567"
x-ms-request-id: eb7d8f61-601e-0007-646b-157e61000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 282979
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5ffa96f0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/no-payments.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/no-payments.svg
IP 104.18.24.188:0
GET /nu/pop/casino/bookofdead/2023/no-payments.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:320669908:91003245-37672&btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9&bid=37672&campaignId=2750544&pid=91003245
Cookie: __ucbt=node01aoherwemex9w1tnvfavbdceb; uniattr=ST.0.T; uniattr_ref=; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669908_5CA6F3187CC844D8B5663D67A65B24C9; BID=37672; PID=91003245; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669908_5CA6F3187CC844D8B5663D67A65B24C9%26sref%3DGIG%26GIG%3DNO_MOBILE_CASINO%26affiliateId%3D1%26pid%3D91003245%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; btag=320669908_5CA6F3187CC844D8B5663D67A65B24C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 04:45:16 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Wed, 21 Dec 2022 12:49:11 GMT
etag: W/"0x8DAE351C1EDDF8B"
x-ms-request-id: fbe5a90b-601e-0028-056b-1573aa000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 282977
vary: Accept-Encoding
server: cloudflare
cf-ray: 789bf5ffa96e0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2