rouonixon.com/4/5181803/
139.45.197.238200 OK 2.9 kB IP 139.45.197.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5402)
Hash 5a55a0e6f8641a74799ae45c00d1fc0a
0f7c8eef0a959f2f7bc032bed9f115b386699eb3
e2f1f03753cbfd7576a61d6c6dccc4dd48b40f2312b79a103d3f8653399a507e
Analyzer Verdict Alert fortinet Malware
GET /4/5181803/ HTTP/1.1
Host: rouonixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 23:27:42 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: e0108356c592e52e88f9555d36d0fece
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=55efc9df804a454d867feeb9ff388c5f; expires=Mon, 18 Sep 2023 23:27:42 GMT; path=/
oaidts=1663543662; expires=Mon, 18 Sep 2023 23:27:42 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 22:46:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QCFHeN8KsKuyDoKkruzW13sV3JL_2vmjduXNm8W07sx5rduPrK41qg==
Age: 2474
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3207
Expires: Mon, 19 Sep 2022 00:21:09 GMT
Date: Sun, 18 Sep 2022 23:27:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dVgqUR7S-aMUHrU-RubbWX_5y7hpFryA8tncLn0CY2rRqYkTbU4a1g==
age: 67949
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 23:27:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
rouonixon.com/favicon.ico
139.45.197.238204 No Content 0 B URL HTTP/1.1 rouonixon.com/favicon.ico
IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: rouonixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rouonixon.com/4/5181803/
Cookie: OAID=55efc9df804a454d867feeb9ff388c5f; oaidts=1663543662
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 18 Sep 2022 23:27:42 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c5f23f94270a39081bb9d749a97d5704
97e18938c56b7d7c43bddac19abc7dbd2eccc952
dfefc859840a50bfc0eaa8e38dadae38a65514f0060af98cad8c1ab0892b1330
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 23:27:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 18:25:20 GMT
Expires: Thu, 22 Sep 2022 18:25:19 GMT
Etag: "97e18938c56b7d7c43bddac19abc7dbd2eccc952"
Cache-Control: max-age=326856,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cdda947f92fac8-OSL
my.rtmark.net/img.gif?f=merge&userId=55efc9df804a454d867feeb9ff388c5f
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=55efc9df804a454d867feeb9ff388c5f
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=55efc9df804a454d867feeb9ff388c5f HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rouonixon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 23:27:43 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=55efc9df804a454d867feeb9ff388c5f; expires=Mon, 18 Sep 2023 23:27:43 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
rouonixon.com/?z=5181803&syncedCookie=true&rhd=false
139.45.197.238302 Found 0 B URL HTTP/1.1 rouonixon.com/?z=5181803&syncedCookie=true&rhd=false
IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?z=5181803&syncedCookie=true&rhd=false HTTP/1.1
Host: rouonixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 425
Origin: http://rouonixon.com
Connection: keep-alive
Referer: http://rouonixon.com/afu.php?zoneid=5181803&var=5181803&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false
Cookie: OAID=55efc9df804a454d867feeb9ff388c5f; oaidts=1663543662
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 18 Sep 2022 23:27:43 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: 7312dfd62aa09b70ff9dca4854c45b8d
Link: <https://toapodazoay.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://toapodazoay.com/?l=qCqekRDLtEBTXwP&s=595507883236668142&z=5181803&g=NO&svar=1663543663&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1663543663&ssk=c133b6b57b0ab3aa808c7e364238981e&svarok=1&b=79056&oaid=55efc9df804a454d867feeb9ff388c5f&rdk=rk3
Access-Control-Allow-Origin: http://rouonixon.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=55efc9df804a454d867feeb9ff388c5f; expires=Mon, 18 Sep 2023 23:27:43 GMT; path=/
oaidts=1663543662; expires=Mon, 18 Sep 2023 23:27:43 GMT; path=/
syncedCookie=true; expires=Sun, 25 Sep 2022 23:27:43 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 18 Sep 2022 23:03:22 GMT
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 23:19:01 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xRVL6kFl77-u121nuj-PEpwS-NWGlypeYnQ0PGqSHtlXNFgoobtRnA==
Age: 1461
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e8a7f2979f274fcfc3adab3b6fc5bdbf
876c3c83b8cee59b2bb3d833df010924b6736bde
132ce27dddd9914dd993d849bb9d7fbdaaa442ce414ed9eab5afd9894b710831
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "132CE27DDDD9914DD993D849BB9D7FBDAAA442CE414ED9EAB5AFD9894B710831"
Last-Modified: Fri, 16 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=228
Expires: Sun, 18 Sep 2022 23:31:31 GMT
Date: Sun, 18 Sep 2022 23:27:43 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1822
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 23:27:43 GMT
Last-Modified: Sun, 18 Sep 2022 22:57:21 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da1b7eec55c9145546157b147e94fa3b
45cccd3749b201c3c9cc1ce679654c6c399a99ff
863bd39c4b1ae719c32e5e743b160fd27dad8150b88d1746141e68d528dd3015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "863BD39C4B1AE719C32E5E743B160FD27DAD8150B88D1746141E68D528DD3015"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8488
Expires: Mon, 19 Sep 2022 01:49:11 GMT
Date: Sun, 18 Sep 2022 23:27:43 GMT
Connection: keep-alive
toapodazoay.com/?l=qCqekRDLtEBTXwP&s=595507883236668142&z=5181803&g=NO&svar=1663543663&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1663543663&ssk=c133b6b57b0ab3aa808c7e364238981e&svarok=1&b=79056&oaid=55efc9df804a454d867feeb9ff388c5f&rdk=rk3&mprtr=1
139.45.197.153200 OK 525 B URL HTTP/2 toapodazoay.com/?l=qCqekRDLtEBTXwP&s=595507883236668142&z=5181803&g=NO&svar=1663543663&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1663543663&ssk=c133b6b57b0ab3aa808c7e364238981e&svarok=1&b=79056&oaid=55efc9df804a454d867feeb9ff388c5f&rdk=rk3&mprtr=1
IP 139.45.197.153:0
Hash 2597afed1d6d12157c9801966b91ee38
2e66be281f9c0bce4bcab142cc0f2190fec2eaff
1b089ad520c391e6c1900f44077d57fc15715ac5a99b062bc14a8e23e1dcd2da
POST /?l=qCqekRDLtEBTXwP&s=595507883236668142&z=5181803&g=NO&svar=1663543663&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1663543663&ssk=c133b6b57b0ab3aa808c7e364238981e&svarok=1&b=79056&oaid=55efc9df804a454d867feeb9ff388c5f&rdk=rk3&mprtr=1 HTTP/1.1
Host: toapodazoay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://toapodazoay.com
Connection: keep-alive
Referer: https://toapodazoay.com/?rzi=5181803&rsz=5181803&rid=
Cookie: reverse=6Zr7qVcdfH2TLgUbiqu89SK9JTR4IQ-1TZmi0zNgHcg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 23:27:43 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.25
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/vctx?t=56193
139.45.197.236200 OK 72 B URL HTTP/2 unphionetor.com/vctx?t=56193
IP 139.45.197.236:0
File type JSON data\012- , ASCII text
Hash 5798488ef4482e84833d389cbc20cdca
e5ae0f7cfb1ae904d037696a6c6077242e217f6c
0debc20344f95af66fb7a66cbb7f2b885b4aa597471cfd164af697385a76b4d3
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=56193 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://toapodazoay.com
Connection: keep-alive
Referer: https://toapodazoay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 23:27:43 GMT
content-type: text/plain; charset=utf-8
content-length: 72
access-control-allow-origin: https://toapodazoay.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: dca5ea548402ff8981b4c29fe7f30303
set-cookie: PRIT[56193]=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
unphionetor.com/fv.js?t=56193&cb=619266319
139.45.197.236200 OK 2.2 kB URL HTTP/2 unphionetor.com/fv.js?t=56193&cb=619266319
IP 139.45.197.236:0
File type ASCII text, with very long lines (5213), with no line terminators
Hash 0254fb1dad74628b7ad0f97d304fac92
35f7af13a08eb87023ec7df4d3c35c21b2cde79d
47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=56193&cb=619266319 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toapodazoay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 23:27:43 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 46bd9594865765123b1630f7090f6960
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=56193&bid=79056&aid=595507883236668142
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=56193&bid=79056&aid=595507883236668142
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=56193&bid=79056&aid=595507883236668142 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://toapodazoay.com
Connection: keep-alive
Referer: https://toapodazoay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 18 Sep 2022 23:27:43 GMT
access-control-allow-origin: https://toapodazoay.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: d8b250e5f10d980dd82da528e28229df
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.42.74.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.74.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8dbIov5mh7YobzLHcDLumA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CLPj29TcN5Qdf2qLynt9y2WjSvo=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10530
Expires: Mon, 19 Sep 2022 02:23:14 GMT
Date: Sun, 18 Sep 2022 23:27:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10530
Expires: Mon, 19 Sep 2022 02:23:14 GMT
Date: Sun, 18 Sep 2022 23:27:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10530
Expires: Mon, 19 Sep 2022 02:23:14 GMT
Date: Sun, 18 Sep 2022 23:27:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10530
Expires: Mon, 19 Sep 2022 02:23:14 GMT
Date: Sun, 18 Sep 2022 23:27:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10530
Expires: Mon, 19 Sep 2022 02:23:14 GMT
Date: Sun, 18 Sep 2022 23:27:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F438ffa79-f423-4d90-8f37-4026c4546d1b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F438ffa79-f423-4d90-8f37-4026c4546d1b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 04257e82bf07e6a862ce2d4bbdfc068f
7a462e8d05cd56531957436470a1814d982e282b
bbc0f0dd6244934098a0e8bfa34b8e07e8a424e309030c2f07d9e441b6f481ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F438ffa79-f423-4d90-8f37-4026c4546d1b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 710bed7d-62c4-4b48-b16c-c94f1a15c1ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpLIkHlZoAMF2Ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326bf03-375d74b4344cb7db4036e2b2;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 06:47:31 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: AD7jWfvJngdXmqOJlo6HiLCUEZG_mgVFVaos0hwSPYpLVsGFBik37Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 11:10:34 GMT
age: 44230
etag: "7a462e8d05cd56531957436470a1814d982e282b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1976af26c5d4a671c8298bffafc90ce3
9b17ad091f936a8dd50126ce9ad5f9a7fd7d55f8
2349b9e1233d43cf8d0ff273f8bf6147dda00314fd631a81cb278ce0b8e32684
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12545
x-amzn-requestid: 6720348a-0245-486b-a978-2df18eb4bd43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7YKHayIAMFo1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6325729a-2601f775219651777cba839c;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:09:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NdQpOGtyA7AxpmkvFf3K3IrkgSku9QQzQ4BvpoRfTv16Kj1Gr6n7oA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:07:31 GMT
age: 58813
etag: "9b17ad091f936a8dd50126ce9ad5f9a7fd7d55f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65ee14de38a7fcd768ede2f1915c74e4
85119aaf7195d59efc55e36d026bd026060195aa
62569b46e8af692f1d95d707ffdca24075ff6c68e68e13159ab7798b30a7755b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11712
x-amzn-requestid: d4547112-6faa-472e-ade1-bbbda9c3bea4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOSTFiXIAMFiLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790db-151bae0c351a94a40c48bfbc;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uRrPwbwQ6oBOYhMmxs6YquvIEBKaAC51d98J_5MWYkh-Q8Qg1LVdiw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:52:21 GMT
age: 5723
etag: "85119aaf7195d59efc55e36d026bd026060195aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa0051cf-bacd-445a-a6c3-6e5be807c94d.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa0051cf-bacd-445a-a6c3-6e5be807c94d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a29b48f8601db6bee0408f77ef7e1810
35417f27e4529b172aff7581d25ef8de26158a6c
37f2b7accb42719f1f2c25d371691aaed05160bbb40d4941da2650adc12be316
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa0051cf-bacd-445a-a6c3-6e5be807c94d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9773
x-amzn-requestid: a66002a7-8621-4e8c-ba24-ca935485c6ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeBrlH7vIAMFz8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322497d-05c3244840ad5aba14217936;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 21:37:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Pb3pzSP2mQJVW2ff5ErXKB-jzLuYDSjENRCbzId9adJXEKIrRRihpw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:29 GMT
age: 5655
etag: "35417f27e4529b172aff7581d25ef8de26158a6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a5d9ce-7d6b-4006-832c-dda7f7999129.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a5d9ce-7d6b-4006-832c-dda7f7999129.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f99c08fdd1a74ec569e02207b9919df8
3f24ca8e9c96f3c9ca2e95946f1f67d242c7e5df
7b5f48166db186dcf19987f5f91cb03cbd069ec74de8ea42059626019b00fc14
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a5d9ce-7d6b-4006-832c-dda7f7999129.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9371
x-amzn-requestid: dd94b1a0-f6a1-4e41-8b97-9c9904b6f6b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRFF6rIAMFY2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf39-289c5acb4e5bcb715b689f55;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ru8zmqf8FBNIJatpnkFCgjq49arUFR2o8pqE50dzLOXsgsyaf5oMKg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 14:26:40 GMT
age: 32464
etag: "3f24ca8e9c96f3c9ca2e95946f1f67d242c7e5df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45d6cb12-076a-432f-9153-165d4ddfa7b8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45d6cb12-076a-432f-9153-165d4ddfa7b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f2b49224f40b4ea819e0c66fc155eec
d37b9b044bdb469678433766470ed36a2384817f
b94b1d4e0df0bac9b4a2b5c86bee900248614756fb24e2b7b182a871b425b2ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45d6cb12-076a-432f-9153-165d4ddfa7b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11345
x-amzn-requestid: 975904ee-c5b8-47bc-a65b-143c46de6d57
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yin9EESuIAMF_gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63242053-7498357c7466b7266ccc671f;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:05:55 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: w7WVhLaU-EYkoQLOi-G4WhN-VlbwgBL-k_bbdKIxMl7mBzBvL_R1pQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:21:41 GMT
age: 57963
etag: "d37b9b044bdb469678433766470ed36a2384817f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
go.ad2upapp.com/afu.php?id=792658&rt=1
139.45.197.237302 Moved Temporarily 138 B URL HTTP/1.1 go.ad2upapp.com/afu.php?id=792658&rt=1
IP 139.45.197.237:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /afu.php?id=792658&rt=1 HTTP/1.1
Host: go.ad2upapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sun, 18 Sep 2022 23:27:44 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: http://go.deliverymodo.com/afu.php?id=792658&rt=1
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
go.deliverymodo.com/afu.php?id=792658&rt=1
139.45.197.236200 OK 638 B URL HTTP/1.1 go.deliverymodo.com/afu.php?id=792658&rt=1
IP 139.45.197.236:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 980c867b087bfc48871454c52f6a8230
4db67d456d2d3317fac0b73a494acaf8fa71275e
a2434dbac54bc44effebebf24bbd910052ba4cc7b0ad599e2e3fff4310dea8f9
GET /afu.php?id=792658&rt=1 HTTP/1.1
Host: go.deliverymodo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 23:27:45 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: bdf73c101ec79b1c71901592aba2be13
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://www.highperformancegate.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=e3874ef1c94049b28db5659e9f2d7dcb; expires=Mon, 18 Sep 2023 23:27:45 GMT; path=/
oaidts=1663543665; expires=Mon, 18 Sep 2023 23:27:45 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
unphionetor.com/vb?t=56193&bid=79056&aid=595507883236668142&tp=1993
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vb?t=56193&bid=79056&aid=595507883236668142&tp=1993
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vb?t=56193&bid=79056&aid=595507883236668142&tp=1993 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://toapodazoay.com
Connection: keep-alive
Referer: https://toapodazoay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 18 Sep 2022 23:27:45 GMT
access-control-allow-origin: https://toapodazoay.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 7d50aa4821dedeb226bb66d037257f34
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
go.deliverymodo.com/favicon.ico
139.45.197.236204 No Content 0 B URL HTTP/1.1 go.deliverymodo.com/favicon.ico
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: go.deliverymodo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=e3874ef1c94049b28db5659e9f2d7dcb; oaidts=1663543665
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 18 Sep 2022 23:27:45 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c5f23f94270a39081bb9d749a97d5704
97e18938c56b7d7c43bddac19abc7dbd2eccc952
dfefc859840a50bfc0eaa8e38dadae38a65514f0060af98cad8c1ab0892b1330
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 23:27:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 18:25:20 GMT
Expires: Thu, 22 Sep 2022 18:25:19 GMT
Etag: "97e18938c56b7d7c43bddac19abc7dbd2eccc952"
Cache-Control: max-age=326853,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cddaa3ab45fac8-OSL
my.rtmark.net/img.gif?f=merge&userId=e3874ef1c94049b28db5659e9f2d7dcb
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=e3874ef1c94049b28db5659e9f2d7dcb
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=e3874ef1c94049b28db5659e9f2d7dcb HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 23:27:45 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=e3874ef1c94049b28db5659e9f2d7dcb; expires=Mon, 18 Sep 2023 23:27:45 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 78d8702ea6e91fdebc5ba0cb44977b81
66820c8ee5e39c6f003b321226d420096e8fc390
49b8654d83e8fd47f833d5ad804743735f7c09905bc4159cfaeb73ad60b9c2ab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49B8654D83E8FD47F833D5AD804743735F7C09905BC4159CFAEB73AD60B9C2AB"
Last-Modified: Fri, 16 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11176
Expires: Mon, 19 Sep 2022 02:34:01 GMT
Date: Sun, 18 Sep 2022 23:27:45 GMT
Connection: keep-alive
www.highperformancegate.com/cam2dwqai?key=9b44cd6350a69fb630694c066f2c6a98&psid=792658&rdk=rk1
192.243.61.227200 OK 2.4 kB URL HTTP/1.1 www.highperformancegate.com/cam2dwqai?key=9b44cd6350a69fb630694c066f2c6a98&psid=792658&rdk=rk1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (315)
Hash 5a238e417270625b5f3780faf968b688
109399c237d7556527d03a70ea2883403c2e8197
db4b5a96b8213929d2cd5eb4fe1c3b093697415908636650f0ba217fb820eb2e
Analyzer Verdict Alert quad9 Sinkholed
GET /cam2dwqai?key=9b44cd6350a69fb630694c066f2c6a98&psid=792658&rdk=rk1 HTTP/1.1
Host: www.highperformancegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 18 Sep 2022 23:27:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17381785; expires=Mon, 19 Sep 2022 23:27:45 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzM4MTc4NSwiayI6IjliNDRjZDYzNTBhNjlmYjYzMDY5NGMwNjZmMmM2YTk4Iiwic2lkIjoiNzkyNjU4IiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjYwMDE2LCJwaWQiOjI3NzQxNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMywiYWlkIjoyOCwicHQiOjQsInBrIjoiY2FtMmR3cWFpIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIifX0.4Fe1fO5laIg1jCiL4ENBsYzlH4qET8nVymE6vzr31SY; expires=Sun, 18 Sep 2022 23:28:45 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 25487643f8e6759f8f1cb79f621e134d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.highperformancegate.com/cam2dwqai?pst=1663543725&rmtc=t&uuid=&pii=&in=false&key=9b44cd6350a69fb630694c066f2c6a98&rdk=rk1&shu=6196555eb08c78b5e29765ddfe7fb06e558e7b3b5f23d74a01d8c416e991a7f337b2a2937d3d3d7e150dbb800038d1e71c76a5200f1fe8b84a2e5a345937fb95d6c7285a656c52497106426557f1792b767074&fr=0&sw2=1280&sh2=939&sw3=1280&sh3=176&sw4=1280&sh4=939&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1002
192.243.61.227302 Found 0 B URL HTTP/1.1 www.highperformancegate.com/cam2dwqai?pst=1663543725&rmtc=t&uuid=&pii=&in=false&key=9b44cd6350a69fb630694c066f2c6a98&rdk=rk1&shu=6196555eb08c78b5e29765ddfe7fb06e558e7b3b5f23d74a01d8c416e991a7f337b2a2937d3d3d7e150dbb800038d1e71c76a5200f1fe8b84a2e5a345937fb95d6c7285a656c52497106426557f1792b767074&fr=0&sw2=1280&sh2=939&sw3=1280&sh3=176&sw4=1280&sh4=939&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1002
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /cam2dwqai?pst=1663543725&rmtc=t&uuid=&pii=&in=false&key=9b44cd6350a69fb630694c066f2c6a98&rdk=rk1&shu=6196555eb08c78b5e29765ddfe7fb06e558e7b3b5f23d74a01d8c416e991a7f337b2a2937d3d3d7e150dbb800038d1e71c76a5200f1fe8b84a2e5a345937fb95d6c7285a656c52497106426557f1792b767074&fr=0&sw2=1280&sh2=939&sw3=1280&sh3=176&sw4=1280&sh4=939&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1002 HTTP/1.1
Host: www.highperformancegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.highperformancegate.com/cam2dwqai?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=17381785
Cookie: u_pl=17381785; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzM4MTc4NSwiayI6IjliNDRjZDYzNTBhNjlmYjYzMDY5NGMwNjZmMmM2YTk4Iiwic2lkIjoiNzkyNjU4IiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjYwMDE2LCJwaWQiOjI3NzQxNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMywiYWlkIjoyOCwicHQiOjQsInBrIjoiY2FtMmR3cWFpIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIifX0.4Fe1fO5laIg1jCiL4ENBsYzlH4qET8nVymE6vzr31SY; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Sun, 18 Sep 2022 23:27:46 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17381785
Set-Cookie: pdhtkv=true; expires=Mon, 19 Sep 2022 23:27:46 GMT
uncs=1; expires=Mon, 19 Sep 2022 23:27:46 GMT
pdhtkv28=true; expires=Mon, 19 Sep 2022 23:27:46 GMT
uncs28=1; expires=Mon, 19 Sep 2022 23:27:46 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ca436a7333995b3a13ab189a72f2c63d
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17381785
23.36.79.11301 Moved Permanently 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17381785
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17381785 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highperformancegate.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.1.T; uniattr_ref="https://propersuitcase.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA8642D60A324F1BBB280AFB43DD4F60; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fpropersuitcase.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA8642D60A324F1BBB280AFB43DD4F60%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 0
location: https://no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_0470D36518044518873B7088766C5CE2&sref=ADST&ADST=17381785&affiliateId=1&pid=86190940&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sun, 18 Sep 2022 23:27:46 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 18 Sep 2022 23:27:46 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228121008729%7c1%22%7d%5d; domain=.unibet.com; expires=Tue, 18-Sep-3021 23:27:46 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=19, origin; dur=37
X-Firefox-Spdy: h2
no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_0470D36518044518873B7088766C5CE2&sref=ADST&ADST=17381785&affiliateId=1&pid=86190940&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_0470D36518044518873B7088766C5CE2&sref=ADST&ADST=17381785&affiliateId=1&pid=86190940&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_0470D36518044518873B7088766C5CE2&sref=ADST&ADST=17381785&affiliateId=1&pid=86190940&bid=37950 HTTP/1.1
Host: no.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highperformancegate.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.1.T; uniattr_ref="https://propersuitcase.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA8642D60A324F1BBB280AFB43DD4F60; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fpropersuitcase.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA8642D60A324F1BBB280AFB43DD4F60%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 18 Sep 2022 23:27:46 GMT
content-length: 0
location: https://no.unibet.com:443/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_0470D36518044518873B7088766C5CE2&sref=ADST&ADST=17381785&affiliateId=1&pid=86190940&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86190940-37950
set-cookie: JSESSIONID=node0sh35tbuh5oucg9p4zkukyov23631917.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; Path=/; Domain=.unibet.com; Expires=Tue, 17-Sep-2024 23:27:46 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=BLP.0.T; Path=/; Domain=.unibet.com; Expires=Tue, 17-Sep-2024 23:27:46 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://www.highperformancegate.com/"; Path=/; Domain=.unibet.com; Expires=Tue, 17-Sep-2024 23:27:46 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=40519873; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Sun, 18-Sep-2022 23:28:01 GMT; Max-Age=15; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=40519873; Secure; SameSite=None
B-TAG=127656177_0470D36518044518873B7088766C5CE2; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=40519873; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=40519873; Secure; SameSite=None
PID=86190940; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=40519873; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=40519873; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=40519873; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=40519873; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Sun, 18-Sep-2022 23:28:01 GMT; Max-Age=15; Secure; SameSite=None
campaignId=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=40519873; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Sun, 18-Sep-2022 23:28:01 GMT; Max-Age=15; Secure; SameSite=None
clientId=polopoly_desktop; Domain=no.unibet.com; Path=/; SameSite=None; Secure
referer: https://www.highperformancegate.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Sun, 18 Sep 2022 23:27:46 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2
no.unibet.com/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_0470D36518044518873B7088766C5CE2&sref=ADST&ADST=17381785&affiliateId=1&pid=86190940&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86190940-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 no.unibet.com/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_0470D36518044518873B7088766C5CE2&sref=ADST&ADST=17381785&affiliateId=1&pid=86190940&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86190940-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_0470D36518044518873B7088766C5CE2&sref=ADST&ADST=17381785&affiliateId=1&pid=86190940&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86190940-37950 HTTP/1.1
Host: no.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highperformancegate.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 18 Sep 2022 23:27:46 GMT
content-length: 0
location: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_0470D36518044518873B7088766C5CE2&bid=37950&campaignId=2750545&pid=86190940
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Sun, 18 Sep 2022 23:27:46 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2
ocsp.securetrust.com/
23.36.79.25200 OK 638 B IP 23.36.79.25:0
ASN #20940 Akamai International B.V.
Hash b30923449dcddcc681777c2b81d87956
327b6bf5d9f54acd72e76e3bdaaf3cb6cc7b7b3b
743bafdfa3b9e84ac204d9434a84dac15456600faba5e138bbff374d16011c1e
POST / HTTP/1.1
Host: ocsp.securetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 638
Date: Sun, 18 Sep 2022 23:27:46 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 23:27:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_0470D36518044518873B7088766C5CE2&bid=37950&campaignId=2750545&pid=86190940
108.161.188.196200 OK 5.6 kB URL HTTP/2 welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_0470D36518044518873B7088766C5CE2&bid=37950&campaignId=2750545&pid=86190940
IP 108.161.188.196:0
Hash 0f699dae8b7dc621627973a73e6b0238
2b1b4bcd02a63271927f3d1e99273bc7f41ce4c3
dfe2ef252f3ee8f959c1db5e6e1263d649ba8e7b2174cd3ec23978321a728b0f
GET /no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_0470D36518044518873B7088766C5CE2&bid=37950&campaignId=2750545&pid=86190940 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highperformancegate.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:46 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: NGkNgKvE41ztpclvs1gdSA==
last-modified: Mon, 20 Jun 2022 12:15:00 GMT
etag: W/"0x8DA52B67FA63ED8"
x-ms-request-id: 1c49c649-701e-0079-57b5-cbee26000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
85.184.96.5200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228121008729%7c1%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:46 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.106200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Sep 2022 08:20:49 GMT
expires: Mon, 18 Sep 2023 08:20:49 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 54418
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/google-play-ro.svg
108.161.188.196200 OK 2.7 kB URL HTTP/2 welcome.unibet.com/no/pop/multisport/google-play-ro.svg
IP 108.161.188.196:0
Hash 33bac91406fa1b7e174ba8e675648e87
08f814f1f02f659fe6e1c2b8a0e558e04f2de864
36f30e9cc1e367e1a1e0216b64034a3f7b7a30331b677aada5ea954489772a25
GET /no/pop/multisport/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_0470D36518044518873B7088766C5CE2&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228121008729%7c1%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:46 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68307D6EA"
x-ms-request-id: 6ea66866-301e-0057-2ab5-cbbc31000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 142.250.74.10:0
Hash 451160a9400be7b323264c2de1cef0c3
e555ee1ecd4deba832d7230303fc0a7f6fe17779
b2adccf953e6872acc3db073b3712d54ac139000b4855db4c95649230061652e
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 Sep 2022 23:27:47 GMT
date: Sun, 18 Sep 2022 23:27:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/com-payments.svg
108.161.188.196200 OK 86 kB URL HTTP/2 welcome.unibet.com/no/pop/multisport/com-payments.svg
IP 108.161.188.196:0
Hash d2d56daafa5807d4690e9f93833edd7a
ed5a8cb994b8b8b0a71c62a899ecc73d2d853e86
49a7cd4378dea9b178ef4ad2c70959054c0dffdae143a9b76975da3f93f75b6e
GET /no/pop/multisport/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_0470D36518044518873B7088766C5CE2&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228121008729%7c1%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:46 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 20 Jun 2022 12:15:02 GMT
etag: W/"0x8DA52B680877D2F"
x-ms-request-id: ce2e976e-701e-0069-2eb5-cb2b4e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 23:27:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/no/pop/multisport/1-background-black.jpg
108.161.188.196200 OK 98 kB URL HTTP/2 welcome.unibet.com/no/pop/multisport/1-background-black.jpg
IP 108.161.188.196:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Hash 8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
GET /no/pop/multisport/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228121008729%7c1%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:47 GMT
content-type: image/jpeg
content-length: 98453
cache-control: public, max-age=900, immutable
content-md5: jm2a9e8brf6Slbj8lnk8KA==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: "0x8DA52B6801D0B27"
x-ms-request-id: 5d823ad2-a01e-0037-7eb5-cbc0ae000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
welcome.unibet.com/widget/betslip/betslip.js
108.161.188.196200 OK 15 kB URL HTTP/2 welcome.unibet.com/widget/betslip/betslip.js
IP 108.161.188.196:0
Hash 3440f5f64038ca105009e4806b95895f
1cd234d69477e039e50af1605cfc65213a14b9b4
1195b4b48094bb33dada56a4d9a955d7678891f25e8f312bcd552539f0e56fd8
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_0470D36518044518873B7088766C5CE2&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228121008729%7c1%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:47 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 475cfad8-701e-001b-80b5-cb2c01000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 1.3 kB URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash bcbc1b2d209b78f42fdd1c0d6f5daa21
06b3a5f9eee33f666d26e309c3c0f3b5b936ed51
feeb0e46f0479ad0159f08e72f212616b5225e8fce5198e59258e98d455d52f4
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228121008729%7c1%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:47 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:24 GMT
etag: W/"705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 23:27:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 359619
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
142.250.74.72200 OK 79 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP 142.250.74.72:0
File type ASCII text, with very long lines (62112)
Hash f99776e461ff8182099a10cb71e0730d
419a4d3d8ddede136605b7fed4378bd0cc7b9ecf
99e2911d554103e591832612fb4f0a8dfa81c59f45ac894dcd985c65643ae5af
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Sep 2022 23:27:47 GMT
expires: Sun, 18 Sep 2022 23:27:47 GMT
cache-control: private, max-age=900
last-modified: Sun, 18 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79423
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 02:02:22 GMT
expires: Sun, 17 Sep 2023 02:02:22 GMT
cache-control: public, max-age=31536000
age: 163525
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/utv-logo.svg
108.161.188.196200 OK 16 kB URL HTTP/2 welcome.unibet.com/no/pop/multisport/utv-logo.svg
IP 108.161.188.196:0
Hash 4342c855f5d0c74e296eecd5b1ce8c47
86d9244e475c530ec963338a009a03639517c53a
72a446a7bda68a36f111f052f9d4b29f679dc3e9b938a40f5015b464737a337d
GET /no/pop/multisport/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_0470D36518044518873B7088766C5CE2&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228121008729%7c1%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:46 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: W/"0x8DA52B680312C74"
x-ms-request-id: a7f53d33-f01e-0058-4fb5-cbca5d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 23:27:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/no/pop/multisport/icon-sports.svg
108.161.188.196200 OK 1.3 kB URL HTTP/2 welcome.unibet.com/no/pop/multisport/icon-sports.svg
IP 108.161.188.196:0
Hash 1c4228e1844f82066ce7c1e7f01e67c3
b188b8a761d30938749353fbf171e5d5fbd4b872
ddec5327ac0844ed0d6958d073f1f798812111e202202d2671b300922e1d755d
GET /no/pop/multisport/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_0470D36518044518873B7088766C5CE2&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228121008729%7c1%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:46 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B682395A83"
x-ms-request-id: 418d1f41-401e-002f-24b5-cb1fc9000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d358fbf3eab3236464be2100a4b40b69
0e4514fbd6f86c896e435d8c511d6c203ee5f067
1f2334946112961b1bd0cc48998a579262833146912270a2ebd58963ca418faa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2493
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 23:27:47 GMT
Last-Modified: Sun, 18 Sep 2022 22:46:14 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d358fbf3eab3236464be2100a4b40b69
0e4514fbd6f86c896e435d8c511d6c203ee5f067
1f2334946112961b1bd0cc48998a579262833146912270a2ebd58963ca418faa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2493
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 23:27:47 GMT
Last-Modified: Sun, 18 Sep 2022 22:46:14 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278
welcome.unibet.com/no/pop/multisport/favicon.ico
108.161.188.196200 OK 421 B URL HTTP/2 welcome.unibet.com/no/pop/multisport/favicon.ico
IP 108.161.188.196:0
File type PNG image data, 33 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash ad2d9f441c6692a806c7b427bb3e536d
4978e1ffc5b62c3e2231d22aeb8f7ac679764abe
95efe0e48a145adb6c6c385cecb0e2a7a3dd2e9a3f7a01ca0647e373602770ed
GET /no/pop/multisport/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_0470D36518044518873B7088766C5CE2&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228121008729%7c1%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; sessionPageNumber=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:47 GMT
content-type: image/x-icon
content-length: 421
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Mon, 20 Jun 2022 12:15:00 GMT
etag: "0x8DA52B67FC5A91F"
x-ms-request-id: d96d43ea-101e-000d-3fb4-cbdad6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js?462095
104.19.147.8200 OK 3.6 kB URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?462095
IP 104.19.147.8:0
File type ASCII text, with very long lines (9690), with no line terminators
Hash e99b6902692d6929149dfb505e539fda
c4892c51139ef3767bca8318eda5f65afa7f3c77
aeaf7c2f58caa9c3771b5f90458a43361ab4fe9d41e33d2a1ddc96fe63941153
GET /pages/scripts/0012/9242.js?462095 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:47 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.4.4
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=5675
last-modified: Sun, 18 Sep 2022 20:11:02 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 11805
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cddab12941b51d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/read_json.js
108.161.188.196200 OK 1.8 kB URL HTTP/2 welcome.unibet.com/no/pop/multisport/read_json.js
IP 108.161.188.196:0
File type HTML document, ASCII text
Hash 24da074e74306e5f9bfc34eb8ac8cde0
9159db49bd93840d1daf76c0cf4c558e48237f80
40e4b382fab9db293da2440c44cb2fef16cb7d2cd6bd4f7137b072b948d14804
GET /no/pop/multisport/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_0470D36518044518873B7088766C5CE2&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228121008729%7c1%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:46 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B6834CEC1B"
x-ms-request-id: 774baf00-301e-0068-59b5-cb7492000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
185.89.210.212200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 185.89.210.212:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 18 Sep 2022 23:27:47 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 22d26a04-f2b8-40ef-ae1c-468e5215d6ba
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2Iliq2$/x!]tbP6j2F-XstGt!@D_z$jY0?; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 17-Dec-2022 23:27:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
welcome.unibet.com/no/pop/multisport/gambling-commission.png
108.161.188.196301 Moved Permanently 178 B URL HTTP/2 welcome.unibet.com/no/pop/multisport/gambling-commission.png
IP 108.161.188.196:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /no/pop/multisport/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_0470D36518044518873B7088766C5CE2&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228121008729%7c1%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 18 Sep 2022 23:27:47 GMT
content-type: text/html
content-length: 178
location: https://www.unibet.com/
server: NetDNA-cache/2.2
x-cache: MISS
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 60013fa61e5e9036c549e689afd0fd67
0addee22675806e077baf31e495b8fa3865c407f
53477f38fe9a3d6236666e3bebcf8d18f978c0242148d23f5c9f56fd6dd9a194
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6250
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 23:27:47 GMT
Last-Modified: Sun, 18 Sep 2022 21:43:37 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&d_mid=31273554222252184290639570181140159880&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1663543648704
34.242.155.96200 OK 495 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&d_mid=31273554222252184290639570181140159880&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1663543648704
IP 34.242.155.96:0
File type JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Hash b99db6d9d0cc4626ba5fe4faa0947b2a
260175177dc69252758f2c9a9922967d7b8ca105
ac0dd4852ac04b1b8bd97b7abb7ae8d398a486113d935214a6fcef869f8a92ef
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&d_mid=31273554222252184290639570181140159880&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1663543648704 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v040-0f5f46c4e.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=70269785206385725851804286682218344021; Max-Age=15552000; Expires=Fri, 17 Mar 2023 23:27:47 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: 1o934sL1TY4=
Content-Length: 495
Connection: keep-alive
script.crazyegg.com/pages/versioned/common-scripts/2f6ad22e93ca0a50994ab7cdcb57f3ce.js
104.19.147.8200 OK 30 kB URL HTTP/2 script.crazyegg.com/pages/versioned/common-scripts/2f6ad22e93ca0a50994ab7cdcb57f3ce.js
IP 104.19.147.8:0
File type ASCII text, with very long lines (26535)
Hash 1f65bc4bbd6ed833ed7a7390184b379c
3fb62902e38cb7f88b14f278d6f170dcfab65e37
01d4c83582774ace9cbee5bf411010777536dc044440df0c2221f1ac59dff02d
GET /pages/versioned/common-scripts/2f6ad22e93ca0a50994ab7cdcb57f3ce.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:47 GMT
content-type: text/javascript
content-length: 30407
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Sun, 04 Sep 2022 15:37:41 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 280578
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cddab2ba52b51d-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8d27075ac4546cd71196883a4a1bff1d
3d9b077dba42860c8b8a0fb08c46b7f3228b90cd
a23945d8ad5b3ea2ba8ef2e00b0538e724c764c544b8ff1c954cfa785ab80224
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1339
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 23:27:47 GMT
Last-Modified: Sun, 18 Sep 2022 23:05:28 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8d27075ac4546cd71196883a4a1bff1d
3d9b077dba42860c8b8a0fb08c46b7f3228b90cd
a23945d8ad5b3ea2ba8ef2e00b0538e724c764c544b8ff1c954cfa785ab80224
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1469
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 23:27:47 GMT
Last-Modified: Sun, 18 Sep 2022 23:03:19 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8d27075ac4546cd71196883a4a1bff1d
3d9b077dba42860c8b8a0fb08c46b7f3228b90cd
a23945d8ad5b3ea2ba8ef2e00b0538e724c764c544b8ff1c954cfa785ab80224
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1339
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 23:27:47 GMT
Last-Modified: Sun, 18 Sep 2022 23:05:28 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
104.40.147.180200 OK 22 kB URL HTTP/2 bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP 104.40.147.180:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash aeeaafb31a77e7e284cadc4a008317f9
b253edaf401a2718d0c2780049a5cb713355a5d9
a64ad399301ff7be602408153684581a35ac42af4c459c0d5470fbc42e23e411
GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Sun, 18 Sep 2022 23:27:47 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=04ecefbf6049a7faec0d2b616eda72ea6b4384cbe5fde47b8f8ff88bc724fd20;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=04ecefbf6049a7faec0d2b616eda72ea6b4384cbe5fde47b8f8ff88bc724fd20;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 49fc6252b6f40d86ff19ef0d5791c057
c0c053673a3fefde729d71a6bf7e3903568c0817
fe77788ec31f90dc4943a906a8bdd24f63d1048d9999cb12d4aa13279c806ed0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3272
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 23:27:47 GMT
Last-Modified: Sun, 18 Sep 2022 22:33:15 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
104.16.172.188200 OK 1.9 kB URL HTTP/2 cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP 104.16.172.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6cc413149786c4a1f002286ae228b75b
1aee1239410d0d1b8a0adb1b1a6c4ff4f09f1de1
9cc9a2a5d1ff33527b1b99d22060fe18c881d9834d01c3b2c33b8fbbd545b9fb
GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:47 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 243
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cddab3382bb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
unibet.demdex.net/dest5.html?d_nsid=0
54.77.35.16200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP 54.77.35.16:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sun, 18 Sep 2022 23:27:47 GMT
DCS: dcs-prod-irl1-1-v040-0d2553446.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 14 Sep 2022 09:39:25 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: afF68hX2Tls=
Content-Length: 2791
Connection: keep-alive
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
104.16.172.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP 104.16.172.188:0
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:47 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 243
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cddab34830b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
toapodazoay.com/?l=qCqekRDLtEBTXwP&s=595507883236668142&z=5181803&g=NO&svar=1663543663&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1663543663&ssk=c133b6b57b0ab3aa808c7e364238981e&svarok=1&b=79056&oaid=55efc9df804a454d867feeb9ff388c5f&rdk=rk3
139.45.197.153200 OK 0 B URL HTTP/2 toapodazoay.com/?l=qCqekRDLtEBTXwP&s=595507883236668142&z=5181803&g=NO&svar=1663543663&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1663543663&ssk=c133b6b57b0ab3aa808c7e364238981e&svarok=1&b=79056&oaid=55efc9df804a454d867feeb9ff388c5f&rdk=rk3
IP 139.45.197.153:0
GET /?l=qCqekRDLtEBTXwP&s=595507883236668142&z=5181803&g=NO&svar=1663543663&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1663543663&ssk=c133b6b57b0ab3aa808c7e364238981e&svarok=1&b=79056&oaid=55efc9df804a454d867feeb9ff388c5f&rdk=rk3 HTTP/1.1
Host: toapodazoay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 23:27:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.27
set-cookie: reverse=6Zr7qVcdfH2TLgUbiqu89SK9JTR4IQ-1TZmi0zNgHcg; expires=Mon, 19-Sep-2022 00:27:43 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/1-styles.css
108.161.188.196200 OK 0 B URL HTTP/2 welcome.unibet.com/no/pop/multisport/1-styles.css
IP 108.161.188.196:0
GET /no/pop/multisport/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_0470D36518044518873B7088766C5CE2&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228121008729%7c1%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:46 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Mon, 20 Jun 2022 12:15:00 GMT
etag: W/"0x8DA52B67FB09D8F"
x-ms-request-id: 1a3a7e00-901e-005e-70b5-cbf9e2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/1-main.js
108.161.188.196200 OK 0 B URL HTTP/2 welcome.unibet.com/no/pop/multisport/1-main.js
IP 108.161.188.196:0
GET /no/pop/multisport/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_0470D36518044518873B7088766C5CE2&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228121008729%7c1%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:46 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68343779E"
x-ms-request-id: 77ee04d0-501e-0033-23b5-cb4da9000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/unibet-logo.svg
108.161.188.196200 OK 0 B URL HTTP/2 welcome.unibet.com/no/pop/multisport/unibet-logo.svg
IP 108.161.188.196:0
GET /no/pop/multisport/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_0470D36518044518873B7088766C5CE2&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228121008729%7c1%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:46 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: W/"0x8DA52B6805B919A"
x-ms-request-id: e10a930f-001e-0001-0ab5-cb4dde000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/app-store-ro.svg
108.161.188.196200 OK 0 B URL HTTP/2 welcome.unibet.com/no/pop/multisport/app-store-ro.svg
IP 108.161.188.196:0
GET /no/pop/multisport/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_0470D36518044518873B7088766C5CE2&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228121008729%7c1%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:46 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68300D310"
x-ms-request-id: e98e3494-b01e-0004-52b5-cb9f05000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.196.18200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.196.18:0
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:46 GMT
content-type: text/css
x-amz-id-2: Naym7hPmP6C6hux6VLJAAre0tbecqXaiQpMJaYu3vDn0x1vPpC32gtoDJkl7kXKmPPFbhKi1q5U=
x-amz-request-id: MZGFJRB14SZWS1MV
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28310667
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzASseeLA1M2eidNQoKGnjj%2FhfGCas%2FsYIK%2FJfI1m0nqiVbc6FIF%2FUAyoCkn3u2QWJ6GR6R%2B8VSUMmJ1a6ftKMkm6hsr3vNGhEdf0BlHYGzuyRzhoraJym%2BCXggW9B57ObdFFerO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74cddaae9bb60662-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/icon-expert.svg
108.161.188.196200 OK 0 B URL HTTP/2 welcome.unibet.com/no/pop/multisport/icon-expert.svg
IP 108.161.188.196:0
GET /no/pop/multisport/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_0470D36518044518873B7088766C5CE2&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228121008729%7c1%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:46 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B6820929CB"
x-ms-request-id: 7dc39cd3-e01e-0036-1db5-cb9f72000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/app-sports-icon.svg
108.161.188.196200 OK 0 B URL HTTP/2 welcome.unibet.com/no/pop/multisport/app-sports-icon.svg
IP 108.161.188.196:0
GET /no/pop/multisport/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_0470D36518044518873B7088766C5CE2&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228121008729%7c1%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:46 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B682FA1D49"
x-ms-request-id: 44a66627-101e-0022-3cb5-cbd71d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ptauxofi.net/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/3683319&var=qCqekRDLtEBTXwP&z=3683319
139.45.197.250200 OK 0 B URL HTTP/2 ptauxofi.net/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/3683319&var=qCqekRDLtEBTXwP&z=3683319
IP 139.45.197.250:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/micro.tag.min.js?sw=/sw-check-permissions/3683319&var=qCqekRDLtEBTXwP&z=3683319 HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toapodazoay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 23:27:43 GMT
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 10:36:49 GMT
etag: W/"632451c1-1a2de"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
108.161.188.196200 OK 0 B URL HTTP/2 welcome.unibet.com/custom.js
IP 108.161.188.196:0
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_0470D36518044518873B7088766C5CE2&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228121008729%7c1%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:46 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: 387666f6-e01e-0044-5e3a-cb983d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/icon-trust.svg
108.161.188.196200 OK 0 B URL HTTP/2 welcome.unibet.com/no/pop/multisport/icon-trust.svg
IP 108.161.188.196:0
GET /no/pop/multisport/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_0470D36518044518873B7088766C5CE2&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663527031666)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20229181850%22%7d%2c%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663543666437)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182327%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228121008729%7c1%22%7d%5d; __ucbt=node01fyrhlbgbv7hli4x7kvjhvwrk; uniattr=BLP.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_0470D36518044518873B7088766C5CE2; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19254%7CMCMID%7C31273554222252184290639570181140159880%7CMCAAMLH-1664131814%7C6%7CMCAAMB-1664131814%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663534214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19261%7CvVersion%7C4.4.0; _ce.s=v~a01170f7e1cfb6ec5eecc86c337749ad3a7a30f0~vpv~0~v11.rlc~1663527014841; framework.forceBigLandingArea=; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_0470D36518044518873B7088766C5CE2%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:27:46 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B68201D7DE"
x-ms-request-id: 9e507fc0-201e-0039-31b5-cbe91e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2