Report - naijaparrot.com/wp-content/uploads/2020/07/25/NaijaParrot-Nigerian-news-latest-breaking-today.png

Report Overview

Visited public
2023-11-30 02:57:58
Tags
URL
naijaparrot.com/wp-content/uploads/2020/07/25/NaijaParrot-Nigerian-news-latest-breaking-today.png
Finishing URL
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
IP / ASN
104.21.20.143
#13335 CLOUDFLARENET
Title
Unibet

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.variouscreativeformats.com	408415	2021-06-09	2021-06-13 08:53:26	2023-11-28 18:09:46	1.4 kB	35 kB	173.233.139.164
a1s.unibet.com	297625	1997-12-11	2017-01-30 01:44:42	2023-11-28 06:06:58	1.4 kB	2.5 kB	85.184.96.5
bannerflow-feed-builder.azurewebsites.net	659103	2012-01-24	2017-11-23 14:27:15	2023-11-29 08:42:39	606 B	5.5 kB	104.40.147.180
1.bp.blogspot.com	8403	2000-07-31	2012-05-21 15:44:19	2023-11-30 00:25:24	1.6 kB	28 kB	142.250.74.161
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-29 07:17:12	3.3 kB	97 kB	142.250.74.67
t.dtscout.com	11951	2013-11-01	2017-01-30 05:52:42	2023-11-28 21:32:26	563 B	615 B	141.101.120.11
conqueredallrightswell.com	unknown	2023-11-14	2023-11-16 20:49:45	2023-11-29 05:29:33	2.5 kB	4.4 kB	192.243.59.20
www.toprevenuegate.com	unknown	2023-10-20	2023-10-23 18:22:31	2023-11-28 19:08:31	2.4 kB	3.9 kB	192.243.59.12
violationphysics.click	unknown	2023-02-10	2023-02-11 18:32:06	2023-11-28 04:20:58	926 B	601 B	192.64.81.118
a1s-cdn.unibet.com	283505	1997-12-11	2014-04-23 17:07:51	2023-11-29 05:29:39	1.4 kB	1.7 kB	85.184.96.5
use.fontawesome.com	942	2012-10-18	2017-01-30 05:43:25	2023-11-29 05:12:45	1.0 kB	186 kB	172.64.140.13
cdn.bannerflow.com	23819	2008-06-03	2018-02-22 13:57:21	2023-11-29 05:29:39	1.5 kB	33 kB	104.16.64.126
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-11-29 07:23:07	871 B	278 kB	142.250.74.168
pl16411173.alternativecpmgate.com	unknown	unknown	No data	No data	464 B	16 kB	173.233.137.60
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-29 07:57:29	1.4 kB	27 kB	142.250.74.106
static.a-ads.com	34827	2012-07-07	2013-06-01 18:47:05	2023-11-29 18:09:04	2.4 kB	536 kB	144.76.38.164
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-11-19 18:48:38	458 B	2.2 kB	142.250.74.100
welcome.unibet.com	242429	1997-12-11	2017-01-30 06:39:28	2023-11-29 08:42:38	32 kB	422 kB	172.64.144.152
www.google.com.ng	27436	2009-05-13	2012-05-22 20:50:56	2023-11-03 02:12:19	446 B	639 B	142.250.74.35
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15 17:46:22	2023-11-27 20:32:59	933 B	7.6 kB	172.64.108.10
a.veinmaster.top	unknown	2023-11-23	2023-11-24 09:28:59	2023-11-28 19:09:54	1.9 kB	39 kB	104.21.3.144
naijaparrot.com	unknown	unknown	No data	No data	12 kB	134 kB	104.21.20.143
latestnigerianjobs.com	unknown	unknown	No data	No data	494 B	13 kB	104.21.4.132
pixel.wp.com	2545	1997-03-28	2017-01-30 06:31:40	2023-11-29 05:14:30	563 B	239 B	192.0.76.3
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-11-29 06:55:16	445 B	31 kB	216.58.207.234
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-11-29 05:57:13	1.8 kB	38 kB	142.250.74.3
ad.a-ads.com	26970	2012-07-07	2013-04-19 23:54:57	2023-11-30 03:29:10	1.1 kB	300 kB	144.76.38.164
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2023-11-29 19:28:10	904 B	30 kB	45.133.44.10
vvfal.veinmaster.top	unknown	2023-11-23	2023-11-26 13:21:34	2023-11-30 01:15:05	2.0 kB	38 kB	104.21.3.144
ardentlyexposureflushed.com	unknown	unknown	No data	No data	4.1 kB	6.7 kB	192.243.59.12
admissiblecontradictthrone.com	unknown	unknown	No data	No data	2.6 kB	4.2 kB	173.233.137.44
vvfal.rigelbetelgeuse.top	unknown	2023-05-11	2023-05-11 14:25:20	2023-11-28 09:13:44	608 B	1.0 kB	172.67.205.133
adserving.unibet.com	98000	1997-12-11	2015-05-26 08:56:53	2023-11-29 19:40:49	589 B	1.4 kB	13.107.213.53
www.unibet.com	318338	1997-12-11	2014-04-29 03:07:51	2023-11-28 06:06:57	7.0 kB	82 kB	85.184.96.28

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-30 02:57:49	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-30	medium	ardentlyexposureflushed.com	Sinkholed
2023-11-30	medium	ardentlyexposureflushed.com	Sinkholed
2023-11-30	medium	ardentlyexposureflushed.com	Sinkholed
2023-11-29	medium	conqueredallrightswell.com	Sinkholed
2023-11-29	medium	conqueredallrightswell.com	Sinkholed
2023-11-29	medium	toprevenuegate.com	Sinkholed
2023-11-29	medium	toprevenuegate.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (27)

	URL	From	Size	First Seen	Last Seen
	unknown	ScriptElement	462 B	2023-11-06	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-06 12:29 Last Seen2024-08-20 20:41 Times Seen4510 Hash 0e8641478391e5943136bbd9dcf81687 43802b92092208cbe4b2c893a6cf8a66970a90ba f2492cbdb92a0b0870b3ae997b0343f648e0489b2877e12fbd4302cf29453436 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 216.58.207.234 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 21:26 Times Seen57576 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js	ScriptElement	5.4 kB	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js IP 172.64.144.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5792 Hash ac64b59c98bbe50cf69b6c98fa39585c 0a5cc9fb43b8a208481baaf752dbd504078a764b 28ac02c7302149814ed1c1b8a31b96e1ea94247c3b64888a598f66955d28312c Loading...

	a1s.unibet.com/orval/tracking/lastclick.min.js	ScriptElement	1.8 kB	2023-03-07	2025-02-02
Pretty URL a1s.unibet.com/orval/tracking/lastclick.min.js IP 85.184.96.5 ASN #47171 Unibet Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-02-02 17:17 Times Seen4745 Hash 8027969a31091dd0d3a7813f95ee7e10 591677c488b8b98532778e11adc9348253a014a4 5166be250f7de7d316b5fb9778843cc3268ce3e00f917530f65e99dcdb355b60 Loading...

	welcome.unibet.com/custom.js	ScriptElement	5.9 kB	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/custom.js IP 172.64.144.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5794 Hash 7bf01e92dd55d5fa298f55fbcb9afd30 4db58eaa64d33bce2d1ae88d5ed6919d8986f8dc 2c13bba84b390447c18343fd8319ca7aea45208f53fb3143ed27c354fd5b2b1f Loading...

	unknown	ScriptElement	1.5 kB	2023-11-16	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-16 15:59 Last Seen2024-08-20 19:16 Times Seen3975 Hash aa815b3ab95f01113f06825d3482950a 8ba15b0202aeaf30c7db18cb23c5007dea0ed42b b9eb09d3ddb52bcd12443dedbb9194d9b07a2e5a29139a63adbc62eb158ad828 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521	ScriptElement	147 B	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521 IP 172.64.144.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5793 Hash 1d18cffe3fc76896ca02254b5879b535 1a8fec7049c5644eaab6f7aecf8672f3f858d037 cb934bad0e7cb0b0b2edbc619a28b2d7ee4960dba893c3c2ce2a63e458d8af5b Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC	ScriptElement	192 kB	2023-11-30	2023-11-30
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 03:58 Last Seen2023-11-30 03:58 Times Seen1 Hash 26fce30adfb3a2ba1e7db2b6efc885a5 3c03ac8de145975ea5d8c4484d64987cf48d58ec 5af3575df1fbf32e1de5ecfde188a6194c6b5b9f7c299e54b033f3de9fb88cc8 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521	ScriptElement	307 B	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521 IP 172.64.144.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5790 Hash 5633bd464ac4d5c3fab4b6c6db04c743 e9b255450e7612595382082329b0fe88904abcee ca8576fcf8d4ca2350c9fe2a7976729e6e3c6b42ca948060a509a1eed46e93fd Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521	ScriptElement	295 B	2023-09-13	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521 IP 172.64.144.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-13 20:26 Last Seen2024-08-21 06:57 Times Seen5369 Hash c19afddc1697308e0ef68fc2225c7f22 c77de15393ad1ee1d0d49afd6cc7c1cdefa9a5b4 7d80f28d2d8c0b322d667bc27797d7e01c2e90fa2a7d1025db04252d5b83f202 Loading...

	welcome.unibet.com/widget/betslip/betslip.js	ScriptElement	15 kB	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/widget/betslip/betslip.js IP 172.64.144.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5796 Hash 5770dc60397ffb834d1280aa7bcebbd0 f0bbf2136b83babe5a8f70eeff2308279e9a0d3a 42e08e8d4858e610d87679ab66e8a7cf4b575614c0aa1423d8a1c0245bda9a52 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521	ScriptElement	218 B	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521 IP 172.64.144.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 06:57 Times Seen5369 Hash 91824c153a2424389807187ea41b9137 0ac7bf21044c90de1568152896efb9466c90b412 74abc0c84e63335fab7da57b01856b457f332b55d1ae539baadb180b13be726c Loading...

	www.unibet.com/kindred_snow/s3.7.0/kindred_s.js	ScriptElement	74 kB	2023-03-12	2025-04-01
Pretty URL www.unibet.com/kindred_snow/s3.7.0/kindred_s.js IP 85.184.96.28 ASN #47171 Unibet Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:47 Last Seen2025-04-01 10:09 Times Seen6322 Hash 3fb00dbb8acb3c68fd5ddb674f22bb88 cf7bc4f71f0ff66037ac2e564963ff4c2737e766 7d3d84e73da67922341950d1542a5a5da2420ea18026e314a9aec22f631e4246 Loading...

	unknown	ScriptElement	2.6 kB	2023-03-07	2025-02-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-02-02 17:17 Times Seen5802 Hash cd03538fc58df8693fe9af9337788f0f 408a15551710117d0538fc9442a55b5678bb85a5 cc933dd733a6db1a1a9ff1d7c0adb26717fa27d4d177b7a5a2cab0bfdb353562 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521	ScriptElement	92 B	2023-03-07	2025-02-02
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521 IP 172.64.144.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2025-02-02 17:17 Times Seen5784 Hash 7f0f3c1a6218ba26e0a2303513a4b789 a8d06c9a0d0b367220509b18213f6b102f4b4fc0 faffe243fd7f581af68fd7dafdf86ff1e5c0824831f03d5758cb309da65fddda Loading...

	unknown	ScriptElement	9.0 kB	2023-09-21	2025-02-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-21 22:26 Last Seen2025-02-02 17:17 Times Seen5254 Hash 4bf85503f4a4c7bcfaab0141a5806d3d 27fe50a4fc3c8c70cbb4a7448497b078d4583afc f69fd5a7cc72a1b162c15eed2d8df99565cfb38316cfe1b946b868f809146305 Loading...

	a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js	ScriptElement	956 B	2023-03-07	2025-02-02
Pretty URL a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js IP 85.184.96.5 ASN #47171 Unibet Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12 Last Seen2025-02-02 17:17 Times Seen4811 Hash fd48e87ecd4d06d9c5df490b91dc813e a65a437db44444634e4f41732c590c1d14433b3f 2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js	ScriptElement	4.5 kB	2023-03-07	2025-02-02
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js IP 172.64.144.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-02-02 17:17 Times Seen5795 Hash 04fc48de78cbfc5d1557e9df399c7733 e1bf77a4fef1943b0eab404c4abbe9477cb373e0 4c6d70ebaf667a642560297cdca94fa760d3624e1f4cab0da08711f0c492fed6 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521	ScriptElement	364 B	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521 IP 172.64.144.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5771 Hash b7207d294237fb810195b41fdd3cac28 ff7ef257957cbc2074fa5814177bb7cbbac44eb2 12f39122cef3c11903118c0f4769199ddc1e0e5ba13d7dbe8373e5c77391baf5 Loading...

	unknown	ScriptElement	7.7 kB	2023-10-13	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 14:25 Last Seen2024-08-21 04:51 Times Seen5162 Hash d8109ab58402556ab737fe39834e6905 47aceb389987ff2659d00e7594f4b6f497fd776b 71020f8da24acc220d53e62c55ebf61e031f1d189dca99dd219c96ea2686dc96 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 8924e35199751d77de62bd7862311a6b	471 B	2024-08-20 17:24	2024-08-20 17:24
Pretty Observations First Seen2024-08-20 17:24 Last Seen2024-08-20 17:24 Times Seen1 Hash 8924e35199751d77de62bd7862311a6b f49deb12c2d0de9b14dd113e151cc2a09c0f6329 103d32a0446863c1d26460f896f951118725c918bf4d20fb853d0bbafda7152e Loading...

	#2 Eval - 127ac839a41bdd9ab92ad47b7411cdaf	29 B	2023-03-08 14:23	2025-05-06 08:36
Pretty Observations First Seen2023-03-08 14:23 Last Seen2025-05-06 08:36 Times Seen675 Hash 127ac839a41bdd9ab92ad47b7411cdaf c2f81b12778c909f055c3967caa638b643c4916a b2ebc210c5c379879d07a4a9e046a4ea803d56dcc91d533db817ec272cbcfaf4 Loading...

		Size	First Seen	Last Seen
	#1 Write - 25a10337e02187272b977aa0f81bf444	128 B	2024-08-20 17:24	2024-08-20 17:24
Pretty Observations First Seen2024-08-20 17:24 Last Seen2024-08-20 17:24 Times Seen1 Hash 25a10337e02187272b977aa0f81bf444 150289404fab4f11918ed81b67a224f1045b02d3 ce3f5a0338e500100900cf8eeb854004e067639f573b1a0474d530b75578631d Loading...

	#2 Write - 96c9193a7c47daa63715ad2edb3c52b3	128 B	2024-08-20 17:24	2024-08-20 17:24
Pretty Observations First Seen2024-08-20 17:24 Last Seen2024-08-20 17:24 Times Seen1 Hash 96c9193a7c47daa63715ad2edb3c52b3 e2c9ceac17743551ffb5fdb6f533684186fd13dc 530c8d574d4c4da658a111d13eec015696489e6e3ce6ca39f84198ddc1aefeb5 Loading...

	#3 Write - 9d12bc924ddf3b2f0c1150869266f965	128 B	2024-08-20 17:24	2024-08-20 17:24
Pretty Observations First Seen2024-08-20 17:24 Last Seen2024-08-20 17:24 Times Seen1 Hash 9d12bc924ddf3b2f0c1150869266f965 6187b94d871e71a8b7019b78bccf08b71ef84cb8 75be72249198ea215442190ea6ea60f13cb13ed03393b4549bbcd6fb71bf5d0d Loading...

	#4 Write - cf56ad97929b0fe93d9ec1aaabe07669	128 B	2024-08-20 17:24	2024-08-20 17:24
Pretty Observations First Seen2024-08-20 17:24 Last Seen2024-08-20 17:24 Times Seen1 Hash cf56ad97929b0fe93d9ec1aaabe07669 c236203c8abd78aa2fa36c2b6fb44dc553ae6ed2 52da41a0000c33f08132f21da7206266ed42333fd4db9971fc9f9c9374f5ac41 Loading...

	#5 Write - ac798ac2b2c9559c3e64b701f845c78e	50 B	2023-03-07 01:11	2024-08-21 09:44
Pretty Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5804 Hash ac798ac2b2c9559c3e64b701f845c78e 288602cbfebecea88ca238ce32c92d133bf59bff a2b051fa7d206df6e4eeee27678781de0752c1ac7adcfd359c1a2fc7ff507449 Loading...

HTTP Transactions (103)

URL IP Response Size

naijaparrot.com/

104.21.20.143

0 B

URL
naijaparrot.com/
IP
104.21.20.143:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: naijaparrot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Thu, 30 Nov 2023 02:57:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 30 Nov 2023 03:57:38 GMT
Location: https://naijaparrot.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhQLavxU2NWUAq2TAtN%2BlkyO8DfCPRFVRPyQfsMhpRL5pg068hfe0VoBqat37EaoS9nBQ0oi7fTjYEeE%2FxqZ2KzGOReUVpE127%2Fc7RXEugtw0R8Mj%2FS8H9rJyelb8T5psxQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 82dfd2f809b00b61-OSL
alt-svc: h2=":443"; ma=60

naijaparrot.com/wp-content/plugins/image-sizes/assets/js/front.js?ver=3.6.1

104.21.20.143

0 B

URL
naijaparrot.com/wp-content/plugins/image-sizes/assets/js/front.js?ver=3.6.1
IP
104.21.20.143:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/plugins/image-sizes/assets/js/front.js?ver=3.6.1 HTTP/1.1
Host: naijaparrot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Cookie: gfm-sprB=YQAOMwtc3WRx09Su; UEDW-Gp_igyCL=e37y5QrGg8YN%40OC6; ezoadgid_199232=-1; ezoref_199232=; ezosuibasgeneris-1=9fba667c-6f73-49fb-65b8-e16700cc3d77; ezoab_199232=mod242; ezopvc_199232=1; lp_199232=https://naijaparrot.com/; ezovuuidtime_199232=1701313058; ezovuuid_199232=35657070-c89b-4eb1-6418-c68646b28576
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 02:57:39 GMT
content-type: application/javascript
content-length: 0
cache-control: public, max-age=2592000
cf-bgj: minify
display: staticcontent_sol, orig_site_sol
etag: "6353aa24-0"
last-modified: Sat, 22 Oct 2022 08:30:28 GMT
response: 200
vary: Accept-Encoding,User-Agent,Origin
x-ezoic-cdn: Miss
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=2592000
x-sol: orig
cf-cache-status: HIT
age: 485230
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RAqxuwuM5yfsicgWyrJpCnidt2YiTjVk8%2FKUZ6TQ0snLKE0xNwAgoSFvpZ3BD4%2BEKUzbTjNwgBHEErn%2FRoKLHCZhGzk9tG6MZsXjHNZsx8VEsFVAweAPL3dJeY0%2F%2FcjhtM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfd2fb3f1656c4-OSL
alt-svc: h3=":443"; ma=86400

naijaparrot.com/wp-content/uploads/2020/07/25/NaijaParrot-Nigerian-news-latest-breaking-today.png

104.21.20.143

854 B

URL
naijaparrot.com/wp-content/uploads/2020/07/25/NaijaParrot-Nigerian-news-latest-breaking-today.png
IP
104.21.20.143:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 220x162, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
854 B (854 bytes)
Hash
9b27a88790862df9070f8ba5dff4f6da
d9b9b16fa6e3d163ffd52de863ea25d911f7a04e
d175aeb6ed10e593075866c7c227faf3e6c168b503a012648566c165e75accc6

HTTP Headers

GET /wp-content/uploads/2020/07/25/NaijaParrot-Nigerian-news-latest-breaking-today.png HTTP/1.1
Host: naijaparrot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Thu, 30 Nov 2023 02:57:38 GMT
content-type: text/html; charset=UTF-8
location: http://naijaparrot.com
cache-control: no-cache, must-revalidate, max-age=0
display: staticcontent_sol
expires: Wed, 11 Jan 1984 05:00:00 GMT
pagespeed: off
response: 301
vary: Accept-Encoding,User-Agent,Origin
x-cache: MISS
x-ezoic-cdn: Miss
x-middleton-display: staticcontent_sol
x-middleton-response: 301
x-origin-cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: BYPASS
set-cookie: gfm-sprB=YQAOMwtc3WRx09Su; expires=Fri, 01-Dec-2023 02:57:38 GMT; Max-Age=86400; path=/; secure
UEDW-Gp_igyCL=e37y5QrGg8YN%40OC6; expires=Fri, 01-Dec-2023 02:57:38 GMT; Max-Age=86400; path=/; secure
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=660%2BhM2GK7fXO0Z1IelrqXh5Wzat1fv%2BnY3NPHHQ%2Bj5U7cu5dzx6KUaDxwHEHXHwLFQXa12phntwZocKMYj4ajMOQehXFJybFj2LsUBVeM2fN5hEC6lXKGUw%2BLrusIZ%2Bx8E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfd2f4ea995688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

latestnigerianjobs.com/wp-content/uploads/2010/04/icon-emailalert-256.png

104.21.4.132

12 kB

URL
latestnigerianjobs.com/wp-content/uploads/2010/04/icon-emailalert-256.png
IP
104.21.4.132:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11848 bytes)
Hash
428dad4a799ae5a5a9957b64db2ce586
65699dd5345698b8afe093467e2e2ca0adc8fbae
3c89bdfd44e5fae40b44fa126bbdf046d8051d6e0b7970c21bf974e32020c388

HTTP Headers

GET /wp-content/uploads/2010/04/icon-emailalert-256.png HTTP/1.1
Host: latestnigerianjobs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:39 GMT
content-type: image/png
content-length: 11848
last-modified: Sat, 13 Apr 2019 16:10:10 GMT
etag: "5cb209e2-2e48"
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 643965
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0I6OO6hD9iSLW9X0ERWpVwq5OrgE1RP701oQlFg9FxPApVSSJ5OsB8kiylhviSR7GM6ylJg3OUAA7BmUPSWtYLbD%2BALkFMuhcSRLCLoAD5HfoS7e8YrMwM3WdaxgKFqWr1ohS7fa4QCd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfd2fc0bfbb518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

1.bp.blogspot.com/-Vr7CbQxFyR4/Xl9zsZKfaQI/AAAAAAAAAzw/MSPPOlP_kcE3-uKziivd2V5aP-9ZEM3_wCLcBGAsYHQ/s1600/twitter%2Bsmall.png

142.250.74.161

13 kB

URL
1.bp.blogspot.com/-Vr7CbQxFyR4/Xl9zsZKfaQI/AAAAAAAAAzw/MSPPOlP_kcE3-uKziivd2V5aP-9ZEM3_wCLcBGAsYHQ/s1600/twitter%2Bsmall.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 201 x 109, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12610 bytes)
Hash
2ef2c9168244786409b7d51403507584
3ece95798335e361c1c4f13300b4b42461711bcd
3b47639043a3486ff1923173b5c0ff6575d68a0db42201008fb26de1a655c02c

HTTP Headers

GET /-Vr7CbQxFyR4/Xl9zsZKfaQI/AAAAAAAAAzw/MSPPOlP_kcE3-uKziivd2V5aP-9ZEM3_wCLcBGAsYHQ/s1600/twitter%2Bsmall.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v33f"
expires: Fri, 01 Dec 2023 02:57:39 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="twitter small.png"
x-content-type-options: nosniff
date: Thu, 30 Nov 2023 02:57:39 GMT
server: fife
content-length: 12610
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-XX5ZLSGMZV

142.250.74.168

85 kB

URL
www.googletagmanager.com/gtag/js?id=G-XX5ZLSGMZV
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3034)
Size
85 kB (85128 bytes)
Hash
e711a94840be3384e895a298eacd2f70
c35caf2d9d07a8876084050e1c8e68f32ecdd412
dc7f036ef6d0c8d577369a3b63c13d4b587824d87f075a4c8f81e5344eb07d0b

HTTP Headers

GET /gtag/js?id=G-XX5ZLSGMZV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 02:57:39 GMT
expires: Thu, 30 Nov 2023 02:57:39 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85128
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

1.bp.blogspot.com/-iUgTQswfnY0/Xl9zrC1uGeI/AAAAAAAAAzs/W-x51NP4uUwZ08RMJlMXIj_qWrVBiJYfACLcBGAsYHQ/s1600/play%2Bsmall.png

142.250.74.161

6.9 kB

URL
1.bp.blogspot.com/-iUgTQswfnY0/Xl9zrC1uGeI/AAAAAAAAAzs/W-x51NP4uUwZ08RMJlMXIj_qWrVBiJYfACLcBGAsYHQ/s1600/play%2Bsmall.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 200 x 78, 8-bit/color RGBA, non-interlaced\012- data
Size
6.9 kB (6902 bytes)
Hash
b03dcb5261457ee5c3aac6f3d005edaa
1e0fe210a4a4c079addab43181f4f1171387b565
00b83580835708eb241600642e93db37c5c873b5c5800ffc49d2ab6b73ef2e34

HTTP Headers

GET /-iUgTQswfnY0/Xl9zrC1uGeI/AAAAAAAAAzs/W-x51NP4uUwZ08RMJlMXIj_qWrVBiJYfACLcBGAsYHQ/s1600/play%2Bsmall.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="play small.png"
x-content-type-options: nosniff
server: fife
content-length: 6902
x-xss-protection: 0
date: Thu, 30 Nov 2023 02:57:39 GMT
expires: Fri, 01 Dec 2023 02:57:39 GMT
cache-control: public, max-age=86400, no-transform
etag: "v33e"
content-type: image/png
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

1.bp.blogspot.com/-MbbXJvpY0a8/Xl-Js3UiFxI/AAAAAAAAA0I/DJcdt-9HBVsE4plnqUe-9kI8qrOv89uwgCLcBGAsYHQ/s1600/8775%2Bsmaller%2Btelegram.png

142.250.74.161

7.2 kB

URL
1.bp.blogspot.com/-MbbXJvpY0a8/Xl-Js3UiFxI/AAAAAAAAA0I/DJcdt-9HBVsE4plnqUe-9kI8qrOv89uwgCLcBGAsYHQ/s1600/8775%2Bsmaller%2Btelegram.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 160 x 60, 8-bit/color RGB, non-interlaced\012- data
Size
7.2 kB (7215 bytes)
Hash
75a7c0dcc536079c7fc9e7463da2b519
5bc7ca6e13e3298c645787713e6cfc8ec67e3997
2b6acded5c51c0214f666b6feb721d421712d79be3816b6961aff9780562bfb9

HTTP Headers

GET /-MbbXJvpY0a8/Xl-Js3UiFxI/AAAAAAAAA0I/DJcdt-9HBVsE4plnqUe-9kI8qrOv89uwgCLcBGAsYHQ/s1600/8775%2Bsmaller%2Btelegram.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="8775 smaller telegram.png"
x-content-type-options: nosniff
server: fife
content-length: 7215
x-xss-protection: 0
date: Thu, 30 Nov 2023 02:57:39 GMT
expires: Fri, 01 Dec 2023 02:57:39 GMT
cache-control: public, max-age=86400, no-transform
etag: "v345"
content-type: image/png
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com.ng/coop/cse/brand?form=cse-search-box&lang=en

142.250.74.35

237 B

URL
www.google.com.ng/coop/cse/brand?form=cse-search-box&lang=en
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
237 B (237 bytes)
Hash
bda0dec939809d66ff8388fe5c716412
d768e1edcca0d64e15c1a26978d19c8fdfbd4e4f
334f05a39cdb64bac9f876dd2a2011649d08d578f6d751460c91ca294f3304cd

HTTP Headers

GET /coop/cse/brand?form=cse-search-box&lang=en HTTP/1.1
Host: www.google.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://www.gstatic.com/prose/brandjs.js
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 30 Nov 2023 02:57:39 GMT
expires: Thu, 30 Nov 2023 03:27:39 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 237
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

naijaparrot.com/detroitchicago/raleigh.js?gcb=195-0&cb=6

104.21.20.143

1.3 kB

URL
naijaparrot.com/detroitchicago/raleigh.js?gcb=195-0&cb=6
IP
104.21.20.143:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1646), with no line terminators
Size
1.3 kB (1262 bytes)
Hash
4d736826c63f2435e7aa7af3881e8e24
fc14ff6b97c56ad2881b167a81934acc397509b8
88b2906e8443f22f57ad7f18373f5e33e01dfb13c52931cc3d94456b786cef90

HTTP Headers

GET /detroitchicago/raleigh.js?gcb=195-0&cb=6 HTTP/1.1
Host: naijaparrot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Cookie: gfm-sprB=YQAOMwtc3WRx09Su; UEDW-Gp_igyCL=e37y5QrGg8YN%40OC6; ezoadgid_199232=-1; ezoref_199232=; ezosuibasgeneris-1=9fba667c-6f73-49fb-65b8-e16700cc3d77; ezoab_199232=mod242; ezopvc_199232=1; lp_199232=https://naijaparrot.com/; ezovuuidtime_199232=1701313058; ezovuuid_199232=35657070-c89b-4eb1-6418-c68646b28576
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 02:57:39 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=1659
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
cf-cache-status: HIT
age: 211351
last-modified: Mon, 27 Nov 2023 16:15:08 GMT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBWDJ0%2BN%2FKQsdpa5xg94YTkGkHFU53p0WGaEgnYiJvvDaJlwXuRMJbGwt6kbd6%2F9KhLcUrdTKR%2BGCvOHH1wJ%2F8YvyqR%2BMe6CsVs1G%2BYgEYwE%2BmdvD3oclg6SZcXlpxYi4x4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfd2fccfc556c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

naijaparrot.com/parsonsmaize/mulvane.js?gcb=195-0&cb=5

104.21.20.143

1.1 kB

URL
naijaparrot.com/parsonsmaize/mulvane.js?gcb=195-0&cb=5
IP
104.21.20.143:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (989), with no line terminators
Size
1.1 kB (1061 bytes)
Hash
128c56266496547f0d045908624a0169
8c741341efa2806969a3de508d67ca52743f3561
782a4a092a51a3691abc98068868f2a968aa27976791e8403c9e693921246c6b

HTTP Headers

GET /parsonsmaize/mulvane.js?gcb=195-0&cb=5 HTTP/1.1
Host: naijaparrot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Cookie: gfm-sprB=YQAOMwtc3WRx09Su; UEDW-Gp_igyCL=e37y5QrGg8YN%40OC6; ezoadgid_199232=-1; ezoref_199232=; ezosuibasgeneris-1=9fba667c-6f73-49fb-65b8-e16700cc3d77; ezoab_199232=mod242; ezopvc_199232=1; lp_199232=https://naijaparrot.com/; ezovuuidtime_199232=1701313058; ezovuuid_199232=35657070-c89b-4eb1-6418-c68646b28576
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 02:57:39 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=1002
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
cf-cache-status: HIT
age: 211351
last-modified: Mon, 27 Nov 2023 16:15:08 GMT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4HcIqjT16XJznAkwUkM0Yd95XrUPI1t%2BmZnXC%2F2bBPgmy0Y87C8NsAn3Da44Plm45Gr%2BJ4J0X5ZojT7hMB9s4nI9Q8vmWWGlVNF1aPCzcurtK6JEpqialrLURLHCbBWePw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfd2fccfc456c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/prose/brandjs.js

142.250.74.3

5.8 kB

URL
www.gstatic.com/prose/brandjs.js
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1352)
Size
5.8 kB (5807 bytes)
Hash
5fd232d76f845e55064ad5069abfc141
afaa74984a2c8eb086ff2d22e0ad2abfce7d272e
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

HTTP Headers

GET /prose/brandjs.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://naijaparrot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 5807
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 23:24:28 GMT
expires: Thu, 30 Nov 2023 23:24:28 GMT
cache-control: public, max-age=86400
age: 12791
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

naijaparrot.com/wp-content/uploads/2023/11/satbet-app-guide-2023-download-install-sign-up-220x162.png

104.21.20.143

4.3 kB

URL
naijaparrot.com/wp-content/uploads/2023/11/satbet-app-guide-2023-download-install-sign-up-220x162.png
IP
104.21.20.143:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 220x162, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.3 kB (4288 bytes)
Hash
4293d640cdcef577832c90f4151ba0e7
cf48144486f117479c79b60eae2fe420ece380eb
d2d024df1ef4cbd86ffd20c36d2f1d3eb745c327ec7d7946293ed35693dd56df

HTTP Headers

GET /wp-content/uploads/2023/11/satbet-app-guide-2023-download-install-sign-up-220x162.png HTTP/1.1
Host: naijaparrot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Cookie: gfm-sprB=YQAOMwtc3WRx09Su; UEDW-Gp_igyCL=e37y5QrGg8YN%40OC6; ezoadgid_199232=-1; ezoref_199232=; ezosuibasgeneris-1=9fba667c-6f73-49fb-65b8-e16700cc3d77; ezoab_199232=mod242; ezopvc_199232=1; lp_199232=https://naijaparrot.com/; ezovuuidtime_199232=1701313058; ezovuuid_199232=35657070-c89b-4eb1-6418-c68646b28576
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 02:57:39 GMT
content-type: image/webp
cache-control: public, max-age=15552000
display: staticcontent_sol
etag: W/"6567e5b6-6548-gzip"
last-modified: Thu, 30 Nov 2023 01:30:30 GMT
response: 200
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
x-ezoic-cdn: Hit ds;mm;c130f6e5365ea51202763af5a3f5183b;2-199232-0;c380c7c1-b62b-44d8-41fe-afd5bc8a17b8
x-ezoic-excludewebp: false
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=2592000
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kd7piV%2Fw0z0%2FKI0U6zUIcOLWpSwg4JNa3J2X4l7bSGY01r4hssGEKtYw%2BnT9bSzhESyYUdYpj6%2B%2B%2Fjq7khE3kS%2FnYXwq2CYyf65Q%2FYQmCUtBFwbatmeA5l0JKLZxm0l2iok%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfd2fadef956c4-OSL
alt-svc: h3=":443"; ma=86400

pl16411173.alternativecpmgate.com/52/fe/43/52fe43ce90008a9573c0ead833b9be08.js

173.233.137.60

16 kB

URL
pl16411173.alternativecpmgate.com/52/fe/43/52fe43ce90008a9573c0ead833b9be08.js
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (42868), with no line terminators
Size
16 kB (15465 bytes)
Hash
13ed77b06af2f2b615bc11648b1a8a48
23b7864f69b96a46362c69a91c432792f15a12dc
ad4be3ff1eda5d03e0e896152f3643d9c7d8ed0c1e5f83ee186cc6cbbb209b28

HTTP Headers

GET /52/fe/43/52fe43ce90008a9573c0ead833b9be08.js HTTP/1.1
Host: pl16411173.alternativecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 30 Nov 2023 02:57:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 49045a79c628474bab4f177be6482218
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

142.250.74.67

21 kB

URL
fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21224, version 1.0\012- data
Size
21 kB (21224 bytes)
Hash
13bdfb843f942ccd9f485eb6c0bc1934
2bad44362ff7569f24f2a3df2521b27a97ec1297
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c

HTTP Headers

GET /s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://naijaparrot.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:03:27 GMT
expires: Fri, 22 Nov 2024 05:03:27 GMT
cache-control: public, max-age=31536000
age: 597253
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700&subset=latin-ext

142.250.74.106

23 kB

URL
fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700&subset=latin-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
23 kB (23210 bytes)
Hash
aeae7e6ef94707427e855a7327f658fa
6d8c2e81ac80acb9cbff73ee666596ac6207473e
e26857313bb18deef545fc4a142c5db8d25450a2400bc315ae5773382add8da7

HTTP Headers

GET /css?family=Droid+Sans%3A400%2C700&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 30 Nov 2023 02:57:39 GMT
date: Thu, 30 Nov 2023 02:57:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.a-ads.com/a-ads-banners/481658/320x100?region=eu-central-1

144.76.38.164

26 kB

URL
static.a-ads.com/a-ads-banners/481658/320x100?region=eu-central-1
IP
144.76.38.164:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 320 x 100\012- data
Size
26 kB (25519 bytes)
Hash
ba0d2277cc387ccb4b0bf403000450ec
a1d718e79cdbcaf137ddbe7549c76acc7a3d0ae2
b8d16e82a2b15323f2026f9039648acf513f6441f28ea31dd4e19c7cc61bce5c

HTTP Headers

GET /a-ads-banners/481658/320x100?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 30 Nov 2023 02:57:40 GMT
content-type: image/gif
content-length: 25519
x-amz-id-2: oltj0kq2DHj3Up678uD5+6bk1qBNuZ2ptR5gTzktKtG6Sh4aQxh5FdniDtGuiShYQEODFI0rP7c=
x-amz-request-id: 10M8QA5J8ACX54TA
x-amz-replication-status: COMPLETED
last-modified: Sun, 01 Oct 2023 11:53:22 GMT
etag: "ba0d2277cc387ccb4b0bf403000450ec"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: UzImnO5PZHEUFBJv.DcMhdy9b1KyyWn5
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.a-ads.com/a-ads-banners/452145/320x50?region=eu-central-1

144.76.38.164

14 kB

URL
static.a-ads.com/a-ads-banners/452145/320x50?region=eu-central-1
IP
144.76.38.164:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 320 x 50\012- data
Size
14 kB (13983 bytes)
Hash
40846c748b108cf688f9271caf57b86f
3268634652c5fac3dba24991d5800ba20d66ca07
fd7b4cdf4eadff478c4887b5d89fed5588374b3d3d4af1f4eebedec44a43e197

HTTP Headers

GET /a-ads-banners/452145/320x50?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 30 Nov 2023 02:57:40 GMT
content-type: image/gif
content-length: 13983
x-amz-id-2: VkF9czKcGE2sGfwsVwUwsF0zKLZZV3ItFZINXk02Fxqta9A27fZW01mrftPWMepGM7RNYgQsF68=
x-amz-request-id: QABBXNPHK1HWNBZD
x-amz-replication-status: COMPLETED
last-modified: Sat, 29 Apr 2023 12:10:47 GMT
etag: "40846c748b108cf688f9271caf57b86f"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: e3w6.pTaCaxFbNksHfWVJqUwbNPMVpk3
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.a-ads.com/a-ads-banners/481632/300x250?region=eu-central-1

144.76.38.164

40 kB

URL
static.a-ads.com/a-ads-banners/481632/300x250?region=eu-central-1
IP
144.76.38.164:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 300 x 250\012- data
Size
40 kB (39714 bytes)
Hash
d6b8e1f56f496560ff4a87ac74223177
20060e440bde4c08b5e749fcf81c9857e16735b0
657b785c9a801a9552d1f3b63bbee13b7aa71f7835168bf6d3131854f7db01ed

HTTP Headers

GET /a-ads-banners/481632/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 30 Nov 2023 02:57:40 GMT
content-type: image/gif
content-length: 39714
x-amz-id-2: q0AKxua+Hro4e24unNQmOa3NDZIKGYgM/LBUbAtYnJhGax/wIQwS0nJ3e4ib6nGlxXhw30jauA0=
x-amz-request-id: 6SDP5E67B4Q25AY8
x-amz-replication-status: COMPLETED
last-modified: Sat, 30 Sep 2023 19:52:54 GMT
etag: "d6b8e1f56f496560ff4a87ac74223177"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: zUkDvc8_ST8kwkTRBfVP6rqUlanxT.X.
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

ad.a-ads.com/1761655?size=300x250

144.76.38.164

122 kB

URL
ad.a-ads.com/1761655?size=300x250
IP
144.76.38.164:0
ASN
#24940 Hetzner Online GmbH

File type
gzip compressed data, from Unix\012- data
Size
122 kB (121813 bytes)
Hash
febb2cda1ae3acdbdb79b2dfa687f632
7299cf3873a3661eb0c3c2183ca5b42ae0c92937
6bdf151bb6e2cc1550b4d48e19167324b094947ebfb9d611681ec9519dca5d0e

HTTP Headers

GET /1761655?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 30 Nov 2023 02:57:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://naijaparrot.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2

ad.a-ads.com/1932798?size=320x50

144.76.38.164

178 kB

URL
ad.a-ads.com/1932798?size=320x50
IP
144.76.38.164:0
ASN
#24940 Hetzner Online GmbH

File type
gzip compressed data, from Unix\012- data
Size
178 kB (177753 bytes)
Hash
102eaf73d1fd331d638e6cf8f20de957
bf7b022a060b208b28bb263ceb2a99edd30039af
8c519171f4c124deded3db00ac1ddce7730deda4611b98f5bb6a60be9ec1b14c

HTTP Headers

GET /1932798?size=320x50 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 30 Nov 2023 02:57:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://naijaparrot.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2

static.a-ads.com/a-ads-banners/482514/300x250?region=eu-central-1

144.76.38.164

419 kB

URL
static.a-ads.com/a-ads-banners/482514/300x250?region=eu-central-1
IP
144.76.38.164:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 300 x 250\012- data
Size
419 kB (419447 bytes)
Hash
415d72cd769d66307391298d960a6e6b
347005d60c95df0e6fbc6c04f19439b0202dcdad
b11edb7f06e794d1e71008ed040f2021012500d4242d6b2b0a07e327b7f36f1a

HTTP Headers

GET /a-ads-banners/482514/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 30 Nov 2023 02:57:40 GMT
content-type: image/gif
content-length: 419447
x-amz-id-2: sb9WZOCo4P+dKYwQR4YB6wo7hy6U3TMvLw2buW/QV+NctJTxihqlpRA0LC2O4p1B5GS/ykQc5LI=
x-amz-request-id: V1YDKHJTEHN31SEZ
x-amz-replication-status: COMPLETED
last-modified: Thu, 05 Oct 2023 18:02:07 GMT
etag: "415d72cd769d66307391298d960a6e6b"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: mL_lf9pni6EoNVnI2IDY06rBeR24vV7Y
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.variouscreativeformats.com/4f93fa79987d6e51ef261657d22e75e6/invoke.js

173.233.139.164

11 kB

URL
www.variouscreativeformats.com/4f93fa79987d6e51ef261657d22e75e6/invoke.js
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
exported SGML document, ASCII text, with very long lines (29637), with no line terminators
Size
11 kB (10915 bytes)
Hash
49e66d9769b8e2bb8bcca1e31a0244da
3af578caf4a1f3f1d0aac135d9bcbee0387db59b
52a65c2164f4fd2bd98731127aff8bb758855f0b34e884ead200ff85032fd21b

HTTP Headers

GET /4f93fa79987d6e51ef261657d22e75e6/invoke.js HTTP/1.1
Host: www.variouscreativeformats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 30 Nov 2023 02:57:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 079cd39f2b17232c88ab67f0a28d3b4c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.variouscreativeformats.com/39200e10f4fb664bf6ed807fb2e114e1/invoke.js

173.233.139.164

11 kB

URL
www.variouscreativeformats.com/39200e10f4fb664bf6ed807fb2e114e1/invoke.js
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
exported SGML document, ASCII text, with very long lines (29634), with no line terminators
Size
11 kB (10915 bytes)
Hash
f30e3ee62d7b3829b3a5e3815083e5a3
1b6a0a45d7f3f0c3531ef1ad02be3f2e84bc6f29
8c82068dbe648739d8cc0d07824e8b4cf06b649fe254302ce4c1b7c57e4a2bd3

HTTP Headers

GET /39200e10f4fb664bf6ed807fb2e114e1/invoke.js HTTP/1.1
Host: www.variouscreativeformats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 30 Nov 2023 02:57:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b078202cd0a4a946229ffb54783ef18
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

naijaparrot.com/wp-content/themes/point/js/customscripts.js?ver=c8547f4ad3fdb0adb199167ac0cb4843

104.21.20.143

12 kB

URL
naijaparrot.com/wp-content/themes/point/js/customscripts.js?ver=c8547f4ad3fdb0adb199167ac0cb4843
IP
104.21.20.143:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
12 kB (11853 bytes)
Hash
de56b3742241f61b094efe4632f814d1
6480c62d6cc1a739104622d5d4d6a0b6c756a664
3a02ffcb276857c2187c221e749f612aa94e493061292cb938a693e0a2bc1a9d

HTTP Headers

GET /wp-content/themes/point/js/customscripts.js?ver=c8547f4ad3fdb0adb199167ac0cb4843 HTTP/1.1
Host: naijaparrot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Cookie: gfm-sprB=YQAOMwtc3WRx09Su; UEDW-Gp_igyCL=e37y5QrGg8YN%40OC6; ezoadgid_199232=-1; ezoref_199232=; ezosuibasgeneris-1=9fba667c-6f73-49fb-65b8-e16700cc3d77; ezoab_199232=mod242; ezopvc_199232=1; lp_199232=https://naijaparrot.com/; ezovuuidtime_199232=1701313058; ezovuuid_199232=35657070-c89b-4eb1-6418-c68646b28576
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 02:57:39 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
display: staticcontent_sol, orig_site_sol
etag: W/"5e0070ec-c4e-gzip"
last-modified: Mon, 23 Dec 2019 07:46:52 GMT
response: 200
vary: Accept-Encoding,User-Agent,Origin
x-ezoic-cdn: Hit ds;ds;0e5a37bea90c66b2487dc4f6276ff307;2-199232-0;9ecbcb0a-576c-4f1b-75c7-898ee210a4b6
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=2592000
x-sol: orig
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xme0iItP%2Bjlgh1RQ9i4nkF8c9Bz2EvMWK5YDvkmU0nQPrsoFCwSTH%2BUqJulZ9nhPxgeRXZWf544g18GtSryPDCgqyUdE2oV7MwMdHOm1nEbYZBQdOLQaoW1IkaUHQ2LMunY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfd2fabeed56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ardentlyexposureflushed.com/sbar.json?key=52fe43ce90008a9573c0ead833b9be08

192.243.59.12

4.1 kB

URL
ardentlyexposureflushed.com/sbar.json?key=52fe43ce90008a9573c0ead833b9be08
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with very long lines (5828), with no line terminators
Size
4.1 kB (4095 bytes)
Hash
70e0f11320133e0d4349caa4c18fb5ad
b39d38a7a6038ccaf21a0610d2f81557117bbf36
a6122a43a809dc37a27cea18ce7dfaed34837dd427c5ef7afd8b2279625e3e96

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=52fe43ce90008a9573c0ead833b9be08 HTTP/1.1
Host: ardentlyexposureflushed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naijaparrot.com
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 02:57:41 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://naijaparrot.com
Access-Control-Allow-Origin: https://naijaparrot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16310674; expires=Fri, 01 Dec 2023 02:57:41 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 01 Dec 2023 02:57:41 GMT; secure; SameSite=None
uncs=1; expires=Fri, 01 Dec 2023 02:57:41 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 01 Dec 2023 02:57:41 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 01 Dec 2023 02:57:41 GMT; secure; SameSite=None
slec52fe43ce90008a9573c0ead833b9be08=[4766299]; expires=Thu, 30 Nov 2023 02:57:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d2037fd7e0f269d28d566ced3b21ed63
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.variouscreativeformats.com/1d79b13f309b46473b25604f23717afc/invoke.js

173.233.139.164

11 kB

URL
www.variouscreativeformats.com/1d79b13f309b46473b25604f23717afc/invoke.js
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
exported SGML document, ASCII text, with very long lines (29613), with no line terminators
Size
11 kB (10916 bytes)
Hash
f22fc9c5d8cd60e6c5b908b2552aa900
5b0e62cb645316bcd29e3762bf70b4338fdea305
a5ef67ccd0f48868d407b48cb9558318839137c00dddb7cbb502fba498817629

HTTP Headers

GET /1d79b13f309b46473b25604f23717afc/invoke.js HTTP/1.1
Host: www.variouscreativeformats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 30 Nov 2023 02:57:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c710d97b9ed600a85a9cab7ddfbb4274
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ardentlyexposureflushed.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitTtaTeFAC4kGYixBBZmv%2BsjPmEIwxcXHdXfPDHjxVV1XPVra6qqnqnp4dL4sByXEUDx573%2BxmUUM0HgUhzHqRBcX2IHvIQvAquQhBPMnMDox%2B0P299706vPdVfbKbnRCKjB2vv28HSmu22KrSyvkNZYTNfWX1ZqVGq%2FRiZUOZC82Llf7k53pv1mirSl%2BvXJN8yy7WaY3SGq1VrionI9tfnKpQyf1Ordqh1Wa9Wms10Xf%2F5z4L4FkA0TshL0GJ8rnNnx5C8TFM%2FO0V6bdSm7zxTpxpllqHnji4ZbaMzQ3iOYxcgMgczE7D%2BpKQL87AmoNZAtje3iQBQlWS4PcaQnMws4mwt3%2FqNNSQBqF4HnlvDKnHUGwMbu9AiV8JwAVW12Die6vW5Wz7VGUTtSQLz%2F6Cykuy8PgcTPzgslb9yg2rs1RZ49GPCqj%2BGKo7RpIdIh0EUPkhePoxlPiZLD5bgYn31ry2UKKYpldqDBWNoeUQzAfIJp8KkEUBsiRALI4rrNWJKF2KwqjRaDc5540G5632BdESjWY7osj4xN4QaTIE10Nwt4PE7WBLDeGyR%2FCbBbwI4NOSBB%2FsoCcK5JIg9wQ5I8gVQZ4S5L1iX2hf98U9oX0W1ma9PuuNYmTT7i7bt2lXGrKbnJAXp3v5%2B8ln2JLHlVY9ks0Glx1KaZt1WksNTiUT7UYj7ISStuFVAeXPTKMOVElefvwLElWShT8fIWSH8PoQXJ0Fy14Fy0dLdQq2OWq2KQbmG8PUbZYw52xa5TaGsAWSdAHpdrCrT8grUyvvfv8hJD%2B69PngybUH5z4CdwUSV%2BC2%2BpGgq%2B%2BOrtuc7F23uScP15JUxWrAJtd3I2WpPPvVe3I7t04sX%2FHDL9%2FiE2EC79%2BUPl1hRijT9eTry0oI6a5axyX5YdlvyHA985uXM2eyZGX97avLceKk98qaMZgqCXn6HbgqyQtP%2FfRpnr%2F1B5Qbw2UF4uyIzArKHoInO%2FDJfOYtgdNzHiYB8qwYuXo4H2pFoOWcs7CA%2Fw8P53jX30XXBWDpHZi4QM8V6OkCTA%2Fhs7OjNHFHl35rTAuhDkahdsFeqJ3%2B9HS5Xh1XZCuikaR1GUadMFpiVHSiZidknZpcClushtSXsvvPa%2F8CAAD%2F%2FwEAAP%2F%2FZJ4FV3IEAAA%3D

192.243.59.12

7 B

URL
ardentlyexposureflushed.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitTtaTeFAC4kGYixBBZmv%2BsjPmEIwxcXHdXfPDHjxVV1XPVra6qqnqnp4dL4sByXEUDx573%2BxmUUM0HgUhzHqRBcX2IHvIQvAquQhBPMnMDox%2B0P299706vPdVfbKbnRCKjB2vv28HSmu22KrSyvkNZYTNfWX1ZqVGq%2FRiZUOZC82Llf7k53pv1mirSl%2BvXJN8yy7WaY3SGq1VrionI9tfnKpQyf1Ordqh1Wa9Wms10Xf%2F5z4L4FkA0TshL0GJ8rnNnx5C8TFM%2FO0V6bdSm7zxTpxpllqHnji4ZbaMzQ3iOYxcgMgczE7D%2BpKQL87AmoNZAtje3iQBQlWS4PcaQnMws4mwt3%2FqNNSQBqF4HnlvDKnHUGwMbu9AiV8JwAVW12Die6vW5Wz7VGUTtSQLz%2F6Cykuy8PgcTPzgslb9yg2rs1RZ49GPCqj%2BGKo7RpIdIh0EUPkhePoxlPiZLD5bgYn31ry2UKKYpldqDBWNoeUQzAfIJp8KkEUBsiRALI4rrNWJKF2KwqjRaDc5540G5632BdESjWY7osj4xN4QaTIE10Nwt4PE7WBLDeGyR%2FCbBbwI4NOSBB%2FsoCcK5JIg9wQ5I8gVQZ4S5L1iX2hf98U9oX0W1ma9PuuNYmTT7i7bt2lXGrKbnJAXp3v5%2B8ln2JLHlVY9ks0Glx1KaZt1WksNTiUT7UYj7ISStuFVAeXPTKMOVElefvwLElWShT8fIWSH8PoQXJ0Fy14Fy0dLdQq2OWq2KQbmG8PUbZYw52xa5TaGsAWSdAHpdrCrT8grUyvvfv8hJD%2B69PngybUH5z4CdwUSV%2BC2%2BpGgq%2B%2BOrtuc7F23uScP15JUxWrAJtd3I2WpPPvVe3I7t04sX%2FHDL9%2FiE2EC79%2BUPl1hRijT9eTry0oI6a5axyX5YdlvyHA985uXM2eyZGX97avLceKk98qaMZgqCXn6HbgqyQtP%2FfRpnr%2F1B5Qbw2UF4uyIzArKHoInO%2FDJfOYtgdNzHiYB8qwYuXo4H2pFoOWcs7CA%2Fw8P53jX30XXBWDpHZi4QM8V6OkCTA%2Fhs7OjNHFHl35rTAuhDkahdsFeqJ3%2B9HS5Xh1XZCuikaR1GUadMFpiVHSiZidknZpcClushtSXsvvPa%2F8CAAD%2F%2FwEAAP%2F%2FZJ4FV3IEAAA%3D
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitTtaTeFAC4kGYixBBZmv%2BsjPmEIwxcXHdXfPDHjxVV1XPVra6qqnqnp4dL4sByXEUDx573%2BxmUUM0HgUhzHqRBcX2IHvIQvAquQhBPMnMDox%2B0P299706vPdVfbKbnRCKjB2vv28HSmu22KrSyvkNZYTNfWX1ZqVGq%2FRiZUOZC82Llf7k53pv1mirSl%2BvXJN8yy7WaY3SGq1VrionI9tfnKpQyf1Ordqh1Wa9Wms10Xf%2F5z4L4FkA0TshL0GJ8rnNnx5C8TFM%2FO0V6bdSm7zxTpxpllqHnji4ZbaMzQ3iOYxcgMgczE7D%2BpKQL87AmoNZAtje3iQBQlWS4PcaQnMws4mwt3%2FqNNSQBqF4HnlvDKnHUGwMbu9AiV8JwAVW12Die6vW5Wz7VGUTtSQLz%2F6Cykuy8PgcTPzgslb9yg2rs1RZ49GPCqj%2BGKo7RpIdIh0EUPkhePoxlPiZLD5bgYn31ry2UKKYpldqDBWNoeUQzAfIJp8KkEUBsiRALI4rrNWJKF2KwqjRaDc5540G5632BdESjWY7osj4xN4QaTIE10Nwt4PE7WBLDeGyR%2FCbBbwI4NOSBB%2FsoCcK5JIg9wQ5I8gVQZ4S5L1iX2hf98U9oX0W1ma9PuuNYmTT7i7bt2lXGrKbnJAXp3v5%2B8ln2JLHlVY9ks0Glx1KaZt1WksNTiUT7UYj7ISStuFVAeXPTKMOVElefvwLElWShT8fIWSH8PoQXJ0Fy14Fy0dLdQq2OWq2KQbmG8PUbZYw52xa5TaGsAWSdAHpdrCrT8grUyvvfv8hJD%2B69PngybUH5z4CdwUSV%2BC2%2BpGgq%2B%2BOrtuc7F23uScP15JUxWrAJtd3I2WpPPvVe3I7t04sX%2FHDL9%2FiE2EC79%2BUPl1hRijT9eTry0oI6a5axyX5YdlvyHA985uXM2eyZGX97avLceKk98qaMZgqCXn6HbgqyQtP%2FfRpnr%2F1B5Qbw2UF4uyIzArKHoInO%2FDJfOYtgdNzHiYB8qwYuXo4H2pFoOWcs7CA%2Fw8P53jX30XXBWDpHZi4QM8V6OkCTA%2Fhs7OjNHFHl35rTAuhDkahdsFeqJ3%2B9HS5Xh1XZCuikaR1GUadMFpiVHSiZidknZpcClushtSXsvvPa%2F8CAAD%2F%2FwEAAP%2F%2FZJ4FV3IEAAA%3D HTTP/1.1
Host: ardentlyexposureflushed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Cookie: u_pl=16310674; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec52fe43ce90008a9573c0ead833b9be08=[4766299]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 02:57:41 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 709cef23467aa4bda46ffdb1f63353d9
Strict-Transport-Security: max-age=0; includeSubdomains

pixel.wp.com/g.gif?v=ext&blog=52798602&post=0&tz=1&srv=naijaparrot.com&j=1%3A12.8.1&host=naijaparrot.com&ref=&fcp=2329&rand=0.2067301721792112

192.0.76.3

50 B

URL
pixel.wp.com/g.gif?v=ext&blog=52798602&post=0&tz=1&srv=naijaparrot.com&j=1%3A12.8.1&host=naijaparrot.com&ref=&fcp=2329&rand=0.2067301721792112
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type
GIF image data, version 89a, 6 x 5\012- data
Size
50 B (50 bytes)
Hash
e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

HTTP Headers

GET /g.gif?v=ext&blog=52798602&post=0&tz=1&srv=naijaparrot.com&j=1%3A12.8.1&host=naijaparrot.com&ref=&fcp=2329&rand=0.2067301721792112 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 30 Nov 2023 02:57:41 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2

naijaparrot.com/porpoiseant/jellyfish.js?a=a&cb=11&dcb=195-0&shcb=34

104.21.20.143

30 kB

URL
naijaparrot.com/porpoiseant/jellyfish.js?a=a&cb=11&dcb=195-0&shcb=34
IP
104.21.20.143:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2865)
Size
30 kB (30310 bytes)
Hash
6fdc3be967f0f18d55ebd9466a4b7e82
12472a228893f844279c13c3def0679db9738e63
f8845f7fdd88e956fb192f1eef85e4afa6b7c59d2bae22b6058f4ca620d67312

HTTP Headers

GET /porpoiseant/jellyfish.js?a=a&cb=11&dcb=195-0&shcb=34 HTTP/1.1
Host: naijaparrot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Cookie: gfm-sprB=YQAOMwtc3WRx09Su; UEDW-Gp_igyCL=e37y5QrGg8YN%40OC6; ezoadgid_199232=-1; ezoref_199232=; ezosuibasgeneris-1=9fba667c-6f73-49fb-65b8-e16700cc3d77; ezoab_199232=mod242; ezopvc_199232=2; lp_199232=https://naijaparrot.com/; ezovuuidtime_199232=1701313059; ezovuuid_199232=35657070-c89b-4eb1-6418-c68646b28576; _ga_XX5ZLSGMZV=GS1.1.1701313064.1.0.1701313064.0.0.0; _ga=GA1.1.1548204184.1701313065; sb_main_52fe43ce90008a9573c0ead833b9be08=1; sb_count_52fe43ce90008a9573c0ead833b9be08=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=ardentlyexposureflushed.com; ezds=ffid%3D1%2Cw%3D1280%2Ch%3D1024; ezohw=w%3D1280%2Ch%3D1024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 02:57:41 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=37593
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
cf-cache-status: HIT
age: 211352
last-modified: Mon, 27 Nov 2023 16:15:09 GMT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkpOB3Xftg5CI%2F900qwMYeQTBXvOuasD1x1zXqZG%2FbGYok%2FCDWflqP%2BvE1iAu0EJQqv%2Fm0SLVX5Eyn6frCpeAMNQFD54sQRFEOHhTneG6MGgUo3bBVZT3Ohazc%2BfJh%2FdPg4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfd30b4b7656c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

142.250.74.67

7.7 kB

URL
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://naijaparrot.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:35:53 GMT
expires: Thu, 28 Nov 2024 21:35:53 GMT
cache-control: public, max-age=31536000
age: 19308
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.a-ads.com/a-ads-banners/452146/728x90?region=eu-central-1

144.76.38.164

34 kB

URL
static.a-ads.com/a-ads-banners/452146/728x90?region=eu-central-1
IP
144.76.38.164:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 728 x 90\012- data
Size
34 kB (34060 bytes)
Hash
abee5b951901db7d5808cc14c1803f86
6abd0ca0c0d8ceba10b0105d92f54e3e32e0f9d9
df3f1522e3c1cfad89800cef7a2a5b3287cccf8efaf9b509153f5481a3bc5210

HTTP Headers

GET /a-ads-banners/452146/728x90?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 30 Nov 2023 02:57:41 GMT
content-type: image/gif
content-length: 34060
x-amz-id-2: jVMBaaO1FHVTbGFHSCxmsoAOhmweMHidwcXYp77RpnYj2XRlVaNbYk9C+hhpH269KKuWR7eKgV4=
x-amz-request-id: 83Y3PM5KCAKPPTF9
x-amz-replication-status: COMPLETED
last-modified: Sat, 29 Apr 2023 12:10:47 GMT
etag: "abee5b951901db7d5808cc14c1803f86"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: 76whst7qvmX0l_vkmSfQJ7pFURrIqrZI
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/img/close.png

172.64.108.10

591 B

URL
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/img/close.png
IP
172.64.108.10:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size
591 B (591 bytes)
Hash
9fd5bcb6103d86e317bd1eb019bcbe71
6b5a52ea669dcb74946f2bed4bdd7ec985026113
0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae

HTTP Headers

GET /sb/ssp/vpn/classic-push/big1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:42 GMT
content-type: image/png
content-length: 591
last-modified: Mon, 21 Feb 2022 10:06:44 GMT
etag: "62136434-24f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2584275
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sH%2FFgYS7gT2AuG4BTvlOg5jTXaIYNNroR1lFOeI1tG6YYaKOpmor7Na7b3TAPZyIFZZy2wTw9BKF%2BdQOV4GIqwm2AEkogrqHXAt8s64KNUn6DAP4gLPkBr5IlGH896gccgej6ayqluO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfd30fc9f0670c-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/98/58/2f/98582fa31e3a411721a1f890fd22419a/1700491903.png

45.133.44.10

9.0 kB

URL
cdn.cloudimagesb.com/si/98/58/2f/98582fa31e3a411721a1f890fd22419a/1700491903.png
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
9.0 kB (9016 bytes)
Hash
a56f06ca83ee06488a213b352e00bd90
aec437b74eb6f1143683872fb2d664286da4a664
7144c526762a9d91bdde1939194c2835f2cb1afe0ebac298bbdf1e9239b539ec

HTTP Headers

GET /si/98/58/2f/98582fa31e3a411721a1f890fd22419a/1700491903.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:42 GMT
content-type: image/png
content-length: 9016
server: nginx/1.21.6
last-modified: Mon, 20 Nov 2023 14:51:52 GMT
etag: "655b7288-2338"
expires: Sat, 02 Dec 2023 02:57:42 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/3c/d5/62/3cd562dd264800ee586ac2da770e9a65/1700491951.png

45.133.44.10

20 kB

URL
cdn.cloudimagesb.com/si/3c/d5/62/3cd562dd264800ee586ac2da770e9a65/1700491951.png
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 320 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (20001 bytes)
Hash
ea31001ce8fa95eb2ac1617515105332
d505ca04808c25cfa33a555c96886f421ddbbde7
0267f5cd21fe5609405724c20d6f021b8932a696ada766b8e86e42c670000ab3

HTTP Headers

GET /si/3c/d5/62/3cd562dd264800ee586ac2da770e9a65/1700491951.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:42 GMT
content-type: image/png
content-length: 20001
server: nginx/1.21.6
last-modified: Mon, 20 Nov 2023 14:52:40 GMT
etag: "655b72b8-4e21"
expires: Sat, 02 Dec 2023 02:57:42 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

173.233.137.44

0 B

URL
admissiblecontradictthrone.com/watch.192056961459.js?key=4f93fa79987d6e51ef261657d22e75e6&kw=%5B%22naijaparrot%22%2C%22com%22%2C%22-%22%2C%22breaking%22%2C%22news%22%2C%22gossip%22%2C%22and%22%2C%22latest%22%2C%22jobs%22%2C%22in%22%2C%22nigeria%22%2C%22today%22%2C%22-%22%2C%222023%22%5D&refer=https%3A%2F%2Fnaijaparrot.com%2F&tz=0&dev=e&res=14.3095&uuid=
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.192056961459.js?key=4f93fa79987d6e51ef261657d22e75e6&kw=%5B%22naijaparrot%22%2C%22com%22%2C%22-%22%2C%22breaking%22%2C%22news%22%2C%22gossip%22%2C%22and%22%2C%22latest%22%2C%22jobs%22%2C%22in%22%2C%22nigeria%22%2C%22today%22%2C%22-%22%2C%222023%22%5D&refer=https%3A%2F%2Fnaijaparrot.com%2F&tz=0&dev=e&res=14.3095&uuid= HTTP/1.1
Host: admissiblecontradictthrone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naijaparrot.com
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Thu, 30 Nov 2023 02:57:42 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://naijaparrot.com
Access-Control-Allow-Origin: https://naijaparrot.com
Access-Control-Allow-Credentials: true
Location: https://admissiblecontradictthrone.com/watch.192056961459.js?key=4f93fa79987d6e51ef261657d22e75e6&kw=%5B%22naijaparrot%22%2C%22com%22%2C%22-%22%2C%22breaking%22%2C%22news%22%2C%22gossip%22%2C%22and%22%2C%22latest%22%2C%22jobs%22%2C%22in%22%2C%22nigeria%22%2C%22today%22%2C%22-%22%2C%222023%22%5D&refer=https%3A%2F%2Fnaijaparrot.com%2F&tz=0&dev=e&res=14.3095&uuid=&shu=84dd60c581382bfe1b899d77e53a35df738de5b62eb5fe135e7e91fdb63fdb4ff8dfb6b9352b823df504c77ef184ea1001cf61824b63125280f20b3b5349339879c1a7a6ae2790af892dd28450cb0cfad30a1b2cbd896aaedcae9f02184b5f87b0&pst=1701313122&rmtc=t
Set-Cookie: u_pl=16312158; expires=Fri, 01 Dec 2023 02:57:42 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMxMjE1OCwiayI6IjRmOTNmYTc5OTg3ZDZlNTFlZjI2MTY1N2QyMmU3NWU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTY0MTExLCJwaWQiOjMyMjc1MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJpNXJqNHJ3aG1rIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbmFpamFwYXJyb3QuY29tLyJ9fQ.7dN1gDj4FFXWp7xoI-8nWSGPXARJYs6L9Xc869eKdPw; expires=Thu, 30 Nov 2023 02:58:42 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d91068fad8bfc85120a35453e0750a57
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/animate.css

172.64.108.10

5.4 kB

URL
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/animate.css
IP
172.64.108.10:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
5.4 kB (5350 bytes)
Hash
e1d8acd5ee9d1a90ea09313cbd8f2b02
8a8327b115d1356715e63270d1ce6d46124c7b1a
3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a

HTTP Headers

GET /sb/ssp/vpn/classic-push/big1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naijaparrot.com
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:42 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 10:06:42 GMT
etag: W/"62136432-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1241705
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxpGnpl%2FZ%2Bd4bkHryWrTAwqVKXWht%2Fy7etxc1jfzz%2BP7PqOUoA2DNHxpVkT2qPYquRFZWr%2FWyqDyHvp39AxCT8di8%2FpcKP5G638bGUD0oV28Xe3XBiM8DazGxL4bkVQ%2FvtBNfXkPIpsZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfd30f49ba670c-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

admissiblecontradictthrone.com/watch.192056961459.js?key=4f93fa79987d6e51ef261657d22e75e6&kw=%5B%22naijaparrot%22%2C%22com%22%2C%22-%22%2C%22breaking%22%2C%22news%22%2C%22gossip%22%2C%22and%22%2C%22latest%22%2C%22jobs%22%2C%22in%22%2C%22nigeria%22%2C%22today%22%2C%22-%22%2C%222023%22%5D&refer=https%3A%2F%2Fnaijaparrot.com%2F&tz=0&dev=e&res=14.3095&uuid=&shu=84dd60c581382bfe1b899d77e53a35df738de5b62eb5fe135e7e91fdb63fdb4ff8dfb6b9352b823df504c77ef184ea1001cf61824b63125280f20b3b5349339879c1a7a6ae2790af892dd28450cb0cfad30a1b2cbd896aaedcae9f02184b5f87b0&pst=1701313122&rmtc=t

173.233.137.44

643 B

URL
admissiblecontradictthrone.com/watch.192056961459.js?key=4f93fa79987d6e51ef261657d22e75e6&kw=%5B%22naijaparrot%22%2C%22com%22%2C%22-%22%2C%22breaking%22%2C%22news%22%2C%22gossip%22%2C%22and%22%2C%22latest%22%2C%22jobs%22%2C%22in%22%2C%22nigeria%22%2C%22today%22%2C%22-%22%2C%222023%22%5D&refer=https%3A%2F%2Fnaijaparrot.com%2F&tz=0&dev=e&res=14.3095&uuid=&shu=84dd60c581382bfe1b899d77e53a35df738de5b62eb5fe135e7e91fdb63fdb4ff8dfb6b9352b823df504c77ef184ea1001cf61824b63125280f20b3b5349339879c1a7a6ae2790af892dd28450cb0cfad30a1b2cbd896aaedcae9f02184b5f87b0&pst=1701313122&rmtc=t
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document, ASCII text, with very long lines (603)
Size
643 B (643 bytes)
Hash
cfd3e8a76572c8d429476801ede72b1d
1c81f11b44318ad17d407acf8dde194367371b5b
0497aa6edf05ebb96ecebe52e23d993d1e74304be9ecefe7a2c1e0ba32457947

HTTP Headers

GET /watch.192056961459.js?key=4f93fa79987d6e51ef261657d22e75e6&kw=%5B%22naijaparrot%22%2C%22com%22%2C%22-%22%2C%22breaking%22%2C%22news%22%2C%22gossip%22%2C%22and%22%2C%22latest%22%2C%22jobs%22%2C%22in%22%2C%22nigeria%22%2C%22today%22%2C%22-%22%2C%222023%22%5D&refer=https%3A%2F%2Fnaijaparrot.com%2F&tz=0&dev=e&res=14.3095&uuid=&shu=84dd60c581382bfe1b899d77e53a35df738de5b62eb5fe135e7e91fdb63fdb4ff8dfb6b9352b823df504c77ef184ea1001cf61824b63125280f20b3b5349339879c1a7a6ae2790af892dd28450cb0cfad30a1b2cbd896aaedcae9f02184b5f87b0&pst=1701313122&rmtc=t HTTP/1.1
Host: admissiblecontradictthrone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naijaparrot.com
Referer: https://naijaparrot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=16312158; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMxMjE1OCwiayI6IjRmOTNmYTc5OTg3ZDZlNTFlZjI2MTY1N2QyMmU3NWU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTY0MTExLCJwaWQiOjMyMjc1MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJpNXJqNHJ3aG1rIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbmFpamFwYXJyb3QuY29tLyJ9fQ.7dN1gDj4FFXWp7xoI-8nWSGPXARJYs6L9Xc869eKdPw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 30 Nov 2023 02:57:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://naijaparrot.com
Access-Control-Allow-Origin: https://naijaparrot.com
Access-Control-Allow-Credentials: true
Set-Cookie: iprc08e85ba6136c6b746285047f724c8704=2717342; expires=Fri, 01 Dec 2023 04:57:42 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 01 Dec 2023 02:57:42 GMT; secure; SameSite=None
uncs=1; expires=Fri, 01 Dec 2023 02:57:42 GMT; secure; SameSite=None
pdhtkv27=true; expires=Fri, 01 Dec 2023 02:57:42 GMT; secure; SameSite=None
uncs27=1; expires=Fri, 01 Dec 2023 02:57:42 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2e90e73a82fff826cc8b55c22a259eec
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

naijaparrot.com/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIxOWYwZjM0My03YjM4LTQ4NTYtNDAxZC1jYjk4NTY1OWQ5NTYiLCJkb21haW5faWQiOiIxOTkyMzIiLCJ0X2Vwb2NoIjoxNzAxMzEzMDU4LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTI4MCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMDI0In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMTlmMGYzNDMtN2IzOC00ODU2LTQwMWQtY2I5ODU2NTlkOTU2IiwiZG9tYWluX2lkIjoiMTk5MjMyIiwidF9lcG9jaCI6MTcwMTMxMzA1OCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMTEtMzAifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjE5ZjBmMzQzLTdiMzgtNDg1Ni00MDFkLWNiOTg1NjU5ZDk1NiIsImRvbWFpbl9pZCI6IjE5OTIzMiIsInRfZXBvY2giOjE3MDEzMTMwNTgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjE5ZjBmMzQzLTdiMzgtNDg1Ni00MDFkLWNiOTg1NjU5ZDk1NiIsImRvbWFpbl9pZCI6IjE5OTIzMiIsInRfZXBvY2giOjE3MDEzMTMwNTgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfV0=

104.21.20.143

0 B

URL
naijaparrot.com/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIxOWYwZjM0My03YjM4LTQ4NTYtNDAxZC1jYjk4NTY1OWQ5NTYiLCJkb21haW5faWQiOiIxOTkyMzIiLCJ0X2Vwb2NoIjoxNzAxMzEzMDU4LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTI4MCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMDI0In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMTlmMGYzNDMtN2IzOC00ODU2LTQwMWQtY2I5ODU2NTlkOTU2IiwiZG9tYWluX2lkIjoiMTk5MjMyIiwidF9lcG9jaCI6MTcwMTMxMzA1OCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMTEtMzAifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjE5ZjBmMzQzLTdiMzgtNDg1Ni00MDFkLWNiOTg1NjU5ZDk1NiIsImRvbWFpbl9pZCI6IjE5OTIzMiIsInRfZXBvY2giOjE3MDEzMTMwNTgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjE5ZjBmMzQzLTdiMzgtNDg1Ni00MDFkLWNiOTg1NjU5ZDk1NiIsImRvbWFpbl9pZCI6IjE5OTIzMiIsInRfZXBvY2giOjE3MDEzMTMwNTgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfV0=
IP
104.21.20.143:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIxOWYwZjM0My03YjM4LTQ4NTYtNDAxZC1jYjk4NTY1OWQ5NTYiLCJkb21haW5faWQiOiIxOTkyMzIiLCJ0X2Vwb2NoIjoxNzAxMzEzMDU4LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTI4MCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMDI0In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMTlmMGYzNDMtN2IzOC00ODU2LTQwMWQtY2I5ODU2NTlkOTU2IiwiZG9tYWluX2lkIjoiMTk5MjMyIiwidF9lcG9jaCI6MTcwMTMxMzA1OCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMTEtMzAifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjE5ZjBmMzQzLTdiMzgtNDg1Ni00MDFkLWNiOTg1NjU5ZDk1NiIsImRvbWFpbl9pZCI6IjE5OTIzMiIsInRfZXBvY2giOjE3MDEzMTMwNTgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjE5ZjBmMzQzLTdiMzgtNDg1Ni00MDFkLWNiOTg1NjU5ZDk1NiIsImRvbWFpbl9pZCI6IjE5OTIzMiIsInRfZXBvY2giOjE3MDEzMTMwNTgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfV0= HTTP/1.1
Host: naijaparrot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naijaparrot.com
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Cookie: gfm-sprB=YQAOMwtc3WRx09Su; UEDW-Gp_igyCL=e37y5QrGg8YN%40OC6; ezoadgid_199232=-1; ezoref_199232=; ezosuibasgeneris-1=9fba667c-6f73-49fb-65b8-e16700cc3d77; ezoab_199232=mod242; ezopvc_199232=2; lp_199232=https://naijaparrot.com/; ezovuuidtime_199232=1701313059; ezovuuid_199232=35657070-c89b-4eb1-6418-c68646b28576; _ga_XX5ZLSGMZV=GS1.1.1701313064.1.0.1701313064.0.0.0; _ga=GA1.1.1548204184.1701313065; sb_main_52fe43ce90008a9573c0ead833b9be08=1; sb_count_52fe43ce90008a9573c0ead833b9be08=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=ardentlyexposureflushed.com; ezds=ffid%3D1%2Cw%3D1280%2Ch%3D1024; ezohw=w%3D1280%2Ch%3D1024; cf_clearance=DH4VaCNOtVyL_I2E_qvwfnPhNffXPlwBlHQb_9VhBlI-1701313062-0-1-730ca2d2.73a07051.5b213570-0.2.1701313062; ezux_et_199232=0; ezux_tos_199232=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
date: Thu, 30 Nov 2023 02:57:42 GMT
access-control-allow-origin: https://naijaparrot.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
expires: Wed, 29 Nov 2023 02:57:42 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
cf-cache-status: DYNAMIC
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejcAzOGOTsqINauaWlr059rQK2Uom1jb1%2B7vUawueV9XU2VeTi0H%2FcI4p5VjpvJiTsqZeG3tVfa72Xdp6Kr05QJKP4E8%2FYCqKeA9uTSZLxSFOoH4NYayEVVPVEl8R36XjMM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfd312edb256c4-OSL
alt-svc: h3=":443"; ma=86400

104.21.20.143

0 B

URL
naijaparrot.com/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIxOWYwZjM0My03YjM4LTQ4NTYtNDAxZC1jYjk4NTY1OWQ5NTYiLCJkb21haW5faWQiOiIxOTkyMzIiLCJ0X2Vwb2NoIjoxNzAxMzEzMDU4LCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNzAxMzEzMDY3MTY3In1dfV0=
IP
104.21.20.143:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIxOWYwZjM0My03YjM4LTQ4NTYtNDAxZC1jYjk4NTY1OWQ5NTYiLCJkb21haW5faWQiOiIxOTkyMzIiLCJ0X2Vwb2NoIjoxNzAxMzEzMDU4LCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNzAxMzEzMDY3MTY3In1dfV0= HTTP/1.1
Host: naijaparrot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://naijaparrot.com
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Cookie: gfm-sprB=YQAOMwtc3WRx09Su; UEDW-Gp_igyCL=e37y5QrGg8YN%40OC6; ezoadgid_199232=-1; ezoref_199232=; ezosuibasgeneris-1=9fba667c-6f73-49fb-65b8-e16700cc3d77; ezoab_199232=mod242; ezopvc_199232=2; lp_199232=https://naijaparrot.com/; ezovuuidtime_199232=1701313059; ezovuuid_199232=35657070-c89b-4eb1-6418-c68646b28576; _ga_XX5ZLSGMZV=GS1.1.1701313064.1.0.1701313064.0.0.0; _ga=GA1.1.1548204184.1701313065; sb_main_52fe43ce90008a9573c0ead833b9be08=1; sb_count_52fe43ce90008a9573c0ead833b9be08=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=ardentlyexposureflushed.com; ezds=ffid%3D1%2Cw%3D1280%2Ch%3D1024; ezohw=w%3D1280%2Ch%3D1024; cf_clearance=DH4VaCNOtVyL_I2E_qvwfnPhNffXPlwBlHQb_9VhBlI-1701313062-0-1-730ca2d2.73a07051.5b213570-0.2.1701313062; ezux_et_199232=0; ezux_tos_199232=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
date: Thu, 30 Nov 2023 02:57:42 GMT
access-control-allow-origin: https://naijaparrot.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
expires: Wed, 29 Nov 2023 02:57:42 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
cf-cache-status: DYNAMIC
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOWT4v791jujtdKRJD4kenx717eEUPS0PRSZ2vGeCjiFVF2UQm2KnzaALJGGOZkmQ3qkQt2eK3edm00TqZk4oD9prcziD353GfJ7yKXSIvvZjrsT1r%2Ft9nwlxxIQKDR3KVE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfd312edb456c4-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.67

16 kB

URL
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://naijaparrot.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:13:56 GMT
expires: Thu, 28 Nov 2024 21:13:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 20627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://naijaparrot.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 04:57:34 GMT
expires: Fri, 22 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 597609
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ardentlyexposureflushed.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRit3o0n8aAsiAdhLsIKMqmentmZcQ%2BLcc0ajEncH3LwVF1VM6lNdVdT1T09GS%2FBBdnjKB48dt4kG9RldT0KwjLxIgHF9iA5bGDxKnsRFvEkMxkY%2FaD7e%2B97dXjvq%2FpkLzslFBk72XjfDJTWbLFRpZWLmyoWJneVtZsVn1bp5cqmii%2FVL1f6k5%2FtvenTRpW%2BXrkm%2BbZZrFGfUp%2F6lWVlZcf0F6cqVHK%2F7VfbtFqvVf1GHX37f%2B4yD455EL1T8hKUKJ%2Fb%2BukhFB8jjr69Kt12apI33okyzVJj0ROHt%2BLt2OQxojnsWA%2Bd%2BHB2GsaVhHxxDiY%2BnCWA6e1PEiBUJfF%2B9xHGhzObCHsHZ05DDRkjFM8j740h9RiKjcHNHSjxKwG4wNo64ujemrE52zlT2UQtycKzv6Dykiw8voA4erCkVb9yw%2BgsVSZ26HcKqP4YqjtGkh0hHXhQ%2BRF4%2BjGU%2BJksPltFHO2vO22gRDFNr9QYqjOGlkMw5yGbfMpD1vGQJR4icVJhjXaH0mYn7ARBq845DwLOG61LoiGCeqtDkfGJvSHSZAiuh%2BB2F4ndxbYawmaP4LYKOOHBpSXxPthFTxTIJUHuCHJGkCuCPCXIe8WB0K7mintCuyz0Z70260ExMml3jx2YtCtjspeckhene%2Fn7yWfYlieVRq0j6wGXbUppi7UbzYBTyUQrCMJ2KGkLThVQ7tw06kCV5OXHvyBRJVn48xFCdgSnj8DVebDsVbB81KxRsK1RvUUxiL%2BJmbrNEmatSavcRBCmQJIuIN3x9vQpeWVq5d3vP4Tkx1c%2BHzy59uDCR%2BC2QGIL3FY%2FEnT13dF1k5P96yZ35OF6kqpIDdjk%2Bm6kLJXnv3pP7uTGipWrbvjlW3wiTOD9m9KlqywWKu468vWSEkLaZWO5JD%2BsuE0ZbmRuaymzcZasbry9vBIlVjqnTDwGUyUhT78DVyV54ambPs2Lt%2F6AsmPYrECUHZNZQZkj8GQXLpnPnCGwes7DxEOeFSNbC%2BdDrQi0nHMWFnD%2F4eEc77m76FoPLL2DOCrQswV6ugDTQ7js%2FChN7PGV34JpIdTeKNTW2w%2B11Z%2BeLdepk0rDr8tW2GpyIULJhd%2BsBa2A0poQ9WZb%2Bm2krpTdf177FwAA%2F%2F8BAAD%2F%2F3CWi7FyBAAA

192.243.59.12

7 B

URL
ardentlyexposureflushed.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRit3o0n8aAsiAdhLsIKMqmentmZcQ%2BLcc0ajEncH3LwVF1VM6lNdVdT1T09GS%2FBBdnjKB48dt4kG9RldT0KwjLxIgHF9iA5bGDxKnsRFvEkMxkY%2FaD7e%2B97dXjvq%2FpkLzslFBk72XjfDJTWbLFRpZWLmyoWJneVtZsVn1bp5cqmii%2FVL1f6k5%2FtvenTRpW%2BXrkm%2BbZZrFGfUp%2F6lWVlZcf0F6cqVHK%2F7VfbtFqvVf1GHX37f%2B4yD455EL1T8hKUKJ%2Fb%2BukhFB8jjr69Kt12apI33okyzVJj0ROHt%2BLt2OQxojnsWA%2Bd%2BHB2GsaVhHxxDiY%2BnCWA6e1PEiBUJfF%2B9xHGhzObCHsHZ05DDRkjFM8j740h9RiKjcHNHSjxKwG4wNo64ujemrE52zlT2UQtycKzv6Dykiw8voA4erCkVb9yw%2BgsVSZ26HcKqP4YqjtGkh0hHXhQ%2BRF4%2BjGU%2BJksPltFHO2vO22gRDFNr9QYqjOGlkMw5yGbfMpD1vGQJR4icVJhjXaH0mYn7ARBq845DwLOG61LoiGCeqtDkfGJvSHSZAiuh%2BB2F4ndxbYawmaP4LYKOOHBpSXxPthFTxTIJUHuCHJGkCuCPCXIe8WB0K7mintCuyz0Z70260ExMml3jx2YtCtjspeckhene%2Fn7yWfYlieVRq0j6wGXbUppi7UbzYBTyUQrCMJ2KGkLThVQ7tw06kCV5OXHvyBRJVn48xFCdgSnj8DVebDsVbB81KxRsK1RvUUxiL%2BJmbrNEmatSavcRBCmQJIuIN3x9vQpeWVq5d3vP4Tkx1c%2BHzy59uDCR%2BC2QGIL3FY%2FEnT13dF1k5P96yZ35OF6kqpIDdjk%2Bm6kLJXnv3pP7uTGipWrbvjlW3wiTOD9m9KlqywWKu468vWSEkLaZWO5JD%2BsuE0ZbmRuaymzcZasbry9vBIlVjqnTDwGUyUhT78DVyV54ambPs2Lt%2F6AsmPYrECUHZNZQZkj8GQXLpnPnCGwes7DxEOeFSNbC%2BdDrQi0nHMWFnD%2F4eEc77m76FoPLL2DOCrQswV6ugDTQ7js%2FChN7PGV34JpIdTeKNTW2w%2B11Z%2BeLdepk0rDr8tW2GpyIULJhd%2BsBa2A0poQ9WZb%2Bm2krpTdf177FwAA%2F%2F8BAAD%2F%2F3CWi7FyBAAA
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRit3o0n8aAsiAdhLsIKMqmentmZcQ%2BLcc0ajEncH3LwVF1VM6lNdVdT1T09GS%2FBBdnjKB48dt4kG9RldT0KwjLxIgHF9iA5bGDxKnsRFvEkMxkY%2FaD7e%2B97dXjvq%2FpkLzslFBk72XjfDJTWbLFRpZWLmyoWJneVtZsVn1bp5cqmii%2FVL1f6k5%2FtvenTRpW%2BXrkm%2BbZZrFGfUp%2F6lWVlZcf0F6cqVHK%2F7VfbtFqvVf1GHX37f%2B4yD455EL1T8hKUKJ%2Fb%2BukhFB8jjr69Kt12apI33okyzVJj0ROHt%2BLt2OQxojnsWA%2Bd%2BHB2GsaVhHxxDiY%2BnCWA6e1PEiBUJfF%2B9xHGhzObCHsHZ05DDRkjFM8j740h9RiKjcHNHSjxKwG4wNo64ujemrE52zlT2UQtycKzv6Dykiw8voA4erCkVb9yw%2BgsVSZ26HcKqP4YqjtGkh0hHXhQ%2BRF4%2BjGU%2BJksPltFHO2vO22gRDFNr9QYqjOGlkMw5yGbfMpD1vGQJR4icVJhjXaH0mYn7ARBq845DwLOG61LoiGCeqtDkfGJvSHSZAiuh%2BB2F4ndxbYawmaP4LYKOOHBpSXxPthFTxTIJUHuCHJGkCuCPCXIe8WB0K7mintCuyz0Z70260ExMml3jx2YtCtjspeckhene%2Fn7yWfYlieVRq0j6wGXbUppi7UbzYBTyUQrCMJ2KGkLThVQ7tw06kCV5OXHvyBRJVn48xFCdgSnj8DVebDsVbB81KxRsK1RvUUxiL%2BJmbrNEmatSavcRBCmQJIuIN3x9vQpeWVq5d3vP4Tkx1c%2BHzy59uDCR%2BC2QGIL3FY%2FEnT13dF1k5P96yZ35OF6kqpIDdjk%2Bm6kLJXnv3pP7uTGipWrbvjlW3wiTOD9m9KlqywWKu468vWSEkLaZWO5JD%2BsuE0ZbmRuaymzcZasbry9vBIlVjqnTDwGUyUhT78DVyV54ambPs2Lt%2F6AsmPYrECUHZNZQZkj8GQXLpnPnCGwes7DxEOeFSNbC%2BdDrQi0nHMWFnD%2F4eEc77m76FoPLL2DOCrQswV6ugDTQ7js%2FChN7PGV34JpIdTeKNTW2w%2B11Z%2BeLdepk0rDr8tW2GpyIULJhd%2BsBa2A0poQ9WZb%2Bm2krpTdf177FwAA%2F%2F8BAAD%2F%2F3CWi7FyBAAA HTTP/1.1
Host: ardentlyexposureflushed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Cookie: u_pl=16310674; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 02:57:43 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3e4cd0189ddf58b3d40100d798fa634b
Strict-Transport-Security: max-age=0; includeSubdomains

t.dtscout.com/pv/

141.101.120.11

1 B

URL
t.dtscout.com/pv/
IP
141.101.120.11:0
ASN
#13335 CLOUDFLARENET

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

HTTP Headers

POST /pv/ HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------182148093150601817132034926
Content-Length: 1162
Origin: https://naijaparrot.com
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Cookie: m=1; oa=1; df=1701313061
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:43 GMT
content-type: application/javascript
x-t: 0.107
x-c: 0
expires: Thu, 30 Nov 2023 02:57:42 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyy9364lct0MXxUFockTDcg3QmtJhDlyzVhdx0ULG%2B6HPjG2W0I6Vb5YfoM0H73GvA2J947UQC5hycauxzItVzADvQPO9dXIHwFXPMdJk648Jyu%2BOhwX1%2B9kP3E5SBg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfd312efdc0a2c-ARN
content-encoding: br
X-Firefox-Spdy: h2

conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16312158

192.243.59.20

1.4 kB

URL
conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16312158
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (480)
Size
1.4 kB (1386 bytes)
Hash
15bca53dd0e7c3cf34dd756c92e7f0a3
650794e378f4bc96298eba3ef5fbdc2476650044
eae90cc34b65bf19fc061b64c8f59c196ac45bdeeec77a6cde46fa0de61959fd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16312158 HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 02:57:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Fri, 01 Dec 2023 02:57:43 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTYzMTIxNTgiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9uYWlqYXBhcnJvdC5jb20vIn19.DUPxFoJW3jmv20bf8-6HciopjOFNe12IJ7cEeUlTUKM; expires=Thu, 30 Nov 2023 02:58:43 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6b2bcf6734f78c246d32bf786c37aad6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.google.com/cse/static/images/1x/en/branding.png

142.250.74.100

200 OK

1.4 kB

URL GET HTTP/2
www.google.com/cse/static/images/1x/en/branding.png
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://naijaparrot.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT

File type
PNG image data, 124 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1372 bytes)
Hash
5fa765d6ecd4ddbe72abbac8698fa4b0
468231e63b1ab3ed01a9488f5c981b141a54d024
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

HTTP Headers

GET /cse/static/images/1x/en/branding.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 1372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:48:51 GMT
expires: Thu, 28 Nov 2024 21:48:51 GMT
cache-control: public, max-age=31536000
age: 18532
last-modified: Mon, 25 May 2020 08:30:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE2MzEyMTU4JnBzdD0xNzAxMzEzMTIzJnJlZmVyPWh0dHBzJTNBJTJGJTJGbmFpamFwYXJyb3QuY29tJTJGJnJtdGM9dCZzaHU9ZGMxZjU3MmRmYzE1YTg1ZGQ2M2ViZTIzNGFlMDFkOTM5YzE3ZTcxYzNlMDE3OWY2NzFkYmZlMzBkZTllZmZjZGE1NDg0OWY5OTIzNzg5ZWE2ODczZGYyMWI1OTVjZDU1NjljZjM5MmRmODQ4YjdiNDc1MWU5MDNiZWUwMzBiYzAxYWQ5YTg1OTcwOWZiNGZlOGMzNzljNmFkZWNmNGM3Nzg5MzllOWRiYWEyODczZjQ0NjEyOGQ2OTE2NjAyZA%3D%3D&uuid=&pii=&in=false

192.243.59.13

0 B

URL
conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE2MzEyMTU4JnBzdD0xNzAxMzEzMTIzJnJlZmVyPWh0dHBzJTNBJTJGJTJGbmFpamFwYXJyb3QuY29tJTJGJnJtdGM9dCZzaHU9ZGMxZjU3MmRmYzE1YTg1ZGQ2M2ViZTIzNGFlMDFkOTM5YzE3ZTcxYzNlMDE3OWY2NzFkYmZlMzBkZTllZmZjZGE1NDg0OWY5OTIzNzg5ZWE2ODczZGYyMWI1OTVjZDU1NjljZjM5MmRmODQ4YjdiNDc1MWU5MDNiZWUwMzBiYzAxYWQ5YTg1OTcwOWZiNGZlOGMzNzljNmFkZWNmNGM3Nzg5MzllOWRiYWEyODczZjQ0NjEyOGQ2OTE2NjAyZA%3D%3D&uuid=&pii=&in=false
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE2MzEyMTU4JnBzdD0xNzAxMzEzMTIzJnJlZmVyPWh0dHBzJTNBJTJGJTJGbmFpamFwYXJyb3QuY29tJTJGJnJtdGM9dCZzaHU9ZGMxZjU3MmRmYzE1YTg1ZGQ2M2ViZTIzNGFlMDFkOTM5YzE3ZTcxYzNlMDE3OWY2NzFkYmZlMzBkZTllZmZjZGE1NDg0OWY5OTIzNzg5ZWE2ODczZGYyMWI1OTVjZDU1NjljZjM5MmRmODQ4YjdiNDc1MWU5MDNiZWUwMzBiYzAxYWQ5YTg1OTcwOWZiNGZlOGMzNzljNmFkZWNmNGM3Nzg5MzllOWRiYWEyODczZjQ0NjEyOGQ2OTE2NjAyZA%3D%3D&uuid=&pii=&in=false HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://conqueredallrightswell.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTYzMTIxNTgiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9uYWlqYXBhcnJvdC5jb20vIn19.DUPxFoJW3jmv20bf8-6HciopjOFNe12IJ7cEeUlTUKM; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 02:57:44 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=2fd85734f425e85a31368ca1abb6fa4a&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
Set-Cookie: iprc9fb59f11ee0d1c4c1551a97ffb3cbd9b=4641329; expires=Fri, 01 Dec 2023 02:57:44 GMT
pdhtkv=true; expires=Fri, 01 Dec 2023 02:57:44 GMT
uncs=1; expires=Fri, 01 Dec 2023 02:57:44 GMT
pdhtkv28=true; expires=Fri, 01 Dec 2023 02:57:44 GMT
uncs28=1; expires=Fri, 01 Dec 2023 02:57:44 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5a5b8c4556178bd5445c2961555002fb
Strict-Transport-Security: max-age=0; includeSubdomains

violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=2fd85734f425e85a31368ca1abb6fa4a&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625

192.64.81.118

0 B

URL
violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=2fd85734f425e85a31368ca1abb6fa4a&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
IP
192.64.81.118:0
ASN
#19318 IS-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=2fd85734f425e85a31368ca1abb6fa4a&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625 HTTP/1.1
Host: violationphysics.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Thu, 30 Nov 2023 02:57:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=h9ejhea5ib; expires=Fri, 01-Dec-2023 02:57:44 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=h9ejhea5ib-h9ejhea5ib-hq1m-0-q5a4bl-ftxofe-ft8pdz-1ab6e6; expires=Fri, 01-Dec-2023 02:57:44 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=afb39h9ejhea5ibea1&sub_id=16122660
Strict-Transport-Security: max-age=31536000

vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=afb39h9ejhea5ibea1&sub_id=16122660

172.67.205.133

0 B

URL
vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=afb39h9ejhea5ibea1&sub_id=16122660
IP
172.67.205.133:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?pl=zKByXHsQK0ydGD7DogbGyA&click_id=afb39h9ejhea5ibea1&sub_id=16122660 HTTP/1.1
Host: vvfal.rigelbetelgeuse.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 30 Nov 2023 02:57:45 GMT
content-length: 0
location: https://vvfal.veinmaster.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=afb39h9ejhea5ibea1&sub_id=16122660&nrid=3b811f5a41264fbe8d2e3821cde1f1de&hash=iqUJvXZC3wxREIZq72sXEg&exp=1701313365
set-cookie: zKByXHsQK0ydGD7DogbGyA=5; max-age=345600; path=/; samesite=lax
__pl=32263a1e-1e7f-4e0f-95fa-f530f8b2afc2; expires=Sun, 30 Nov 2025 02:57:45 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoENInbyGmeE7jFY8UMb3vsVbeiVrBr5UmFCvxDT4Muo3yP8MXpd419gepY%2FJwnhYHB1Vrd9itk6Owa7QW1en5x0lnVGa1wZuwlg53iiNcOaLQGNa3znwAQzbHY6p3ozEBH06O0skNMzYHne"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfd3221f69712d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

vvfal.veinmaster.top/eyes-robot/assets/1.png

104.21.3.144

11 kB

URL
vvfal.veinmaster.top/eyes-robot/assets/1.png
IP
104.21.3.144:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 179 x 278, 8-bit colormap, non-interlaced\012- data
Size
11 kB (10591 bytes)
Hash
a6fa8154cc36da494df7b5103329c15a
3a2310088bcec14f7c0187f8409a5af5395665e8
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

HTTP Headers

GET /eyes-robot/assets/1.png HTTP/1.1
Host: vvfal.veinmaster.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.veinmaster.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=afb39h9ejhea5ibea1&sub_id=16122660&nrid=3b811f5a41264fbe8d2e3821cde1f1de&hash=iqUJvXZC3wxREIZq72sXEg&exp=1701313365
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 02:57:45 GMT
content-type: image/png
content-length: 10591
last-modified: Mon, 27 Nov 2023 08:11:03 GMT
etag: "65644f17-295f"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7OFnGe3he%2B0ck2brYGfqq6vSKO5Kz9vcyPsHDe3GNdusbZKDlvd%2F0yK%2F52pc1960p2ikhXvff3yH0D3D%2B1EQ%2FOLC0gqX7fZzasfwTuJmkRD%2FdeiyqHMH%2BFzjQ5pgrSc6nSvBG%2BBwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfd324c8db0b55-OSL
alt-svc: h3=":443"; ma=86400

vvfal.veinmaster.top/eyes-robot/assets/2.png

104.21.3.144

1.1 kB

URL
vvfal.veinmaster.top/eyes-robot/assets/2.png
IP
104.21.3.144:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 94 x 19, 8-bit colormap, non-interlaced\012- data
Size
1.1 kB (1061 bytes)
Hash
d708fbf0358752a082f5a394b74adda8
231c1527b4b039eb3af7d7e9eb5587ed87f6ea81
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

HTTP Headers

GET /eyes-robot/assets/2.png HTTP/1.1
Host: vvfal.veinmaster.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.veinmaster.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=afb39h9ejhea5ibea1&sub_id=16122660&nrid=3b811f5a41264fbe8d2e3821cde1f1de&hash=iqUJvXZC3wxREIZq72sXEg&exp=1701313365
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 02:57:45 GMT
content-type: image/png
content-length: 1061
last-modified: Mon, 27 Nov 2023 08:11:03 GMT
etag: "65644f17-425"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcM4kvKqBejAAH2llgdOjYwKq9Zl6dcDWv1IMSIzr020dFrluiCLl1KuZitt%2BDOo%2BDROKu1y0J2qObQVIo1M3ez6V2lCp05J%2BZVACX7SDnWRGuA3csBY%2Bv6MTsHubxPPJj8bVpWJrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfd324d8dc0b55-OSL
alt-svc: h3=":443"; ma=86400

naijaparrot.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.21.20.143

16 kB

URL
naijaparrot.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.21.20.143:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
16 kB (16158 bytes)
Hash
b25aaee4507baee0a4cafe25e4117fe2
c5372afa09979c01b7466771505af23d83c7a8c3
afc08c488be5ffec2e65426a3369cdf3593acf60e3a2adf54c757cb4abce9352

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: naijaparrot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: gfm-sprB=YQAOMwtc3WRx09Su; UEDW-Gp_igyCL=e37y5QrGg8YN%40OC6; ezoadgid_199232=-1; ezoref_199232=; ezosuibasgeneris-1=9fba667c-6f73-49fb-65b8-e16700cc3d77; ezoab_199232=mod242; ezopvc_199232=2; lp_199232=https://naijaparrot.com/; ezovuuidtime_199232=1701313059; ezovuuid_199232=35657070-c89b-4eb1-6418-c68646b28576; _ga_XX5ZLSGMZV=GS1.1.1701313064.1.0.1701313064.0.0.0; _ga=GA1.1.1548204184.1701313065; sb_main_52fe43ce90008a9573c0ead833b9be08=1; sb_count_52fe43ce90008a9573c0ead833b9be08=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=ardentlyexposureflushed.com; ezds=ffid%3D1%2Cw%3D1280%2Ch%3D1024; ezohw=w%3D1280%2Ch%3D1024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 30 Nov 2023 02:57:41 GMT
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control: max-age=300, public
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fr0UWO9gmti4vEZQI4EOXtgbt6EGNfyo6nP167w%2FDL%2FEHGclAL6cH5yjDet7vH6neaTpAlBpaioNZ4NaUoSSLptKg%2FwP4F9XX7lcnN5XhgZ%2BHnT%2F4rK65yo79ELkX2O8H7s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfd30c0b9c56c4-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

694 B

URL
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
694 B (694 bytes)
Hash
cb2c9df74facee436bb99358b04d9bab
4bf65a78e6a0566051b5b47b75e8b0deac478071
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 30 Nov 2023 02:57:42 GMT
date: Thu, 30 Nov 2023 02:57:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

vvfal.veinmaster.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=afb39h9ejhea5ibea1&sub_id=16122660&nrid=3b811f5a41264fbe8d2e3821cde1f1de&hash=iqUJvXZC3wxREIZq72sXEg&exp=1701313365

104.21.3.144

24 kB

URL
vvfal.veinmaster.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=afb39h9ejhea5ibea1&sub_id=16122660&nrid=3b811f5a41264fbe8d2e3821cde1f1de&hash=iqUJvXZC3wxREIZq72sXEg&exp=1701313365
IP
104.21.3.144:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
24 kB (24006 bytes)
Hash
676bda11344b80429881cb1da5d3c12b
6cf077b09a1f1acbdaab9c1f649428ab152c468b
a7c437eb2c0783165f417fc89a9bb8196b9f24a1099aedc682e1238ac57d2823

HTTP Headers

GET /eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=afb39h9ejhea5ibea1&sub_id=16122660&nrid=3b811f5a41264fbe8d2e3821cde1f1de&hash=iqUJvXZC3wxREIZq72sXEg&exp=1701313365 HTTP/1.1
Host: vvfal.veinmaster.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:45 GMT
content-type: text/html
last-modified: Mon, 27 Nov 2023 08:11:03 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2rhoUdYdJk4b9UbwhLH33EH8NopzqPkRbDvyGfw6zagZDoI90MruhNnu94mfbYJ3tjkQYKxdrMYmqhQIcwBbF%2BuqU2GISKuVKLY%2BYc4INZ0pZ%2BkMgfG%2ByNEf6HPs%2FUsKUTCswAEFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfd3239dca1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

142.250.74.3

9.9 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (38231)
Size
9.9 kB (9934 bytes)
Hash
0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

HTTP Headers

GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.veinmaster.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:31 GMT
expires: Fri, 22 Nov 2024 05:05:31 GMT
cache-control: public, max-age=31536000
age: 597135
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Early-Data: accepted

a.veinmaster.top/eyes-robot/assets/1.png

104.21.3.144

11 kB

URL
a.veinmaster.top/eyes-robot/assets/1.png
IP
104.21.3.144:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 179 x 278, 8-bit colormap, non-interlaced\012- data
Size
11 kB (10591 bytes)
Hash
a6fa8154cc36da494df7b5103329c15a
3a2310088bcec14f7c0187f8409a5af5395665e8
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

HTTP Headers

GET /eyes-robot/assets/1.png HTTP/1.1
Host: a.veinmaster.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.veinmaster.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=afb39h9ejhea5ibea1&sub_id=16122660&nrid=3b811f5a41264fbe8d2e3821cde1f1de&hash=iqUJvXZC3wxREIZq72sXEg&exp=1701313365
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 02:57:46 GMT
content-type: image/png
content-length: 10591
last-modified: Mon, 27 Nov 2023 08:11:03 GMT
etag: "65644f17-295f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3897
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VllfrLBxJTjX9hnn9mkj9mw1zQWyJ5iYNyuw2uI0GTgkyifo0QARERFKq4fHHVpBGQ9aYu%2BOes3pK1EfhNnmwBKoj27yMDh2qu3IXuHiW7niM%2Bqx3g7I1aoZ10xgW2IypNvm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfd329f9650b55-OSL
alt-svc: h3=":443"; ma=86400

naijaparrot.com/detroitchicago/vista.js?gcb=195-0&cb=5

104.21.20.143

1.6 kB

URL
naijaparrot.com/detroitchicago/vista.js?gcb=195-0&cb=5
IP
104.21.20.143:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1049), with no line terminators
Size
1.6 kB (1556 bytes)
Hash
b5205c62d9841917f45072c81c1f1f9d
41db4cbaf8e5bffb05e6cb33b57ebee8a5e47f3c
803564d2f40968a670c5748859a0cfece2016ee109d1eea9aa1fbda64553e5c3

HTTP Headers

GET /detroitchicago/vista.js?gcb=195-0&cb=5 HTTP/1.1
Host: naijaparrot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://naijaparrot.com/
Cookie: gfm-sprB=YQAOMwtc3WRx09Su; UEDW-Gp_igyCL=e37y5QrGg8YN%40OC6; ezoadgid_199232=-1; ezoref_199232=; ezosuibasgeneris-1=9fba667c-6f73-49fb-65b8-e16700cc3d77; ezoab_199232=mod242; ezopvc_199232=1; lp_199232=https://naijaparrot.com/; ezovuuidtime_199232=1701313058; ezovuuid_199232=35657070-c89b-4eb1-6418-c68646b28576
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 02:57:39 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=1062
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
cf-cache-status: HIT
age: 485230
last-modified: Fri, 24 Nov 2023 12:10:29 GMT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1r12aH%2BnXeEhAqAEjKWvOTRDKuCOpKImTbxGn8QoW6RUF2%2BhZZR5yXk1y0cuvb154RI3exq9p0lBUOWezHXy9pEl9pi5AahwO8ABh1mbgcOyi8acT%2FDmHy3iDST9LbU2dB8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfd2fccfc656c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.veinmaster.top/eyes-robot/assets/trls.js

104.21.3.144

13 kB

URL
a.veinmaster.top/eyes-robot/assets/trls.js
IP
104.21.3.144:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators
Size
13 kB (12776 bytes)
Hash
0cdacbfa8d68265ac3893b159a75682a
a85878b59036d00ac878739dc187305bc29df8c3
2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b

HTTP Headers

GET /eyes-robot/assets/trls.js HTTP/1.1
Host: a.veinmaster.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.veinmaster.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=afb39h9ejhea5ibea1&sub_id=16122660&nrid=3b811f5a41264fbe8d2e3821cde1f1de&hash=iqUJvXZC3wxREIZq72sXEg&exp=1701313365
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 02:57:46 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 08:11:03 GMT
etag: W/"65644f17-2af6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1058
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JG2AIryuCFAVLBR%2B%2FOMDinFCmU9HlWMg9B%2FYhlRl3crN%2FKWWyeNANDNHHeLvT0fLawLC7gO7LANFQHDRQSc5Dgmo1oD0Nqcx%2BL3jB%2BKX9CocEJ4%2Be4WA3gOIUsAa88dGozZ8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfd329e9610b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.veinmaster.top/eyes-robot/assets/style.css

104.21.3.144

14 kB

URL
a.veinmaster.top/eyes-robot/assets/style.css
IP
104.21.3.144:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
14 kB (14060 bytes)
Hash
a18afa3eac509b6062c9362a725ac421
5e06e9b3af42189e9456a7ea3bda665e10c86405
29ee31143c5bd03b7dcaf2e40476e50c4ed26d32a725525a4f3dced678c90896

HTTP Headers

GET /eyes-robot/assets/style.css HTTP/1.1
Host: a.veinmaster.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.veinmaster.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=afb39h9ejhea5ibea1&sub_id=16122660&nrid=3b811f5a41264fbe8d2e3821cde1f1de&hash=iqUJvXZC3wxREIZq72sXEg&exp=1701313365
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 02:57:46 GMT
content-type: text/css
last-modified: Mon, 27 Nov 2023 08:11:03 GMT
etag: W/"65644f17-cf6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1058
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOVNp45MtPdKIIqIirOwgZFn5YO42RyxHGqZJyTLy9WKdf3U5%2BeJld5DuZ5Rtt9vLkAEcFVoU3rOT0UeKjpDNMKyADlJD6p1HaJc0gSbUU6P%2BXVTT87Cuji8%2BxwK5TLpTlJb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfd329f9640b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js

142.250.74.3

9.3 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (28368)
Size
9.3 kB (9308 bytes)
Hash
9900403b65514fad7df39a4e788a6e45
75f9ba061ef4e72bb23528c700f2a11c56d637e9
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5

HTTP Headers

GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.veinmaster.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 26 Nov 2023 18:21:37 GMT
expires: Mon, 25 Nov 2024 18:21:37 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 290169
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

142.250.74.3

9.9 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (38231)
Size
9.9 kB (9934 bytes)
Hash
0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

HTTP Headers

GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.veinmaster.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:31 GMT
expires: Fri, 22 Nov 2024 05:05:31 GMT
cache-control: public, max-age=31536000
age: 597135
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.toprevenuegate.com/zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d

192.243.59.12

1.3 kB

URL
www.toprevenuegate.com/zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (412)
Size
1.3 kB (1338 bytes)
Hash
cc520e6702e80af56e1e959f3b8c7d17
319b22d943886c35e289b2a21f2e2b4bc246102b
05d0f2e0fac181f551a24fa7681c42b8ddccd13fb6ed62b53be18cced5e66acf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 02:57:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=19854905; expires=Fri, 01 Dec 2023 02:57:47 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIn19.s86lgFNLhwDkrFbU8GgXsC4yY5HExbPvZkUcXjcepMk; expires=Thu, 30 Nov 2023 02:58:47 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9f265e78d45339f01e3ea2a330e89133
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxMzEzMTI3JnJtdGM9dCZzaHU9MzYwMzFjNDlhZWZhMzJhYzhiYWZhYWM4ODA1NDk4MWM4M2Q2MTA3NjkzYjA2ZjNkNjVhM2EwMjQyMWIwYmNhZDEyZWUzZDc2YzI4NzI4ZTdhMWJmNWFhN2I3ZTRmZjcxYjY2NTdmODlhZjU0MWZjY2U4MGJlNjJkMWFiMTAwZmZlMTBhOWZlMzUzMWZhZDE4YTU2YjcyZTc3ZjQzNzI2NzllZWE2NzQwOTc3NTdhZGRhODUyZWMzZGMwZDBhMA%3D%3D&uuid=&pii=&in=false

192.243.59.13

302 Found

0 B

URL User Request GET HTTP/1.1
www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxMzEzMTI3JnJtdGM9dCZzaHU9MzYwMzFjNDlhZWZhMzJhYzhiYWZhYWM4ODA1NDk4MWM4M2Q2MTA3NjkzYjA2ZjNkNjVhM2EwMjQyMWIwYmNhZDEyZWUzZDc2YzI4NzI4ZTdhMWJmNWFhN2I3ZTRmZjcxYjY2NTdmODlhZjU0MWZjY2U4MGJlNjJkMWFiMTAwZmZlMTBhOWZlMzUzMWZhZDE4YTU2YjcyZTc3ZjQzNzI2NzllZWE2NzQwOTc3NTdhZGRhODUyZWMzZGMwZDBhMA%3D%3D&uuid=&pii=&in=false
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Certificate
IssuerLet's Encrypt
Subjecttoprevenuegate.com
Fingerprint7D:44:5C:97:A8:B4:D2:87:5C:7C:4E:B7:DA:3A:38:99:85:00:67:40
ValidityFri, 20 Oct 2023 09:02:00 GMT - Thu, 18 Jan 2024 09:01:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxMzEzMTI3JnJtdGM9dCZzaHU9MzYwMzFjNDlhZWZhMzJhYzhiYWZhYWM4ODA1NDk4MWM4M2Q2MTA3NjkzYjA2ZjNkNjVhM2EwMjQyMWIwYmNhZDEyZWUzZDc2YzI4NzI4ZTdhMWJmNWFhN2I3ZTRmZjcxYjY2NTdmODlhZjU0MWZjY2U4MGJlNjJkMWFiMTAwZmZlMTBhOWZlMzUzMWZhZDE4YTU2YjcyZTc3ZjQzNzI2NzllZWE2NzQwOTc3NTdhZGRhODUyZWMzZGMwZDBhMA%3D%3D&uuid=&pii=&in=false HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.toprevenuegate.com/zj77nccnbs?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=19854905
Cookie: u_pl=19854905; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIn19.s86lgFNLhwDkrFbU8GgXsC4yY5HExbPvZkUcXjcepMk; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 02:57:48 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905
Set-Cookie: pdhtkv=true; expires=Fri, 01 Dec 2023 02:57:48 GMT
uncs=1; expires=Fri, 01 Dec 2023 02:57:48 GMT
pdhtkv28=true; expires=Fri, 01 Dec 2023 02:57:48 GMT
uncs28=1; expires=Fri, 01 Dec 2023 02:57:48 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 85d1943fe5b9ee64b2ab286af6fdb4f6
Strict-Transport-Security: max-age=0; includeSubdomains

adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905

13.107.213.53

307 Temporary Redirect

0 B

URL User Request GET HTTP/2
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerTrustwave Holdings, Inc.
Subjectaffiliates.kindredplc.com
Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F
ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
cache-control: private,no-cache, no-store
pragma: no-cache
content-type: text/html
location: https://www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; domain=.unibet.com; expires=Sat, 30-Nov-3022 02:57:48 GMT; path=/; secure; SameSite=Strict
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
x-azure-ref: 0LPpnZQAAAACG64ZGbYSJQIf8GtvjR7fTU1ZHMjBFREdFMDUxNwAyZDk5MzlkMy05NTUxLTQ2ZmYtOGEyNi01ZWZmY2FhMWQ5OGM=
x-cache: CONFIG_NOCACHE
date: Thu, 30 Nov 2023 02:57:48 GMT
content-length: 0
X-Firefox-Spdy: h2

www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950

85.184.96.28

301 Moved Permanently

0 B

URL User Request GET HTTP/2
www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950
IP
85.184.96.28:443
ASN
#47171 Unibet Services Limited

Certificate
IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Thu, 30 Nov 2023 02:57:48 GMT
content-length: 0
location: https://www.unibet.com:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950
set-cookie: JSESSIONID=node01v7rfvfm7oodxkkesi25uc90r3807658.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01v7rfvfm7oodxkkesi25uc90r; Path=/; Domain=.unibet.com; Expires=Sat, 29-Nov-2025 02:57:48 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.com; Expires=Sat, 29-Nov-2025 02:57:48 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://www.toprevenuegate.com/"; Path=/; Domain=.unibet.com; Expires=Sat, 29-Nov-2025 02:57:48 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.com; Secure; SameSite=None
B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; Path=/; Domain=.unibet.com; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.com; Secure; SameSite=None
PID=94151521; Path=/; Domain=.unibet.com; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; Path=/; Domain=.unibet.com; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; Path=/; Domain=.unibet.com; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.com; Path=/; SameSite=None; Secure
referer: https://www.toprevenuegate.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 30 Nov 2023 02:57:48 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2

www.unibet.com/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950

85.184.96.28

301 Moved Permanently

0 B

URL User Request GET HTTP/2
www.unibet.com/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950
IP
85.184.96.28:443
ASN
#47171 Unibet Services Limited

Certificate
IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
date: Thu, 30 Nov 2023 02:57:48 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 30 Nov 2023 02:57:48 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png

172.64.144.152

302 Found

0 B

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Thu, 30 Nov 2023 02:57:49 GMT
content-length: 0
location: https://www.unibet.com/
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfd33b4a460b69-OSL
X-Firefox-Spdy: h2

a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js

85.184.96.5

200 OK

956 B

URL GET HTTP/2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP
85.184.96.5:443
ASN
#47171 Unibet Services Limited

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT

File type
ASCII text
Size
956 B (956 bytes)
Hash
fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47

HTTP Headers

GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg

172.64.144.152

200 OK

1.5 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3207), with no line terminators
Size
1.5 kB (1472 bytes)
Hash
730e6377072b77d80bca30d96fb63b27
64bf5fa49e24ff2f79ad9152f3ef7bd7baab5ad0
bb461ad12e6f931815042b57a447b64e8d3a06d1576c1f7c79b9c7e5a42a8b34

HTTP Headers

GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: image/svg+xml
cf-ray: 82dfd33b4a3b0b69-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 81221
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702B55A494"
last-modified: Wed, 13 Sep 2023 15:43:25 GMT
vary: Accept-Encoding
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 862f85ee-201e-005b-777e-1e2b39000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

216.58.207.234

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 02:51:14 GMT
expires: Fri, 29 Nov 2024 02:51:14 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

naijaparrot.com/

104.21.20.143

55 kB

URL
naijaparrot.com/
IP
104.21.20.143:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (37903)
Size
55 kB (54570 bytes)
Hash
1f98b151653754b9b9355318b61861e6
db2292829ac0db885780a185b93266896634c0df
c89493c116e279025ad26affc13b4861d50665399aaea7c0b0d8475356080d0e

HTTP Headers

GET / HTTP/1.1
Host: naijaparrot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: gfm-sprB=YQAOMwtc3WRx09Su; UEDW-Gp_igyCL=e37y5QrGg8YN%40OC6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 02:57:38 GMT
content-type: text/html; charset=utf-8
age: 0
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cache-provider: CLOUDWAYS-CACHE-DE
display: orig_site_sol
expires: Wed, 29 Nov 2023 02:57:38 GMT
last-modified: Thu, 30 Nov 2023 02:41:06 GMT
pagespeed: off
response: 200
set-cookie: ezoadgid_199232=-1; Path=/; Domain=naijaparrot.com; Expires=Thu, 30 Nov 2023 03:27:38 UTC
ezoref_199232=; Path=/; Domain=naijaparrot.com; Expires=Thu, 30 Nov 2023 04:57:38 UTC
ezosuibasgeneris-1=9fba667c-6f73-49fb-65b8-e16700cc3d77; Path=/; Domain=naijaparrot.com; Expires=Fri, 29 Nov 2024 02:57:38 UTC; Secure; SameSite=None
ezoab_199232=mod242; Path=/; Domain=naijaparrot.com; Expires=Thu, 30 Nov 2023 04:57:38 UTC
ezopvc_199232=1; Path=/; Domain=naijaparrot.com; Expires=Thu, 30 Nov 2023 03:27:38 UTC
lp_199232=https://naijaparrot.com/; Path=/; Domain=naijaparrot.com; Expires=Thu, 30 Nov 2023 03:27:38 UTC
ezovuuidtime_199232=1701313058; Path=/; Domain=naijaparrot.com; Expires=Sat, 02 Dec 2023 02:57:38 UTC
ezovuuid_199232=35657070-c89b-4eb1-6418-c68646b28576; Path=/; Domain=naijaparrot.com; Expires=Thu, 30 Nov 2023 03:27:38 UTC
vary: Accept-Encoding,User-Agent
x-cache: MISS
x-ezoic-cdn: Miss
x-middleton-display: orig_site_sol
x-middleton-response: 200
x-origin-cache-control: max-age=0
x-sol: orig
cf-cache-status: DYNAMIC
priority: u=1,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mfMn%2BvBKxypmYYPexA1Fqap81X%2FnrVPYfXD1elgih0t64dXWFp%2BNNhxmEudOmPm8S4D%2FFPb5vqnRg7j1Rx1DImmavdmBlpnb65uaxUgKi%2FVIt7ObyzOn5s5jO9gQ1RP8iw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfd2f82e1e56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png

172.64.144.152

302 Found

0 B

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Thu, 30 Nov 2023 02:57:49 GMT
content-length: 0
location: https://www.unibet.com/
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfd33d4a880b69-OSL
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.7.1/css/all.css

172.64.140.13

200 OK

110 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.7.1/css/all.css
IP
172.64.140.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (54456), with no line terminators
Size
110 kB (110301 bytes)
Hash
7b1d7f457d056ace7b230b587b9f3753
4e0b45eedbe0c405f1faff0d5236a9ee0ff2065b
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

HTTP Headers

GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
last-modified: Fri, 22 Sep 2023 01:45:49 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 2589154
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTYGAozPlnt99FX%2FQfrF7F0SC4QA8C5i%2FZ5P%2B6Td2e%2FKphanjr5w1chEAYGQHOhjJVXeR%2FVYoCxxjOIHFRwKdXq5z9aPbUp5iFskPPMifW9eFXu5Tj%2FClDtCnv8nmhOgBgMVpdtZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfd33c6de54889-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,500

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
1.2 kB (1150 bytes)
Hash
01c019f2b7e8e5d9fc682bb31581d4ed
3877b161cfe6733aad34f567bb82cc745809cda7
08bdb2420630eb7e540b06342177226dbf4492b2bec3f77c72395eb3b6153209

HTTP Headers

GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 30 Nov 2023 02:57:49 GMT
date: Thu, 30 Nov 2023 02:57:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2

172.64.144.152

200 OK

11 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Size
11 kB (10924 bytes)
Hash
0ea5bcff84ae44840b6e9c9d12c8b963
6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b

HTTP Headers

GET /nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: font/woff2
content-length: 10924
cf-ray: 82dfd33d7a8e0b69-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 2562
cache-control: public, max-age=900, immutable
etag: "0x8DBB4702DB224D1"
last-modified: Wed, 13 Sep 2023 15:43:29 GMT
vary: Accept-Encoding
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 079c49b7-601e-0028-537f-0c73aa000000
x-ms-version: 2014-02-14
server: cloudflare
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521

172.64.144.152

200 OK

75 kB

URL User Request GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
75 kB (75318 bytes)
Hash
698db77e2969bc8a7dcc14c21599b6b6
f7c29015d733283c62501bea89afd820eab643bf
168998f26593c8e933cf84a5d32762413177d1a72b1caa35a07cf721a4060e7e

HTTP Headers

GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: text/html; charset=utf-8
cf-ray: 82dfd33989f90b69-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
last-modified: Wed, 13 Sep 2023 15:43:24 GMT
vary: Accept-Encoding
content-md5: aY23filpvIp9zBTCFZm2tg==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 040e24ec-601e-0075-7939-23792e000000
x-ms-version: 2014-02-14
set-cookie: btag=127656177_08098AFBB3A7490F819A4B40154E3DD9;max-age=2592000; domain=.unibet.com;path=/;secure;samesite=none;httponly
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg

172.64.144.152

200 OK

16 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (807), with no line terminators
Size
16 kB (16384 bytes)
Hash
41acdc0efbe24c5e799972ff33c90259
1e5df73ad5bfb5f075815bcb520fabe2e107fe2d
1a91fab46f128a63c74943fe6db7de41509d69ae9f4e36aab9f984cac94fa451

HTTP Headers

GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: image/svg+xml
cf-ray: 82dfd33b4a3c0b69-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 74796
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702B2489E0"
last-modified: Wed, 13 Sep 2023 15:43:25 GMT
vary: Accept-Encoding
content-md5: QazcDvviTF55mXL/M8kCWQ==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 83e30576-601e-0028-58a9-1673aa000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js

172.64.144.152

200 OK

17 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
HTML document, ASCII text
Size
17 kB (17329 bytes)
Hash
ac64b59c98bbe50cf69b6c98fa39585c
0a5cc9fb43b8a208481baaf752dbd504078a764b
28ac02c7302149814ed1c1b8a31b96e1ea94247c3b64888a598f66955d28312c

HTTP Headers

GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 82dfd33b3a360b69-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 511259
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702E25208C"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 348b4653-601e-0038-3c49-0cb6c2000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:53 GMT
expires: Thu, 28 Nov 2024 21:36:53 GMT
cache-control: public, max-age=31536000
age: 19256
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg

172.64.144.152

200 OK

75 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1481), with no line terminators
Size
75 kB (75078 bytes)
Hash
29c87eb58ba8d395124b925a112ab5ac
82dc80de035d36cee22be43d057e223dab5ba80b
758ddcbcbe402aaf16d21ab756daa63b3353b2abf619ca1873a4b6c6b5ac53cf

HTTP Headers

GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: image/svg+xml
cf-ray: 82dfd33b4a450b69-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 500969
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702D1E3897"
last-modified: Wed, 13 Sep 2023 15:43:28 GMT
vary: Accept-Encoding
content-md5: Kch+tYuo05USS5JaESq1rA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 89ff6622-901e-005e-7ca4-16f9e2000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

a1s.unibet.com/orval/tracking/lastclick.min.js

85.184.96.5

200 OK

1.8 kB

URL GET HTTP/2
a1s.unibet.com/orval/tracking/lastclick.min.js
IP
85.184.96.5:443
ASN
#47171 Unibet Services Limited

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT

File type
ASCII text, with very long lines (1881), with no line terminators
Size
1.8 kB (1797 bytes)
Hash
695e4c30089ed5d35b5096257b69bbec
64897f4cdac1a6e4f5d6ed9dcb8b246e3b942841
40fab43e8fa29c9c648a5d56139fe8c35b1fbfb5c826d2fd58c4ceec7a548206

HTTP Headers

GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:24 GMT
etag: W/"705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css

172.64.144.152

200 OK

22 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
ASCII text
Size
22 kB (22452 bytes)
Hash
cd7901ab004cbe23cf68ae6b0486a998
11c4422439ed8b081e672eceef735ed1fcad6e90
01d6d6271e9cfda8348fcde699bbb334310b6ba858f1d01fbe2b08b6ceba6c1b

HTTP Headers

GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: text/css; charset=utf-8
cf-ray: 82dfd33b1a320b69-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 594591
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702AA0A0C4"
last-modified: Wed, 13 Sep 2023 15:43:24 GMT
vary: Accept-Encoding
content-md5: zXkBqwBMviPPaK5rBIapmA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: dda9c37d-401e-0010-5ea4-13d76a000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no

104.40.147.180

200 OK

4.7 kB

URL GET HTTP/2
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP
104.40.147.180:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerMicrosoft Corporation
Subject*.azurewebsites.net
Fingerprint0A:12:F7:66:D9:79:A1:83:48:0D:FC:30:BC:F5:BD:27:AF:F4:1A:84
ValidityTue, 01 Aug 2023 09:55:22 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (5178), with no line terminators
Size
4.7 kB (4706 bytes)
Hash
631915d845ca82d33ab60022714e1ff6
30f782357bfb04d2a311b19a4e116c7a0d00253a
225138234c65e4185b4d10ccddffeec9f5b674156fb2ca1819f5a89baf92f4a0

HTTP Headers

GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Thu, 30 Nov 2023 02:57:50 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=3bc95a0a907b373b7281dbab7510fee65c0d02b1386194a9530165823f0e06fa;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=3bc95a0a907b373b7281dbab7510fee65c0d02b1386194a9530165823f0e06fa;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg

172.64.144.152

200 OK

13 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356)
Size
13 kB (12666 bytes)
Hash
7a982245aa6326903b0e7893885e42fb
47fa69cfed4819f23a8764170e04f5744bd47cd6
18b0e4aa1e8678befe4e7db06e054447b9f96684d817b6424a6b8824042a45fb

HTTP Headers

GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: image/svg+xml
cf-ray: 82dfd33b4a3f0b69-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 601746
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702DD4C2C5"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: epgiRapjJpA7DniTiF5C+w==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: f0a9fb76-d01e-005f-5e18-15a63e000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 17:28:13 GMT
expires: Fri, 22 Nov 2024 17:28:13 GMT
cache-control: public, max-age=31536000
age: 552576
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.unibet.com/

85.184.96.28

200 OK

0 B

URL GET HTTP/2
www.unibet.com/
IP
85.184.96.28:443
ASN
#47171 Unibet Services Limited

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; clientId=polopoly_desktop; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: text/html;charset=utf-8
x-request-id: 7dc7d84848fa11f86ea5a27cc907d872
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Thu, 30 Nov 2023 02:58:49 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2

www.unibet.com/

85.184.96.28

200 OK

0 B

URL GET HTTP/2
www.unibet.com/
IP
85.184.96.28:443
ASN
#47171 Unibet Services Limited

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; clientId=polopoly_desktop; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: text/html;charset=utf-8
x-request-id: 6b61bfd161cf78f059046ca5c14110c7
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Thu, 30 Nov 2023 02:52:17 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg

172.64.144.152

200 OK

1.1 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1092), with no line terminators
Size
1.1 kB (1066 bytes)
Hash
72ece8ff11191ced6c715b6dffb50c8e
f31de9cc333fe23b895c701ac6bfe4a9388f456a
e51fdf1e222c2590c5436e649fbe707d5f80e6b3888bca1509510b9504b43949

HTTP Headers

GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: image/svg+xml
cf-ray: 82dfd33b4a430b69-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 1180
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702CDF8B61"
last-modified: Wed, 13 Sep 2023 15:43:28 GMT
vary: Accept-Encoding
content-md5: 9k4H3E55HXB5I94VinrUOQ==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: edf675d7-401e-005d-54c3-0b1886000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico

172.64.144.152

200 OK

421 B

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
PNG image data, 33 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size
421 B (421 bytes)
Hash
ad2d9f441c6692a806c7b427bb3e536d
4978e1ffc5b62c3e2231d22aeb8f7ac679764abe
95efe0e48a145adb6c6c385cecb0e2a7a3dd2e9a3f7a01ca0647e373602770ed

HTTP Headers

GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: image/x-icon
cf-ray: 82dfd33e4aaf0b69-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 74725
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702ABA666E"
last-modified: Wed, 13 Sep 2023 15:43:24 GMT
vary: Accept-Encoding
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: ac00a8bf-d01e-0002-5b3a-14acba000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2

172.64.140.13

200 OK

74 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
IP
172.64.140.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Size
74 kB (74320 bytes)
Hash
3638e62ea50e6f5859b6a15276c25c87
f5aa1a463e223a294a42b314e1c63a614d594ec0
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9

HTTP Headers

GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: font/woff2
content-length: 74320
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "3638e62ea50e6f5859b6a15276c25c87"
last-modified: Fri, 22 Sep 2023 01:45:51 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 1552
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s922TB0OwNRIgl9N%2BDUipjhbckoBAY7UZF8Hh%2B6zwvnsLv8lJr2Jeh%2BkcDDmnJyKh6LSVUHJWz9K1lpep4wibkiEiaUlJnx7xNqJWNJZrQyBCQwpwJ9o32LwlHQ3leUdZaDbIU2%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfd33dcf1d4889-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

welcome.unibet.com/custom.js

172.64.144.152

200 OK

5.9 kB

URL GET HTTP/2
welcome.unibet.com/custom.js
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
ASCII text, with very long lines (6078), with no line terminators
Size
5.9 kB (5881 bytes)
Hash
f1d301b9a66fabf51fc0630bdcaf0bf8
45100e61056b88ffd1f2f4bc02f393cda328b595
9f86f4c23e72c39fe76f986ada1f7649af6abc8a1da08760e287498c84c772d5

HTTP Headers

GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: application/javascript
cf-ray: 82dfd33b3a3a0b69-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 2657
etag: W/"0x8DA115DA300B0C1"
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
vary: Accept-Encoding
content-md5: e/Aekt1V1fopj1X7y5r9MA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: b3159e82-501e-0041-530e-134ae6000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg

104.16.64.126

200 OK

1.1 kB

URL GET HTTP/2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP
104.16.64.126:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1D:7A:63:AD:26:C4:EA:3F:E9:47:1D:1D:DE:FF:EF:66:52:E5:DD:F7
ValidityThu, 09 Mar 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1065), with no line terminators
Size
1.1 kB (1053 bytes)
Hash
8994f187d31c33e41e6af6c078d8b4f3
e65a39fb2b4d56343b2af57a19ba38612eaa262f
e4f28e35c66413fc59cb5bdb97c30fd7de981c9408b0f38068c3f71661f52872

HTTP Headers

GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:50 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: 850b18b8-b01e-003b-137b-0c57a6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 308
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfd3414ee47130-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg

172.64.144.152

200 OK

5.7 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5942), with no line terminators
Size
5.7 kB (5740 bytes)
Hash
e78a89d4d455992dad24f8d5a66e1d25
bff521852ffdf8934c26a627aaea680d84cd08bb
cba1b2c9cc48a01ef1a542ec799e6005cedf390479ad761b3840c999b6ed8b70

HTTP Headers

GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: image/svg+xml
cf-ray: 82dfd33b4a420b69-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 597442
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702DDE5E49"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: 2fR27yW0b9kBp/ebW9u59A==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: e2bacc6f-401e-0010-6202-1cd76a000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.unibet.com/kindred_snow/s3.7.0/kindred_s.js

85.184.96.28

200 OK

74 kB

URL GET HTTP/2
www.unibet.com/kindred_snow/s3.7.0/kindred_s.js
IP
85.184.96.28:443
ASN
#47171 Unibet Services Limited

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT

File type
ASCII text, with very long lines (65378)
Size
74 kB (74304 bytes)
Hash
3fb00dbb8acb3c68fd5ddb674f22bb88
cf7bc4f71f0ff66037ac2e564963ff4c2737e766
7d3d84e73da67922341950d1542a5a5da2420ea18026e314a9aec22f631e4246

HTTP Headers

GET /kindred_snow/s3.7.0/kindred_s.js HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=BLP.1.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; clientId=polopoly_desktop; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 13:20:58 GMT
vary: Accept-Encoding
etag: W/"65673aba-12240"
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg

104.16.64.126

200 OK

25 kB

URL GET HTTP/2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP
104.16.64.126:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1D:7A:63:AD:26:C4:EA:3F:E9:47:1D:1D:DE:FF:EF:66:52:E5:DD:F7
ValidityThu, 09 Mar 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
25 kB (24901 bytes)
Hash
7857f5fa35651d9795bac512238caaf4
107c2b86078dd49ffd18c76724bd290018719037
bf1b321fe365e6fdb5429bcebb8a6b5b9ed554d84f4eced5e69cc31038455a81

HTTP Headers

GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:50 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: b31b4379-501e-0041-450f-134ae6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 462
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfd3414ee57130-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg

172.64.144.152

200 OK

32 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
32 kB (31807 bytes)
Hash
bf06fba2ca517eddb1cc60ed26f47758
d184102516fbb91e198b99a09ac6f739d13d836d
6a91f72758fb0426e2cf9b5f36432666b620d80d825989e9dd6175a251c78475

HTTP Headers

GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: image/svg+xml
cf-ray: 82dfd33b5a470b69-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 74872
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702B7E8320"
last-modified: Wed, 13 Sep 2023 15:43:26 GMT
vary: Accept-Encoding
content-md5: vwb7ospRft2xzGDtJvR3WA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: a95fdfb0-e01e-0019-5dda-1592b9000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg

172.64.144.152

200 OK

16 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (15888), with no line terminators
Size
16 kB (15888 bytes)
Hash
2e6f9dbfba55dfa91376da363e813261
b14b92d60cdf76622b9f91b3a56c7a8d98649c23
ec5264587927f5d20d839f8f7d97e98e8dd4d9cce69ffd27a0d63d13d2102498

HTTP Headers

GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: image/svg+xml
cf-ray: 82dfd33b4a3e0b69-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 513921
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702DCB4E58"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 76cbcfd3-901e-004e-01cc-1c3c8a000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg

104.16.64.126

200 OK

4.9 kB

URL GET HTTP/2
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP
104.16.64.126:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1D:7A:63:AD:26:C4:EA:3F:E9:47:1D:1D:DE:FF:EF:66:52:E5:DD:F7
ValidityThu, 09 Mar 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4999), with no line terminators
Size
4.9 kB (4873 bytes)
Hash
7506851c12654bfc54bb813a52957b68
b88e0179a85912068c3480f522a8b0958a23046c
0217e3f9fd1201390e06eee878ccbf84feba0077e7cdd01754170f78e18c274d

HTTP Headers

GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:50 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 90577b5d-e01e-0026-0f98-165a1a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 462
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfd3413ee37130-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/widget/betslip/betslip.js

172.64.144.152

200 OK

15 kB

URL GET HTTP/2
welcome.unibet.com/widget/betslip/betslip.js
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
ASCII text, with very long lines (693)
Size
15 kB (14810 bytes)
Hash
5770dc60397ffb834d1280aa7bcebbd0
f0bbf2136b83babe5a8f70eeff2308279e9a0d3a
42e08e8d4858e610d87679ab66e8a7cf4b575614c0aa1423d8a1c0245bda9a52

HTTP Headers

GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 82dfd33cea780b69-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 500050
cache-control: public, max-age=900, immutable
etag: W/"0x8D67ACF6D112CB5"
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
vary: Accept-Encoding
content-md5: V3DcYDl/+4NNEoCqe8670A==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 5135171d-601e-0075-7649-0c792e000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg

172.64.144.152

200 OK

98 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Size
98 kB (98453 bytes)
Hash
8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407

HTTP Headers

GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: image/jpeg
content-length: 98453
cf-ray: 82dfd33d5a8b0b69-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 508718
cache-control: public, max-age=900, immutable
etag: "0x8DBB4702B1549FF"
last-modified: Wed, 13 Sep 2023 15:43:25 GMT
vary: Accept-Encoding
content-md5: jm2a9e8brf6Slbj8lnk8KA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 0ff811ce-901e-0013-7152-1c360e000000
x-ms-version: 2014-02-14
server: cloudflare
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC

142.250.74.168

200 OK

192 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (25136)
Size
192 kB (191584 bytes)
Hash
26fce30adfb3a2ba1e7db2b6efc885a5
3c03ac8de145975ea5d8c4484d64987cf48d58ec
5af3575df1fbf32e1de5ecfde188a6194c6b5b9f7c299e54b033f3de9fb88cc8

HTTP Headers

GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 02:57:49 GMT
expires: Thu, 30 Nov 2023 02:57:49 GMT
cache-control: private, max-age=900
last-modified: Thu, 30 Nov 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67045
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js

172.64.144.152

200 OK

4.5 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (4762), with no line terminators
Size
4.5 kB (4514 bytes)
Hash
cc638d634c8efd9452a05f3ed63a2c15
d680da0e128220e8310269d900408fb3727eca2d
9d2ff7f3c0209be9a5ba2736e033c4117893aed259278008797f0bfd43dea7fb

HTTP Headers

GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 82dfd33b2a340b69-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 416713
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702E1B3700"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 0799503c-801e-0042-7d02-19ab82000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg

172.64.144.152

200 OK

966 B

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1004), with no line terminators
Size
966 B (966 bytes)
Hash
60530a8226b6f89fbd6e188cd9bdb2fc
5ff9b1d4f00eb8dc12ecb50e0a87abadf144a17d
1c0ec6dc6f122167b6c09d4cafb6ab7312fa4908ba74693ea7105730a5a2ed93

HTTP Headers

GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_08098AFBB3A7490F819A4B40154E3DD9&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701313068696)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231130257%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210640156781%7c1%22%7d%5d; __ucbt=node01v7rfvfm7oodxkkesi25uc90r; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_08098AFBB3A7490F819A4B40154E3DD9; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_08098AFBB3A7490F819A4B40154E3DD9%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_08098AFBB3A7490F819A4B40154E3DD9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 02:57:49 GMT
content-type: image/svg+xml
cf-ray: 82dfd33b4a440b69-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 4802
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702CE70450"
last-modified: Wed, 13 Sep 2023 15:43:28 GMT
vary: Accept-Encoding
content-md5: Z4302O+bSqlX5UM92U+35A==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: aee50919-501e-006e-6628-0d472d000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (27)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN