| poptrr.com/track/click/z0Ob_pQBy_NAJ8EhSdXp-14PsI3ieFUI564-FELkY3HkR1uHWSe7szGEK9pxNOpO7-pxFVigfrfjtWtkCqd5gkY44kno9ssPKZBd0uGT3dluiDl17BBuIWEu0U0BRSXklvCX2BsWlTFY4U7YnsA1_vsKcx0gV3oPpE__pYG21Pl4N8EY9FTMFIN7otXGL42fSWkLAFgUGj_-E9Q6j-rjxnLxP97fcgmpopBUsZ0QMjgbH6h5TsUHMY_fGFutROmiVZBLPLs1gltV4TobhWW3vf21XawPhpK7d6n9PzKcGjsI8LgEyX8gvhrOKle35lwc8fXaLajI0rxQymNJNiiOewcpiJGGNJbJorBbf7aSyyTu15mknqDFwrukEOjty4QYIN3vyCu0UT31c3rSr-kud2kb3PjRKSXRKD7KMifC6sX6DxNXE6B7-_uY-RLKIvWrdGSkRnTHVNEgTFhCuXxNhnbC6xtSVgwkLrcGRwwtQR4h-vsTFc0fh_lPGEmjlhBQpOQ39ig1QNU2umokvt6-pnQ97GLyqLq2Ezy1bo4t7eTO5f8FrTlfGO0BZGXk8bAk-U8m9KnCoGap9MJj87rLJ0wPBRiffeGjGFzU3mko1-qr0lX2j-KCI1ygF?ur=c.srvpcn.com/goto?id=cofcrtveq9ac73982hb0 | 136.243.0.58 | | 0 B |
URL poptrr.com/track/click/z0Ob_pQBy_NAJ8EhSdXp-14PsI3ieFUI564-FELkY3HkR1uHWSe7szGEK9pxNOpO7-pxFVigfrfjtWtkCqd5gkY44kno9ssPKZBd0uGT3dluiDl17BBuIWEu0U0BRSXklvCX2BsWlTFY4U7YnsA1_vsKcx0gV3oPpE__pYG21Pl4N8EY9FTMFIN7otXGL42fSWkLAFgUGj_-E9Q6j-rjxnLxP97fcgmpopBUsZ0QMjgbH6h5TsUHMY_fGFutROmiVZBLPLs1gltV4TobhWW3vf21XawPhpK7d6n9PzKcGjsI8LgEyX8gvhrOKle35lwc8fXaLajI0rxQymNJNiiOewcpiJGGNJbJorBbf7aSyyTu15mknqDFwrukEOjty4QYIN3vyCu0UT31c3rSr-kud2kb3PjRKSXRKD7KMifC6sX6DxNXE6B7-_uY-RLKIvWrdGSkRnTHVNEgTFhCuXxNhnbC6xtSVgwkLrcGRwwtQR4h-vsTFc0fh_lPGEmjlhBQpOQ39ig1QNU2umokvt6-pnQ97GLyqLq2Ezy1bo4t7eTO5f8FrTlfGO0BZGXk8bAk-U8m9KnCoGap9MJj87rLJ0wPBRiffeGjGFzU3mko1-qr0lX2j-KCI1ygF?ur=c.srvpcn.com/goto?id=cofcrtveq9ac73982hb0 IP136.243.0.58:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track/click/z0Ob_pQBy_NAJ8EhSdXp-14PsI3ieFUI564-FELkY3HkR1uHWSe7szGEK9pxNOpO7-pxFVigfrfjtWtkCqd5gkY44kno9ssPKZBd0uGT3dluiDl17BBuIWEu0U0BRSXklvCX2BsWlTFY4U7YnsA1_vsKcx0gV3oPpE__pYG21Pl4N8EY9FTMFIN7otXGL42fSWkLAFgUGj_-E9Q6j-rjxnLxP97fcgmpopBUsZ0QMjgbH6h5TsUHMY_fGFutROmiVZBLPLs1gltV4TobhWW3vf21XawPhpK7d6n9PzKcGjsI8LgEyX8gvhrOKle35lwc8fXaLajI0rxQymNJNiiOewcpiJGGNJbJorBbf7aSyyTu15mknqDFwrukEOjty4QYIN3vyCu0UT31c3rSr-kud2kb3PjRKSXRKD7KMifC6sX6DxNXE6B7-_uY-RLKIvWrdGSkRnTHVNEgTFhCuXxNhnbC6xtSVgwkLrcGRwwtQR4h-vsTFc0fh_lPGEmjlhBQpOQ39ig1QNU2umokvt6-pnQ97GLyqLq2Ezy1bo4t7eTO5f8FrTlfGO0BZGXk8bAk-U8m9KnCoGap9MJj87rLJ0wPBRiffeGjGFzU3mko1-qr0lX2j-KCI1ygF?ur=c.srvpcn.com/goto?id=cofcrtveq9ac73982hb0 HTTP/1.1
Host: poptrr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302
Location: https://ak.itponytaa.com/afu.php?zoneid=5917692
x-responded-by: cors-support-provider
Access-Control-Expose-Headers: set-cookie
Access-Control-Allow-Origin: *
Access-Control-Request-Headers: origin,accept,content-type,x-requested-with
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
Access-Control-Max-Age: 86400
Content-Length: 0
Date: Tue, 16 Apr 2024 20:06:30 GMT
|
|
| ak.itponytaa.com/afu.php?zoneid=5917692 | 23.36.76.186 | | 14 kB |
URL ak.itponytaa.com/afu.php?zoneid=5917692 IP23.36.76.186:0 ASN#20940 Akamai International B.V.
File typeHTML document, ASCII text, with very long lines (18491) Hash960a177fcb2c7fe870df5f563c330df6 9f193725d5158f35cfbd15fc5a76588294bf784f 24ffe38d3f0e2878bca56cc81bda7fae2635406d5215bf3ca798a682a67dfef3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /afu.php?zoneid=5917692 HTTP/1.1
Host: ak.itponytaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: 67c5ce8c828334eb720ee7b11e4007fc
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
x-akamai-transformed: 9 - 0 pmb=mRUM,1
content-encoding: gzip
expires: Tue, 16 Apr 2024 20:06:31 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 16 Apr 2024 20:06:31 GMT
content-length: 14140
vary: Accept-Encoding
set-cookie: OAID=008040e5f9574e7ce94f52578fe0c2d3; expires=Wed, 16 Apr 2025 20:06:31 GMT; path=/; secure; SameSite=None
oaidts=1713297991; expires=Wed, 16 Apr 2025 20:06:31 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
server-timing: edge; dur=3, origin; dur=65, cdn-cache; desc=MISS, ak_p; desc="1713297991628_388254902_795492816_6860_1442_1_24_41";dur=1
X-Firefox-Spdy: h2
|
|
| ak.itponytaa.com/sftouch?userId=008040e5f9574e7ce94f52578fe0c2d3&z=5917692&p_rid=310ad332-c38d-49f2-843e-59bfff7f53ca&p_src=sf&branchId=0&rb=PlfaMhr8HhXWVyKN8T48qb0wmctV81VpPMmmaoXcm9emjqMInGXXkDAnaJbuyHbRfdgvGofupcMaLfvQiRMIH80bEPjAiPoxN-0upgCgvspzRZDtaRqNkJEqh5FNwt_X6LWQY0GUvYFZguIvgX13FVAn5LqyPslBGtSIh2-fgKMRlkqsZFatpX3Q8-h6kLW2bw0T1mPLY04vOLCggupA5EgOLLQmFvRrbwGqYJyaL9I= | 23.36.76.186 | | 2 B |
URL ak.itponytaa.com/sftouch?userId=008040e5f9574e7ce94f52578fe0c2d3&z=5917692&p_rid=310ad332-c38d-49f2-843e-59bfff7f53ca&p_src=sf&branchId=0&rb=PlfaMhr8HhXWVyKN8T48qb0wmctV81VpPMmmaoXcm9emjqMInGXXkDAnaJbuyHbRfdgvGofupcMaLfvQiRMIH80bEPjAiPoxN-0upgCgvspzRZDtaRqNkJEqh5FNwt_X6LWQY0GUvYFZguIvgX13FVAn5LqyPslBGtSIh2-fgKMRlkqsZFatpX3Q8-h6kLW2bw0T1mPLY04vOLCggupA5EgOLLQmFvRrbwGqYJyaL9I= IP23.36.76.186:0 ASN#20940 Akamai International B.V.
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sftouch?userId=008040e5f9574e7ce94f52578fe0c2d3&z=5917692&p_rid=310ad332-c38d-49f2-843e-59bfff7f53ca&p_src=sf&branchId=0&rb=PlfaMhr8HhXWVyKN8T48qb0wmctV81VpPMmmaoXcm9emjqMInGXXkDAnaJbuyHbRfdgvGofupcMaLfvQiRMIH80bEPjAiPoxN-0upgCgvspzRZDtaRqNkJEqh5FNwt_X6LWQY0GUvYFZguIvgX13FVAn5LqyPslBGtSIh2-fgKMRlkqsZFatpX3Q8-h6kLW2bw0T1mPLY04vOLCggupA5EgOLLQmFvRrbwGqYJyaL9I= HTTP/1.1
Host: ak.itponytaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ak.itponytaa.com
DNT: 1
Connection: keep-alive
Referer: https://ak.itponytaa.com/afu.php?zoneid=5917692
Cookie: OAID=008040e5f9574e7ce94f52578fe0c2d3; oaidts=1713297991
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 2
x-trace-id: 4751fcf800007137920254b9509800ea
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ak.itponytaa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
expires: Tue, 16 Apr 2024 20:06:31 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 16 Apr 2024 20:06:31 GMT
server-timing: edge; dur=1, origin; dur=32, cdn-cache; desc=MISS, ak_p; desc="1713297991907_388254902_795493033_3687_1128_1_0_1";dur=1
X-Firefox-Spdy: h2
|
|
| ak.itponytaa.com/favicon.ico | 23.36.76.186 | | 0 B |
URL ak.itponytaa.com/favicon.ico IP23.36.76.186:0 ASN#20940 Akamai International B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: ak.itponytaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.itponytaa.com/afu.php?zoneid=5917692
Cookie: OAID=008040e5f9574e7ce94f52578fe0c2d3; oaidts=1713297991
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
pragma: public
cache-control: public, must-revalidate, proxy-revalidate, max-age=2592000
date: Tue, 16 Apr 2024 20:06:32 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=21, origin; dur=0, ak_p; desc="1713297992023_388254902_795493124_2101_696_1_0_21";dur=1
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/img.gif?f=merge&userId=008040e5f9574e7ce94f52578fe0c2d3&z=5917692&p_rid=310ad332-c38d-49f2-843e-59bfff7f53ca&p_src=sf | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=merge&userId=008040e5f9574e7ce94f52578fe0c2d3&z=5917692&p_rid=310ad332-c38d-49f2-843e-59bfff7f53ca&p_src=sf IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=008040e5f9574e7ce94f52578fe0c2d3&z=5917692&p_rid=310ad332-c38d-49f2-843e-59bfff7f53ca&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.itponytaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 20:06:32 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008040e5f9574e7ce94f52578fe0c2d3; expires=Wed, 16 Apr 2025 20:06:32 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ak.itponytaa.com/?z=5917692&syncedCookie=true&rhd=false | 23.36.76.186 | 302 Found | 0 B |
URL User Request POST HTTP/2ak.itponytaa.com/?z=5917692&syncedCookie=true&rhd=false IP23.36.76.186:443 ASN#20940 Akamai International B.V.
CertificateIssuerLet's Encrypt Subjectak.hetaruwg.com Fingerprint25:F9:4E:BA:86:65:45:64:6B:96:B1:61:8C:D3:05:24:CD:CF:AD:8C ValidityMon, 15 Apr 2024 13:59:12 GMT - Sun, 14 Jul 2024 13:59:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /?z=5917692&syncedCookie=true&rhd=false HTTP/1.1
Host: ak.itponytaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 539
Origin: https://ak.itponytaa.com
DNT: 1
Connection: keep-alive
Referer: https://ak.itponytaa.com/afu.php?zoneid=5917692&var=5917692&rid=dqGdfktL4PWmomSE3WzGcA%3D%3D&rhd=false&ab2r=0&sf=1
Cookie: OAID=008040e5f9574e7ce94f52578fe0c2d3; oaidts=1713297991
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-length: 0
x-trace-id: 0345e4dfe01e9e318a255ba286f2ccdb
link: <https://adserving.unibet.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ak.itponytaa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
expires: Tue, 16 Apr 2024 20:06:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 16 Apr 2024 20:06:32 GMT
set-cookie: OAID=008040e5f9574e7ce94f52578fe0c2d3; expires=Wed, 16 Apr 2025 20:06:32 GMT; path=/; secure; SameSite=None
oaidts=1713297991; expires=Wed, 16 Apr 2025 20:06:32 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 23 Apr 2024 20:06:32 GMT; path=/; secure; SameSite=None
server-timing: edge; dur=1, origin; dur=206, cdn-cache; desc=MISS, ak_p; desc="1713297992105_388254902_795493174_21060_1190_1_0_41";dur=1
X-Firefox-Spdy: h2
|
|
| adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB | 13.107.246.53 | 403 Forbidden | 409 B |
URL User Request GET HTTP/2adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerTrustwave Holdings, Inc. Subjectaffiliates.kindredplc.com Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
File typeASCII text, with CRLF line terminators Hashdd6de720c03ffad7c307f7dc3f0aecb4 06f57aabd80bcb122334abb3ddd6f19910c5b916 e841888502063ddc33ce874ba41efaae509970bb0f8e41a92ff0281c7ca99ee7
GET /redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Tue, 16 Apr 2024 20:06:32 GMT
content-type: text/html
content-length: 409
x-azure-ref: 20240416T200632Z-16c87f56bf7fqg25gt8gap6yws000000077000000000c7rp
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| adserving.unibet.com/favicon.ico | 13.107.213.53 | 403 Forbidden | 409 B |
URL GET HTTP/2adserving.unibet.com/favicon.ico IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB CertificateIssuerTrustwave Holdings, Inc. Subjectaffiliates.kindredplc.com Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
File typeASCII text, with CRLF line terminators Hash6cc8457567dfe5cf25683700d95a4f03 82a96c4d9682c6056d4ed2a7982ad1ad2395d7d7 25bbf0b02eb063c1849cfe6954553d5eda75b74d9d461000a1d723f6e3a8ec5a
GET /favicon.ico HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Tue, 16 Apr 2024 20:06:32 GMT
content-type: text/html
content-length: 409
x-azure-ref: 20240416T200632Z-16c87f56bf7fqg25gt8gap6yws0000000780000000009mqc
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|