| poptrr.com/track/click/zpJ2UXWKKu3CJ9aenFgAEXfslveVZPnaZh7Q9k3OZuDgWrtm2AMKR6MVMnkab2SfXHhjWEPgCy9cAVjUHTFXjK3ExDTzWGobuL2A_jDfLpHSpnrxB5ECH9Ooru4kxMmBUguwzDYGY7ZJwyPvUSMZx4xQj0R6KJSbyHSRW7HjRqfmaHtJ1xYEb6hxwaAgZIpHNsEEhInAKePgoBnXZpwFXlAcgy7EQffVF4lOdzXXf0CBugkFlicm_8CCJ88thfk7-DIqUNSM6Qb9ofkrKZPVIu19B6_lrBpDY2hKbRxj6GiYfMw10DnNaf6Yg3Z-RoxWA2_Z9Ldt6mKvV2AYrc1hTqxLAM9Hv59W5KTwwrqXsui9rwON7_rbWv8VEbtzJRWI4FZrgN9L7Bo6ecYHATwfa-9B5sh63AEQv8kQKDFueioe1LWjGriQRGqo8EjGXvusvN0xgFngYXlg3Mi9VaHMmN_RuOm8xTQDiTYJ5DijQvvZoQ7VdF_nICnC9VELpaQiju9Q?ur=https://analytics.ozlinedsp.com/tracking/click.gif?token=2s4y09h6lqhx1ew5uh0x6l98n | 136.243.0.58 | | 0 B |
URL poptrr.com/track/click/zpJ2UXWKKu3CJ9aenFgAEXfslveVZPnaZh7Q9k3OZuDgWrtm2AMKR6MVMnkab2SfXHhjWEPgCy9cAVjUHTFXjK3ExDTzWGobuL2A_jDfLpHSpnrxB5ECH9Ooru4kxMmBUguwzDYGY7ZJwyPvUSMZx4xQj0R6KJSbyHSRW7HjRqfmaHtJ1xYEb6hxwaAgZIpHNsEEhInAKePgoBnXZpwFXlAcgy7EQffVF4lOdzXXf0CBugkFlicm_8CCJ88thfk7-DIqUNSM6Qb9ofkrKZPVIu19B6_lrBpDY2hKbRxj6GiYfMw10DnNaf6Yg3Z-RoxWA2_Z9Ldt6mKvV2AYrc1hTqxLAM9Hv59W5KTwwrqXsui9rwON7_rbWv8VEbtzJRWI4FZrgN9L7Bo6ecYHATwfa-9B5sh63AEQv8kQKDFueioe1LWjGriQRGqo8EjGXvusvN0xgFngYXlg3Mi9VaHMmN_RuOm8xTQDiTYJ5DijQvvZoQ7VdF_nICnC9VELpaQiju9Q?ur=https://analytics.ozlinedsp.com/tracking/click.gif?token=2s4y09h6lqhx1ew5uh0x6l98n IP136.243.0.58:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track/click/zpJ2UXWKKu3CJ9aenFgAEXfslveVZPnaZh7Q9k3OZuDgWrtm2AMKR6MVMnkab2SfXHhjWEPgCy9cAVjUHTFXjK3ExDTzWGobuL2A_jDfLpHSpnrxB5ECH9Ooru4kxMmBUguwzDYGY7ZJwyPvUSMZx4xQj0R6KJSbyHSRW7HjRqfmaHtJ1xYEb6hxwaAgZIpHNsEEhInAKePgoBnXZpwFXlAcgy7EQffVF4lOdzXXf0CBugkFlicm_8CCJ88thfk7-DIqUNSM6Qb9ofkrKZPVIu19B6_lrBpDY2hKbRxj6GiYfMw10DnNaf6Yg3Z-RoxWA2_Z9Ldt6mKvV2AYrc1hTqxLAM9Hv59W5KTwwrqXsui9rwON7_rbWv8VEbtzJRWI4FZrgN9L7Bo6ecYHATwfa-9B5sh63AEQv8kQKDFueioe1LWjGriQRGqo8EjGXvusvN0xgFngYXlg3Mi9VaHMmN_RuOm8xTQDiTYJ5DijQvvZoQ7VdF_nICnC9VELpaQiju9Q?ur=https://analytics.ozlinedsp.com/tracking/click.gif?token=2s4y09h6lqhx1ew5uh0x6l98n HTTP/1.1
Host: poptrr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302
Location: https://ak.itponytaa.com/afu.php?zoneid=5917692
x-responded-by: cors-support-provider
Access-Control-Expose-Headers: set-cookie
Access-Control-Allow-Origin: *
Access-Control-Request-Headers: origin,accept,content-type,x-requested-with
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
Access-Control-Max-Age: 86400
Content-Length: 0
Date: Tue, 16 Apr 2024 23:53:49 GMT
|
|
| ak.itponytaa.com/afu.php?zoneid=5917692 | 23.36.76.162 | | 14 kB |
URL ak.itponytaa.com/afu.php?zoneid=5917692 IP23.36.76.162:0 ASN#20940 Akamai International B.V.
File typeHTML document, ASCII text, with very long lines (18491) Hash78edb2a73545c22a90c42d31d470fe07 12a51da12f5b4e9f823f2b0411e91c8e9c45d8ac bd25ca52eac7ee6339bab43aeac691ac0517bac92f47cef63b265c2af11c9d42
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /afu.php?zoneid=5917692 HTTP/1.1
Host: ak.itponytaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: f5c0c63c3d53ff64a592e28941003983
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
vary: Accept-Encoding
x-akamai-transformed: 9 13308 0 pmb=mRUM,1
content-encoding: gzip
expires: Tue, 16 Apr 2024 23:53:49 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 16 Apr 2024 23:53:49 GMT
content-length: 14136
set-cookie: OAID=008040d77a194555f91e79fa807c6db8; expires=Wed, 16 Apr 2025 23:53:49 GMT; path=/; secure; SameSite=None
oaidts=1713311629; expires=Wed, 16 Apr 2025 23:53:49 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=54, origin; dur=25, ak_p; desc="1713311629779_388254878_75191601_7864_1016_1_25_41";dur=1
X-Firefox-Spdy: h2
|
|
| ak.itponytaa.com/sftouch?userId=008040d77a194555f91e79fa807c6db8&z=5917692&p_rid=2489e490-c73a-4b6f-90c4-9dd672c875b5&p_src=sf&branchId=0&rb=d1_C2eT5TDQq6GcgtPrrB8eoMqDKGqKrfg8Y4oW6LCruiXpPNWGc-c1kcxRPGapxEE7T0FxRgQNyWwJv6L_qwkwezYanOhJshYFp973NQZ6QKmOnT34oNWl2lkjWnR8C3CTdb5ABGhad03rDgF_96VpeY-I36sthHQgwfTU1dwf473ot26-3a8lKF9YRgc-Jycf-l-0oM5BnIN12TCjF0pRfE4JblcuRJVC0anX1XXg= | 23.36.76.162 | | 2 B |
URL ak.itponytaa.com/sftouch?userId=008040d77a194555f91e79fa807c6db8&z=5917692&p_rid=2489e490-c73a-4b6f-90c4-9dd672c875b5&p_src=sf&branchId=0&rb=d1_C2eT5TDQq6GcgtPrrB8eoMqDKGqKrfg8Y4oW6LCruiXpPNWGc-c1kcxRPGapxEE7T0FxRgQNyWwJv6L_qwkwezYanOhJshYFp973NQZ6QKmOnT34oNWl2lkjWnR8C3CTdb5ABGhad03rDgF_96VpeY-I36sthHQgwfTU1dwf473ot26-3a8lKF9YRgc-Jycf-l-0oM5BnIN12TCjF0pRfE4JblcuRJVC0anX1XXg= IP23.36.76.162:0 ASN#20940 Akamai International B.V.
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sftouch?userId=008040d77a194555f91e79fa807c6db8&z=5917692&p_rid=2489e490-c73a-4b6f-90c4-9dd672c875b5&p_src=sf&branchId=0&rb=d1_C2eT5TDQq6GcgtPrrB8eoMqDKGqKrfg8Y4oW6LCruiXpPNWGc-c1kcxRPGapxEE7T0FxRgQNyWwJv6L_qwkwezYanOhJshYFp973NQZ6QKmOnT34oNWl2lkjWnR8C3CTdb5ABGhad03rDgF_96VpeY-I36sthHQgwfTU1dwf473ot26-3a8lKF9YRgc-Jycf-l-0oM5BnIN12TCjF0pRfE4JblcuRJVC0anX1XXg= HTTP/1.1
Host: ak.itponytaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ak.itponytaa.com
DNT: 1
Connection: keep-alive
Referer: https://ak.itponytaa.com/afu.php?zoneid=5917692
Cookie: OAID=008040d77a194555f91e79fa807c6db8; oaidts=1713311629
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 2
x-trace-id: f242e3d381dda7ac6250193796b77201
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ak.itponytaa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
expires: Tue, 16 Apr 2024 23:53:50 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 16 Apr 2024 23:53:50 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=30, ak_p; desc="1713311630080_388254878_75191613_4955_840_1_0_1";dur=1
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/img.gif?f=merge&userId=008040d77a194555f91e79fa807c6db8&z=5917692&p_rid=2489e490-c73a-4b6f-90c4-9dd672c875b5&p_src=sf | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=merge&userId=008040d77a194555f91e79fa807c6db8&z=5917692&p_rid=2489e490-c73a-4b6f-90c4-9dd672c875b5&p_src=sf IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=008040d77a194555f91e79fa807c6db8&z=5917692&p_rid=2489e490-c73a-4b6f-90c4-9dd672c875b5&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.itponytaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 23:53:50 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008040d77a194555f91e79fa807c6db8; expires=Wed, 16 Apr 2025 23:53:50 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ak.itponytaa.com/favicon.ico | 23.36.76.162 | | 0 B |
URL ak.itponytaa.com/favicon.ico IP23.36.76.162:0 ASN#20940 Akamai International B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: ak.itponytaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ak.itponytaa.com/afu.php?zoneid=5917692
Cookie: OAID=008040d77a194555f91e79fa807c6db8; oaidts=1713311629
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
pragma: public
cache-control: public, must-revalidate, proxy-revalidate, max-age=2592000
date: Tue, 16 Apr 2024 23:53:50 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=25, ak_p; desc="1713311630207_388254878_75191616_4579_778_1_0_21";dur=1
X-Firefox-Spdy: h2
|
|
| ak.itponytaa.com/?z=5917692&syncedCookie=true&rhd=false | 23.36.76.162 | 302 Found | 0 B |
URL User Request POST HTTP/2ak.itponytaa.com/?z=5917692&syncedCookie=true&rhd=false IP23.36.76.162:443 ASN#20940 Akamai International B.V.
CertificateIssuerLet's Encrypt Subjectak.hetaruwg.com Fingerprint25:F9:4E:BA:86:65:45:64:6B:96:B1:61:8C:D3:05:24:CD:CF:AD:8C ValidityMon, 15 Apr 2024 13:59:12 GMT - Sun, 14 Jul 2024 13:59:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /?z=5917692&syncedCookie=true&rhd=false HTTP/1.1
Host: ak.itponytaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 539
Origin: https://ak.itponytaa.com
DNT: 1
Connection: keep-alive
Referer: https://ak.itponytaa.com/afu.php?zoneid=5917692&var=5917692&rid=dqGdfktL4PWmomSE3WzGcA%3D%3D&rhd=false&ab2r=0&sf=1
Cookie: OAID=008040d77a194555f91e79fa807c6db8; oaidts=1713311629
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-length: 0
x-trace-id: 49282ac257f2e1d9fe431b6086a25915
link: <https://adserving.unibet.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ak.itponytaa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
expires: Tue, 16 Apr 2024 23:53:50 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 16 Apr 2024 23:53:50 GMT
set-cookie: OAID=008040d77a194555f91e79fa807c6db8; expires=Wed, 16 Apr 2025 23:53:50 GMT; path=/; secure; SameSite=None
oaidts=1713311629; expires=Wed, 16 Apr 2025 23:53:50 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 23 Apr 2024 23:53:50 GMT; path=/; secure; SameSite=None
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=162, ak_p; desc="1713311630325_388254878_75191622_18212_690_1_0_41";dur=1
X-Firefox-Spdy: h2
|
|
| adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB | 13.107.213.53 | 403 Forbidden | 409 B |
URL User Request GET HTTP/2adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerTrustwave Holdings, Inc. Subjectaffiliates.kindredplc.com Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
File typeASCII text, with CRLF line terminators Hashc9aba348d691ae27a0f5fb0b8c8ee30d 5a7f9be1b118c80c15f5f581a53416bd595c0efc 25de13ee12c6a2b6a3c99f02611adf761bbed49666a95424bae62aa21b960d04
GET /redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Tue, 16 Apr 2024 23:53:50 GMT
content-type: text/html
content-length: 409
x-azure-ref: 20240416T235350Z-16c87f56bf7gcn84xvsf1dkb5g00000009s00000000054nm
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| adserving.unibet.com/favicon.ico | 13.107.213.53 | 403 Forbidden | 409 B |
URL GET HTTP/2adserving.unibet.com/favicon.ico IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB CertificateIssuerTrustwave Holdings, Inc. Subjectaffiliates.kindredplc.com Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
File typeASCII text, with CRLF line terminators Hash70c0e4eb9c847c21822d6c50a6b82b1d 1780b5e31034db906822de24f7c788ee40f38329 620483b031e4aef44a8dd6f362c5c78ee9ffff694faed98e6079078ea3c7c616
GET /favicon.ico HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Tue, 16 Apr 2024 23:53:51 GMT
content-type: text/html
content-length: 409
x-azure-ref: 20240416T235351Z-16c87f56bf7wbb25w1qaqne0d000000005b0000000006usu
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|