bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
65.109.92.221200 OK 14 kB URL HTTP/1.1 bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 19e37d936af56ad2445f3031439d83aa
5aeeeb22a85302b1841d5b0b2fddf13f9140fc1d
bee8ce03352dfeef202e9a73c4c3b70dbb7e3f57b0c44455fd9ecc784295359b
GET /2023/02/01/the-madoff-netflix-special-lessons-for-investors/ HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
x-pingback: http://bosnews.xyz/xmlrpc.php
link: <https://bosnews.xyz/wp-json/>; rel="https://api.w.org/", <https://bosnews.xyz/wp-json/wp/v2/posts/1327>; rel="alternate"; type="application/json", <https://bosnews.xyz/?p=1327>; rel=shortlink
content-length: 13898
content-encoding: gzip
vary: Accept-Encoding,User-Agent
date: Tue, 07 Feb 2023 06:39:15 GMT
server: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12823
Expires: Tue, 07 Feb 2023 10:12:58 GMT
Date: Tue, 07 Feb 2023 06:39:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4508
Expires: Tue, 07 Feb 2023 07:54:23 GMT
Date: Tue, 07 Feb 2023 06:39:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20539
Expires: Tue, 07 Feb 2023 12:21:34 GMT
Date: Tue, 07 Feb 2023 06:39:15 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 06:34:07 GMT
content-type: application/json
age: 308
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BdaeVLTSNu9bZMQg8Z+xGoCBbdLbn79jrnn9Uue7YTiD1dn0NffvGCehnN/YoaLZH88NzOGuPAY=
x-amz-request-id: 0M0QHQQ6P123G46V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 05:45:27 GMT
age: 3228
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
bosnews.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
65.109.92.221200 OK 12 kB URL HTTP/1.1 bosnews.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (47826)
Hash 45b3843596f3eda24398e2c1f68ee268
4ad9a0e6ed85ca57c5d134aa5ca546e19910640d
f2784720bca9efcc4c4c3ab35d5fa3b523eb1915acc04a53273559907d352e36
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 06:39:15 GMT
content-type: text/css
last-modified: Fri, 11 Nov 2022 19:26:46 GMT
etag: "172a9-636ea1f6-ae3d437cc0c9051b;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 12489
date: Tue, 07 Feb 2023 06:39:15 GMT
server: LiteSpeed
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 06:39:15 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bosnews.xyz/wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.8
65.109.92.221200 OK 1.1 kB URL HTTP/1.1 bosnews.xyz/wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.8
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (3042), with no line terminators
Hash 8f8656a4514b261316c0349b93698dd6
285121fe943deddbbcc3bf4c532a54e73a490830
2d62ea06161704b02aef37b0913a93cc0674f49644e15cfe99006c1158e9037f
GET /wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.8 HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 06:39:15 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 14:33:33 GMT
etag: "be2-63dd1b3d-7365f866a09c617e;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 1145
date: Tue, 07 Feb 2023 06:39:15 GMT
server: LiteSpeed
bosnews.xyz/wp-includes/css/classic-themes.min.css?ver=1
65.109.92.221200 OK 188 B URL HTTP/1.1 bosnews.xyz/wp-includes/css/classic-themes.min.css?ver=1
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
Hash 8ac085745a5bcc97c54f8088973df029
4e065566e82d4623d0f5b4d9275d3ee29e15acd1
a0b69c3418ce7d86bcd33d370dec1ba31f2d9c143d932f52de7c4f98427a813f
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 06:39:15 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 17:15:16 GMT
etag: "d9-635819a4-9d215d7c548b747d;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 188
date: Tue, 07 Feb 2023 06:39:15 GMT
server: LiteSpeed
bosnews.xyz/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
65.109.92.221200 OK 655 B URL HTTP/1.1 bosnews.xyz/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
Hash d3d9225db9a7bd8727d535250927fb97
b1c59d1fb36fb0b6d26028a660947965a0bada42
b8d2bf0a753415cf3f521a0c027f8910031f86a572344cd9d571bf951d1513d1
GET /wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0 HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 06:39:15 GMT
content-type: text/css
last-modified: Fri, 21 Sep 2018 15:36:40 GMT
etag: "a99-5ba51008-5e3488dc5c0ac17a;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 655
date: Tue, 07 Feb 2023 06:39:15 GMT
server: LiteSpeed
bosnews.xyz/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8
65.109.92.221200 OK 7.0 kB URL HTTP/1.1 bosnews.xyz/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (30837), with CRLF line terminators
Hash f2852b974183db9355cb778bf12e2e09
04902db0d66fb45d7cc388ab23fc0525d93ccaf4
1dd0188967a90730cc1322d7a809524dd9207a5b604e7468b8f4779268d64aab
GET /wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8 HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 06:39:15 GMT
content-type: text/css
last-modified: Fri, 03 Feb 2023 14:33:33 GMT
etag: "791c-63dd1b3d-d52b6dc88ada9fa2;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 6992
date: Tue, 07 Feb 2023 06:39:15 GMT
server: LiteSpeed
bosnews.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
65.109.92.221200 OK 4.2 kB URL HTTP/1.1 bosnews.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (11126)
Hash c41f3a82e911de81a1817131069bc7d2
1e883290a0b794916cead41e5f0705716fd77b89
e9791f24770f098ea30bb4d25e2e10bdedb97132d0bbf7d2bd79eedac22efa27
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 06:39:15 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 13:36:06 GMT
etag: "2bd8-5fb52346-fac6c71a25fb4b15;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4168
date: Tue, 07 Feb 2023 06:39:15 GMT
server: LiteSpeed
bosnews.xyz/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.1.1
65.109.92.221200 OK 382 B URL HTTP/1.1 bosnews.xyz/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.1.1
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
Hash 3464e469381fdb60ffba6c0142635e94
0349e2605359a7f69e86e6671eb95ddef4f1a131
cdbc7eb2ec853e8f073dab6779f79f125c5df5af93bf643e20bc5ffc9dc3c62c
GET /wp-content/plugins/wp-automatic/js/main-front.js?ver=6.1.1 HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 06:39:15 GMT
content-type: application/javascript
last-modified: Thu, 09 Jan 2020 12:39:46 GMT
etag: "3f9-5e171f12-6a90fabaee30afbf;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 382
date: Tue, 07 Feb 2023 06:39:15 GMT
server: LiteSpeed
bosnews.xyz/wp-content/themes/colormag/style.css?ver=2.1.8
65.109.92.221200 OK 17 kB URL HTTP/1.1 bosnews.xyz/wp-content/themes/colormag/style.css?ver=2.1.8
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (1034)
Hash 2d354b67c4c9066aa89dbbac2f5de5da
d8dffe8aee024707125b44928cb15ff37790f25c
3ee811234719be380714a5567204ef20eae36511b358671de89b5000670bdd9a
GET /wp-content/themes/colormag/style.css?ver=2.1.8 HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 06:39:15 GMT
content-type: text/css
last-modified: Fri, 03 Feb 2023 14:33:33 GMT
etag: "1967f-63dd1b3d-82413566e0594b8a;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 16891
date: Tue, 07 Feb 2023 06:39:15 GMT
server: LiteSpeed
bosnews.xyz/wp-content/plugins/jetpack/css/jetpack.css?ver=11.3.2
65.109.92.221200 OK 16 kB URL HTTP/1.1 bosnews.xyz/wp-content/plugins/jetpack/css/jetpack.css?ver=11.3.2
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 6c109c5d828196c395d9d05b2b6bad7d
875136ca9c294b18e2bdff85ac9eeaa89291663a
64aa689915ca71fbf6af6f3c1a4a48bb59582132016e676d648989c9755a534f
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.3.2 HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 06:39:15 GMT
content-type: text/css
last-modified: Thu, 22 Sep 2022 20:42:17 GMT
etag: "14eba-632cc8a9-aead9c57a68bd2fc;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 16407
date: Tue, 07 Feb 2023 06:39:15 GMT
server: LiteSpeed
bosnews.xyz/wp-includes/js/comment-reply.min.js?ver=6.1.1
65.109.92.221200 OK 1.3 kB URL HTTP/1.1 bosnews.xyz/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2946)
Hash 1cfd4f485ffd20e7ee7693364fef33f9
a8c5d35ad20664ccfe03d7acfcbdb0a1e28d3fd8
b433efd57400d409a207820e22b93662fa48a0737a96eb44a4c6ce3b46ee7403
GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 06:39:15 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 23:37:18 GMT
etag: "ba5-6250c72e-7a46af2608283836;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 1349
date: Tue, 07 Feb 2023 06:39:15 GMT
server: LiteSpeed
bosnews.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
65.109.92.221200 OK 31 kB URL HTTP/1.1 bosnews.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65447)
Hash cc5a8bfbf7d31fbc3022dc05e964a95c
81edda48c2c2c97bf79dea1ec91b89105e4ba00b
651c822702a9ac476c260fd37dccab6c3da8306ff6dd922e9d68cfa7863bfe42
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 06:39:15 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 17:46:24 GMT
etag: "15e54-6328aaf0-de598d086971b50d;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 31046
date: Tue, 07 Feb 2023 06:39:15 GMT
server: LiteSpeed
bosnews.xyz/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.8
65.109.92.221200 OK 6.1 kB URL HTTP/1.1 bosnews.xyz/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.8
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (23954), with no line terminators
Hash fd5b4ac87007117857bdaf6bcfec6acd
5bd73af5af2036ad79649b2021cde875bc7c9556
88f47821721f43eac9757f21222bb062f7f20ac95d79ff96c518f1042016dc98
GET /wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.8 HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 06:39:15 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 14:33:33 GMT
etag: "5d92-63dd1b3d-262a232e40e99f94;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 6142
date: Tue, 07 Feb 2023 06:39:15 GMT
server: LiteSpeed
bosnews.xyz/wp-content/themes/colormag/js/navigation.min.js?ver=2.1.8
65.109.92.221200 OK 651 B URL HTTP/1.1 bosnews.xyz/wp-content/themes/colormag/js/navigation.min.js?ver=2.1.8
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1567), with no line terminators
Hash 652a4495c800a0d505913c5947eb4a4b
d8b539b312f98aa3724fa97b1d9f0c45ab3a8acf
385294ce02cefcf3152030fcb27c59a767dce82c74dc2389f0d47935a12efd28
GET /wp-content/themes/colormag/js/navigation.min.js?ver=2.1.8 HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 06:39:15 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 14:33:33 GMT
etag: "61f-63dd1b3d-90004aaa5bb55f5f;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 651
date: Tue, 07 Feb 2023 06:39:15 GMT
server: LiteSpeed
bosnews.xyz/wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.8
65.109.92.221200 OK 775 B URL HTTP/1.1 bosnews.xyz/wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.8
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (1754), with no line terminators
Hash 847013c1309eecf98f28d014b281982c
dd168bddc8252ec3e7b3ce28e7e5b0ae59ae1671
30522bb441ec8b0574c6088308a2003c802445f1cfac20212da69cf157fa02c4
GET /wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.8 HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 06:39:15 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 14:33:33 GMT
etag: "6da-63dd1b3d-8644c8c3f3e578c1;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 775
date: Tue, 07 Feb 2023 06:39:15 GMT
server: LiteSpeed
bosnews.xyz/wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.8
65.109.92.221200 OK 242 B URL HTTP/1.1 bosnews.xyz/wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.8
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (325), with no line terminators
Hash 9745b820b6baaaac8accd4dab6ab698a
020a4c6167f52db7c74bee615c4afad369ee32e6
a2e17e7d69a8718cf955f45021c0240255d46dd42934eeb834ebe6f792ee9d1e
GET /wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.8 HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 06:39:15 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 14:33:33 GMT
etag: "145-63dd1b3d-9a1ca18fd7cf5cd;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 242
date: Tue, 07 Feb 2023 06:39:15 GMT
server: LiteSpeed
bosnews.xyz/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
65.109.92.221200 OK 1.1 kB URL HTTP/1.1 bosnews.xyz/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (4186), with no line terminators
Hash cc467bb5d18a9c3c4808b267748b4318
36cbf86408ccb35e204172bca28bf0c6b726c385
feacb74068853206ff6d9040bce92f3d95a386c3803b0147f08c23235cc333dd
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 06:39:15 GMT
content-type: text/css
last-modified: Sat, 08 Jun 2019 00:15:02 GMT
etag: "105a-5cfafe06-d8fd1f89f4f23df4;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 1148
date: Tue, 07 Feb 2023 06:39:15 GMT
server: LiteSpeed
bosnews.xyz/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
65.109.92.221200 OK 2.6 kB URL HTTP/1.1 bosnews.xyz/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (11256), with no line terminators
Hash c2fc17077428d552284c691d25aa3ded
b5a0a0fc41e5e19db63b6db787c706c6124cedb6
b239bfb18444bac17be1d684d9a670d5de358c883237aad27e194f71e3c65d17
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 06:39:15 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 19:23:06 GMT
etag: "2bf8-5f73899a-c9a9f45bde6b7ead;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 2582
date: Tue, 07 Feb 2023 06:39:15 GMT
server: LiteSpeed
bosnews.xyz/wp-content/plugins/fifu-premium/includes/html/js/image.js?ver=5.4.3
65.109.92.221200 OK 2.4 kB URL HTTP/1.1 bosnews.xyz/wp-content/plugins/fifu-premium/includes/html/js/image.js?ver=5.4.3
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
Hash 4131257dcb3a850f63a39aeddb09528e
7f04c8f16743edbebf702c48b130feaa44d49674
89a44f67b4e51aa3704cdc4cadfbc57b7303e637018a15359904e36f0fbc8cd5
GET /wp-content/plugins/fifu-premium/includes/html/js/image.js?ver=5.4.3 HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 06:39:15 GMT
content-type: application/javascript
last-modified: Wed, 26 Jan 2022 22:58:26 GMT
etag: "2838-61f1d212-a2261e6be37e905;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 2379
date: Tue, 07 Feb 2023 06:39:15 GMT
server: LiteSpeed
bosnews.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
65.109.92.221200 OK 5.0 kB URL HTTP/1.1 bosnews.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (15660)
Hash 848f9aadf194f3d024a2a90dbd11e3b5
aecd4b03b5a7829c6ca015d926798dc95e4fa912
36ff79b2f6827e46be1df95ff739e536718c0ee4fc09462678b32d7abd60fc6c
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 06:39:15 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 09:26:24 GMT
etag: "48b9-625545c0-1cca1027c4a268d2;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 5021
date: Tue, 07 Feb 2023 06:39:15 GMT
server: LiteSpeed
bosnews.xyz/wp-content/themes/colormag/assets/fonts/OpenSans-VariableFont.woff
65.109.92.221200 OK 80 kB URL HTTP/1.1 bosnews.xyz/wp-content/themes/colormag/assets/fonts/OpenSans-VariableFont.woff
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 80196, version 3.0\012- data
Hash 8d5902c75e6f6373b10b9a5aaad64821
cf35548f4f6a03fc63544a78703e61e00fae45a9
01860d2273448228ae1e9f7b7150e82bdcf98896938cccd44815f4c1c856204c
GET /wp-content/themes/colormag/assets/fonts/OpenSans-VariableFont.woff HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://bosnews.xyz/wp-content/themes/colormag/style.css?ver=2.1.8
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: application/x-font-woff
last-modified: Fri, 03 Feb 2023 14:33:33 GMT
etag: "13944-63dd1b3d-fd4c3f6893106a6c;;;"
accept-ranges: bytes
content-length: 80196
date: Tue, 07 Feb 2023 06:39:16 GMT
server: LiteSpeed
vary: User-Agent
bosnews.xyz/wp-content/themes/colormag/assets/fonts/OpenSans-Regular.woff
65.109.92.221200 OK 80 kB URL HTTP/1.1 bosnews.xyz/wp-content/themes/colormag/assets/fonts/OpenSans-Regular.woff
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 80280, version 3.0\012- data
Hash dec1ef467e5034d2562db22cf413034a
63eecb1133924bb8ec787a509a1e9e9afe8fb5bc
543ceb846af6fbfff9fc58f1e53994f3f191116c51ca95de3ce75d675c50ea66
GET /wp-content/themes/colormag/assets/fonts/OpenSans-Regular.woff HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://bosnews.xyz/wp-content/themes/colormag/style.css?ver=2.1.8
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: application/x-font-woff
last-modified: Fri, 03 Feb 2023 14:33:33 GMT
etag: "13998-63dd1b3d-8a4380e6a9bb481e;;;"
accept-ranges: bytes
content-length: 80280
date: Tue, 07 Feb 2023 06:39:16 GMT
server: LiteSpeed
vary: User-Agent
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 5f6d2615fdbf4cc6bb36d20e8a5d6687
5cd3114d31da0df09200317628d73cf035f9d413
11cdc5a3cacdd77c79a418fe010012f389ce55b48bcac2972f8ce539561a1330
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 07 Feb 2023 06:39:16 GMT
Last-Modified: Tue, 07 Feb 2023 05:14:14 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nDS7l17SzOqgdPNg5aT9O83QtyZJGMc45ais8XO2NbvOEQlaFmzzYw==
Age: 5102
www.effectivecreativeformat.com/b79003a3e100cd2f2f1fd14dbdf287d7/invoke.js
173.233.137.52200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/b79003a3e100cd2f2f1fd14dbdf287d7/invoke.js
IP 173.233.137.52:0
File type exported SGML document, ASCII text, with very long lines (26965), with no line terminators
Hash c01cb422607fc19ea6e7fc81b23715c2
909e935229ae6179905c14e0d0bd80ceae365bde
e5b4d99d2881f2de15a529ac25642944a89c27d95a3a8f52a417d874c6718b48
Analyzer Verdict Alert quad9 Sinkholed
GET /b79003a3e100cd2f2f1fd14dbdf287d7/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 06:39:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6cd64cbbb7167c824a33783f9404ce4f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.morningstar.co.uk/static/UploadManager/Assets/Bernie%20Madoff%20article.jpg
54.230.111.15200 OK 97 kB URL HTTP/2 www.morningstar.co.uk/static/UploadManager/Assets/Bernie%20Madoff%20article.jpg
IP 54.230.111.15:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=15, height=1469, bps=194, PhotometricIntepretation=RGB, description=FILE - Disgraced financier Bernard Madoff leaves U.S. District Court in Manhattan after a bail hearing in New York, Monday, Jan, orientation=upper-left, width=2200], progressive, precision 8, 725x400, components 3\012- data
Hash 88d799647a45b1741ff6f646e6df2131
c97cfea3690aed78ba1a762318a251f7b4b66d43
0da969af6174a0617fc4cb2a0e8e380d9413a4b058267d03af1fa9ec03c9a45e
GET /static/UploadManager/Assets/Bernie%20Madoff%20article.jpg HTTP/1.1
Host: www.morningstar.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bosnews.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 97144
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST
access-control-expose-headers: ETag
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Wed, 01 Feb 2023 09:08:16 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: wRwP97eMLKLsFZsfgE57Qhr02etoh6B_
accept-ranges: bytes
server: AmazonS3
date: Tue, 07 Feb 2023 06:28:53 GMT
etag: "88d799647a45b1741ff6f646e6df2131"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X9v478XGYulhMc9XRsieczfePvec5uERd1qCrN0nnlXz56kYzRR6tw==
age: 624
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 05:51:19 GMT
age: 2877
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
bosnews.xyz/wp-content/themes/colormag/assets/fonts/OpenSans-SemiBold.woff
65.109.92.221200 OK 80 kB URL HTTP/1.1 bosnews.xyz/wp-content/themes/colormag/assets/fonts/OpenSans-SemiBold.woff
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 80184, version 3.0\012- data
Hash 0f817666eeb799ff48de7d1df0102de5
ecc97ca90c38fd5d216dc2301b4cc403c9d590f9
e401b72553ea85689b6a2ee010d65bd1d41bd99d765ca892c49589e9a170634b
GET /wp-content/themes/colormag/assets/fonts/OpenSans-SemiBold.woff HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://bosnews.xyz/wp-content/themes/colormag/style.css?ver=2.1.8
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: application/x-font-woff
last-modified: Fri, 03 Feb 2023 14:33:33 GMT
etag: "13938-63dd1b3d-1a9a85519c29ab4;;;"
accept-ranges: bytes
content-length: 80184
date: Tue, 07 Feb 2023 06:39:16 GMT
server: LiteSpeed
vary: User-Agent
bosnews.xyz/wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
65.109.92.221200 OK 77 kB URL HTTP/1.1 bosnews.xyz/wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://bosnews.xyz/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 06:39:16 GMT
content-type: font/woff2
last-modified: Fri, 03 Feb 2023 14:33:33 GMT
etag: "12d68-63dd1b3d-b2408f29181d0ed9;;;"
accept-ranges: bytes
content-length: 77160
date: Tue, 07 Feb 2023 06:39:16 GMT
server: LiteSpeed
vary: User-Agent
www.effectivecreativeformat.com/292fb21b3bd0a7de3e5bcb1b05752de7/invoke.js
173.233.137.52200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/292fb21b3bd0a7de3e5bcb1b05752de7/invoke.js
IP 173.233.137.52:0
File type exported SGML document, ASCII text, with very long lines (26939), with no line terminators
Hash f5561ef00f0f6957c2656b6513f219d7
9791d5ffd3e687f27fdf563779ffb631215aede0
022f10966b3735037f9ae844a9538fa19d155cbe5034813e7894a2ab71e2f6f0
Analyzer Verdict Alert quad9 Sinkholed
GET /292fb21b3bd0a7de3e5bcb1b05752de7/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 06:39:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 45c4442b121c3eb00e08068138b520b4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9771
Expires: Tue, 07 Feb 2023 09:22:07 GMT
Date: Tue, 07 Feb 2023 06:39:16 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 9440397da9d5b01754ccf615efe0a0a7
ab644db2c89bbcafc8c39622c8983967d94b2022
4b07519c62e60e4129da6afea41291f3ffaa8a18135ecd0d2f348f1b27b2113b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 07 Feb 2023 06:39:16 GMT
Last-Modified: Tue, 07 Feb 2023 05:18:03 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YdRM2-rAM5RnjsPigx80MFIXgyq6uVtxGlUKINFfVMyLcvJcmEH0qA==
Age: 4874
bosnews.xyz/wp-content/themes/colormag/assets/fonts/OpenSans-Bold.woff
65.109.92.221200 OK 78 kB URL HTTP/1.1 bosnews.xyz/wp-content/themes/colormag/assets/fonts/OpenSans-Bold.woff
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 78156, version 3.0\012- data
Hash 1a592f9655ac68db7ba196134e938d74
8edc1a005636480304808fd9393c49ecae3d7e23
a1434cb9eee1f618cfa38f76759c919e606679bb2beb2cadd62964361c43a741
GET /wp-content/themes/colormag/assets/fonts/OpenSans-Bold.woff HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://bosnews.xyz/wp-content/themes/colormag/style.css?ver=2.1.8
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: application/x-font-woff
last-modified: Fri, 03 Feb 2023 14:33:33 GMT
etag: "1314c-63dd1b3d-3432fc1af546a46a;;;"
accept-ranges: bytes
content-length: 78156
date: Tue, 07 Feb 2023 06:39:16 GMT
server: LiteSpeed
vary: User-Agent
bosnews.xyz/wp-content/themes/colormag/assets/fonts/OpenSans-Italic.woff
65.109.92.221200 OK 84 kB URL HTTP/1.1 bosnews.xyz/wp-content/themes/colormag/assets/fonts/OpenSans-Italic.woff
IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 84032, version 3.0\012- data
Hash 148c5da926bb17f3976e32f478faa47c
b50d6d0a383a752a263cd795302539c0ac663aa4
abca6b3f5e3a4af083ea3e72fdae1e310f4a40c999ddd0e268a8fafdeaca3497
GET /wp-content/themes/colormag/assets/fonts/OpenSans-Italic.woff HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://bosnews.xyz/wp-content/themes/colormag/style.css?ver=2.1.8
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: application/x-font-woff
last-modified: Fri, 03 Feb 2023 14:33:33 GMT
etag: "14840-63dd1b3d-3c06cbcda3d88100;;;"
accept-ranges: bytes
content-length: 84032
date: Tue, 07 Feb 2023 06:39:16 GMT
server: LiteSpeed
vary: User-Agent
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash c13866afbf06f6ce4f0ffa4c536d0e4f
e39a6994f42de067db4fe579e5d11e2d75cc2669
05c1eef45cfa1f022af0fe8df138dedc2ab976d172ca18eb7fdfa55a35c3c804
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bosnews.xyz
Connection: keep-alive
Referer: http://bosnews.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:16 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://bosnews.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=c1544f0d-82e8-4945-8285-d6aac4ff1439:3:1; expires=Fri, 04 Feb 2033 06:39:16 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
www.effectivecreativeformat.com/292fb21b3bd0a7de3e5bcb1b05752de7/invoke.js
173.233.137.52200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/292fb21b3bd0a7de3e5bcb1b05752de7/invoke.js
IP 173.233.137.52:0
File type exported SGML document, ASCII text, with very long lines (26961), with no line terminators
Hash 9d19440f054f1ca158b0bd2a27ebbcac
56d93322fcf3dd29b7044ac445f71190661dbab8
79b7b97bd9e0fca8c88d23fda191712d60b0bd1f8bd0f0a343dd38f0e2577e3b
Analyzer Verdict Alert quad9 Sinkholed
GET /292fb21b3bd0a7de3e5bcb1b05752de7/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 06:39:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8cb289616ad2b1c013040e0d17b92980
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 9440397da9d5b01754ccf615efe0a0a7
ab644db2c89bbcafc8c39622c8983967d94b2022
4b07519c62e60e4129da6afea41291f3ffaa8a18135ecd0d2f348f1b27b2113b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114388
Date: Tue, 07 Feb 2023 06:39:16 GMT
Etag: "63e10119-1d7"
Expires: Wed, 08 Feb 2023 14:25:44 GMT
Last-Modified: Mon, 06 Feb 2023 13:31:05 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DApRidKXBTkym749YhVy2lx603rxTMn_19RJtSEGVklUWAqQ_8Vpfw==
Age: 3279
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash c13866afbf06f6ce4f0ffa4c536d0e4f
e39a6994f42de067db4fe579e5d11e2d75cc2669
05c1eef45cfa1f022af0fe8df138dedc2ab976d172ca18eb7fdfa55a35c3c804
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bosnews.xyz
Connection: keep-alive
Referer: http://bosnews.xyz/
Cookie: uid_id2=c1544f0d-82e8-4945-8285-d6aac4ff1439:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:16 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://bosnews.xyz
access-control-allow-credentials: true
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A11.3.2&blog=215234246&post=1327&tz=0&srv=bosnews.xyz&host=bosnews.xyz&ref=&fcp=752&rand=0.6711570885802955
192.0.76.3200 OK 50 B URL HTTP/1.1 pixel.wp.com/g.gif?v=ext&j=1%3A11.3.2&blog=215234246&post=1327&tz=0&srv=bosnews.xyz&host=bosnews.xyz&ref=&fcp=752&rand=0.6711570885802955
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A11.3.2&blog=215234246&post=1327&tz=0&srv=bosnews.xyz&host=bosnews.xyz&ref=&fcp=752&rand=0.6711570885802955 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 06:39:16 GMT
Content-Type: image/gif
Content-Length: 50
Connection: keep-alive
Cache-Control: no-cache
Access-Control-Allow-Origin: *
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 780123864e34308c537c28e9811ce899
157a9c766e5268789d36363c6eb97a96707506fe
a2508c1a24d08e2b346d89c4bacc388fd5f1cc533e396c0cf9647cca494baa22
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bosnews.xyz
Connection: keep-alive
Referer: http://bosnews.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:16 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://bosnews.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=4431e752-0ded-4b9e-8ab0-b892472198a3:3:1; expires=Fri, 04 Feb 2033 06:39:16 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tzt9K3ECPy7aPL/+fgLnEw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ldd3wyyY2OnTxRau3IwSw2j/aiA=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 29afa6e0646329b484cb20667ef8fd2f
a08a380c73bdbb7f4df888ed4e3cf767198410ab
12ad88e9066b0e595664a95cdfdd333bcb818a87bc561102dea682f249242b2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AD88E9066B0E595664A95CDFDD333BCB818A87BC561102DEA682F249242B2D"
Last-Modified: Sun, 05 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13078
Expires: Tue, 07 Feb 2023 10:17:14 GMT
Date: Tue, 07 Feb 2023 06:39:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c427f0a40e9a37185a90f0cb32c47dca
d6d6eb862f7ad162b809aec3e278157dea68f530
8e80aa6b23166b468ad5da901087251dfe3def8a81adecbdc2d9908da74678d6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E80AA6B23166B468AD5DA901087251DFE3DEF8A81ADECBDC2D9908DA74678D6"
Last-Modified: Mon, 06 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13021
Expires: Tue, 07 Feb 2023 10:16:17 GMT
Date: Tue, 07 Feb 2023 06:39:16 GMT
Connection: keep-alive
bosnews.xyz/favicon.ico
65.109.92.221404 Not Found 1.2 kB IP 65.109.92.221:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: bosnews.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=4431e752-0ded-4b9e-8ab0-b892472198a3%3A3%3A1
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Tue, 07 Feb 2023 06:39:17 GMT
server: LiteSpeed
vary: User-Agent
indignationmapprohibited.com/watch.464451173788.js?key=b79003a3e100cd2f2f1fd14dbdf287d7&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&tz=0&dev=e&res=12.1053&uuid=c1544f0d-82e8-4945-8285-d6aac4ff1439%3A3%3A1
173.233.137.60307 Temporary Redirect 0 B URL HTTP/1.1 indignationmapprohibited.com/watch.464451173788.js?key=b79003a3e100cd2f2f1fd14dbdf287d7&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&tz=0&dev=e&res=12.1053&uuid=c1544f0d-82e8-4945-8285-d6aac4ff1439%3A3%3A1
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.464451173788.js?key=b79003a3e100cd2f2f1fd14dbdf287d7&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&tz=0&dev=e&res=12.1053&uuid=c1544f0d-82e8-4945-8285-d6aac4ff1439%3A3%3A1 HTTP/1.1
Host: indignationmapprohibited.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bosnews.xyz
Connection: keep-alive
Referer: http://bosnews.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 06:39:17 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://bosnews.xyz
Access-Control-Allow-Origin: http://bosnews.xyz
Access-Control-Allow-Credentials: true
Location: https://indignationmapprohibited.com/watch.464451173788.js?key=b79003a3e100cd2f2f1fd14dbdf287d7&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&tz=0&dev=e&res=12.1053&uuid=c1544f0d-82e8-4945-8285-d6aac4ff1439%3A3%3A1&shu=da55f2ba969ae2bb20d1861284ffe9b09e9e711e5c5198e0ecb139a9103bce370edd72c3c2b0b912981fa571f69fee936252a0be3e4bd12469ec0219770e0d6c0bc82e79701791a1540d0382a5e985d3d3fdd9e827ac7405b813bc6b9dd4cd0e&pst=1675752017&rmtc=t
Set-Cookie: u_pl=18292204; expires=Wed, 08 Feb 2023 06:39:17 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI5MjIwNCwiayI6ImI3OTAwM2EzZTEwMGNkMmYyZjFmZDE0ZGJkZjI4N2Q3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDk3NzQ3LCJwaWQiOjYyMDU5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoicno0a3NydmsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2Jvc25ld3MueHl6LzIwMjMvMDIvMDEvdGhlLW1hZG9mZi1uZXRmbGl4LXNwZWNpYWwtbGVzc29ucy1mb3ItaW52ZXN0b3JzLyJ9fQ.L5_WSmQGgZJepPpYoT0sF8rRt4LuRkONDPxyXnQsXmQ; expires=Tue, 07 Feb 2023 06:40:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 967eec8a7e7e81cca9ed63bbb65b9259
Strict-Transport-Security: max-age=0; includeSubdomains
priestsuede.com/watch.1239046969675.js?key=292fb21b3bd0a7de3e5bcb1b05752de7&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&tz=0&dev=e&res=12.1053&uuid=4431e752-0ded-4b9e-8ab0-b892472198a3%3A3%3A1
173.233.137.36307 Temporary Redirect 0 B URL HTTP/1.1 priestsuede.com/watch.1239046969675.js?key=292fb21b3bd0a7de3e5bcb1b05752de7&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&tz=0&dev=e&res=12.1053&uuid=4431e752-0ded-4b9e-8ab0-b892472198a3%3A3%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1239046969675.js?key=292fb21b3bd0a7de3e5bcb1b05752de7&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&tz=0&dev=e&res=12.1053&uuid=4431e752-0ded-4b9e-8ab0-b892472198a3%3A3%3A1 HTTP/1.1
Host: priestsuede.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bosnews.xyz
Connection: keep-alive
Referer: http://bosnews.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 06:39:17 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://bosnews.xyz
Access-Control-Allow-Origin: http://bosnews.xyz
Access-Control-Allow-Credentials: true
Location: https://priestsuede.com/watch.1239046969675.js?key=292fb21b3bd0a7de3e5bcb1b05752de7&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&tz=0&dev=e&res=12.1053&uuid=4431e752-0ded-4b9e-8ab0-b892472198a3%3A3%3A1&shu=1a531aa307d670968dc07032fb40a63a6038fb228d5132f0d9d7cbff0f4a2baef511a130b52fd6e405f9e6b3cab22f07fd94ae46cdb0079e9d25f782ad41d6b3e3198f995b2607e66721bd5bd4b93c16859797f76f92b8254a652d88bfbbf00e&pst=1675752017&rmtc=t
Set-Cookie: u_pl=18292181; expires=Wed, 08 Feb 2023 06:39:17 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI5MjE4MSwiayI6IjI5MmZiMjFiM2JkMGE3ZGUzZTViY2IxYjA1NzUyZGU3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDk3NzQ3LCJwaWQiOjYyMDU5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNiwicHQiOjQsInBrIjoieGRwbTlpYTAiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2Jvc25ld3MueHl6LzIwMjMvMDIvMDEvdGhlLW1hZG9mZi1uZXRmbGl4LXNwZWNpYWwtbGVzc29ucy1mb3ItaW52ZXN0b3JzLyJ9fQ.ugWpP-fiG0vEuogin5NngAHP1Cbr4bdiVGk3721AVwc; expires=Tue, 07 Feb 2023 06:40:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 96b314f336cd8c1a5131eb7668d99708
Strict-Transport-Security: max-age=0; includeSubdomains
indignationmapprohibited.com/watch.464451173788.js?key=b79003a3e100cd2f2f1fd14dbdf287d7&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&tz=0&dev=e&res=12.1053&uuid=c1544f0d-82e8-4945-8285-d6aac4ff1439%3A3%3A1&shu=da55f2ba969ae2bb20d1861284ffe9b09e9e711e5c5198e0ecb139a9103bce370edd72c3c2b0b912981fa571f69fee936252a0be3e4bd12469ec0219770e0d6c0bc82e79701791a1540d0382a5e985d3d3fdd9e827ac7405b813bc6b9dd4cd0e&pst=1675752017&rmtc=t
173.233.137.60200 OK 635 B URL HTTP/1.1 indignationmapprohibited.com/watch.464451173788.js?key=b79003a3e100cd2f2f1fd14dbdf287d7&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&tz=0&dev=e&res=12.1053&uuid=c1544f0d-82e8-4945-8285-d6aac4ff1439%3A3%3A1&shu=da55f2ba969ae2bb20d1861284ffe9b09e9e711e5c5198e0ecb139a9103bce370edd72c3c2b0b912981fa571f69fee936252a0be3e4bd12469ec0219770e0d6c0bc82e79701791a1540d0382a5e985d3d3fdd9e827ac7405b813bc6b9dd4cd0e&pst=1675752017&rmtc=t
IP 173.233.137.60:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (581)
Hash d8b93d2cbd6317500646a11239b5f9d4
15c10b07c21f5af9fa837b7beaf4cf5d13c243c3
22adb75146ec2b42f47246ed722e31df44c55e127a70eee0b63de1a24e27b020
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.464451173788.js?key=b79003a3e100cd2f2f1fd14dbdf287d7&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&tz=0&dev=e&res=12.1053&uuid=c1544f0d-82e8-4945-8285-d6aac4ff1439%3A3%3A1&shu=da55f2ba969ae2bb20d1861284ffe9b09e9e711e5c5198e0ecb139a9103bce370edd72c3c2b0b912981fa571f69fee936252a0be3e4bd12469ec0219770e0d6c0bc82e79701791a1540d0382a5e985d3d3fdd9e827ac7405b813bc6b9dd4cd0e&pst=1675752017&rmtc=t HTTP/1.1
Host: indignationmapprohibited.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bosnews.xyz
Referer: http://bosnews.xyz/
Connection: keep-alive
Cookie: u_pl=18292204; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI5MjIwNCwiayI6ImI3OTAwM2EzZTEwMGNkMmYyZjFmZDE0ZGJkZjI4N2Q3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDk3NzQ3LCJwaWQiOjYyMDU5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoicno0a3NydmsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2Jvc25ld3MueHl6LzIwMjMvMDIvMDEvdGhlLW1hZG9mZi1uZXRmbGl4LXNwZWNpYWwtbGVzc29ucy1mb3ItaW52ZXN0b3JzLyJ9fQ.L5_WSmQGgZJepPpYoT0sF8rRt4LuRkONDPxyXnQsXmQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 06:39:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://bosnews.xyz
Access-Control-Allow-Origin: http://bosnews.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=c1544f0d-82e8-4945-8285-d6aac4ff1439:3:1; expires=Tue, 14 Feb 2023 06:39:17 GMT; secure; SameSite=None
iprc99ed9f75ef3ddfaca3ed05dc9813b36b=2717343; expires=Wed, 08 Feb 2023 08:39:17 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 08 Feb 2023 06:39:17 GMT; secure; SameSite=None
uncs=1; expires=Wed, 08 Feb 2023 06:39:17 GMT; secure; SameSite=None
pdhtkv23=true; expires=Wed, 08 Feb 2023 06:39:17 GMT; secure; SameSite=None
uncs23=1; expires=Wed, 08 Feb 2023 06:39:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 36b9168276aadf0de9f609effc8b6862
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a68e36530ed15ad52943dce2f815744e
1f090abe261ff1b41471a714ce72e7a80b282da1
037ed4e6c3b8d528b383f28a2d78a437b43647ec7e587130b80aadecbfe53494
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "037ED4E6C3B8D528B383F28A2D78A437B43647EC7E587130B80AADECBFE53494"
Last-Modified: Mon, 06 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2353
Expires: Tue, 07 Feb 2023 07:18:30 GMT
Date: Tue, 07 Feb 2023 06:39:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b762fe844f6e99ebf7b41ed667512cb0
54cde9824957e39c9e34a893faaac92bf397ab72
abe75e929a9b572764d8a5f1ada4744832216f6312c62218390ee6736788d554
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ABE75E929A9B572764D8A5F1ADA4744832216F6312C62218390EE6736788D554"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1898
Expires: Tue, 07 Feb 2023 07:10:55 GMT
Date: Tue, 07 Feb 2023 06:39:17 GMT
Connection: keep-alive
priestsuede.com/watch.1239046969675?key=292fb21b3bd0a7de3e5bcb1b05752de7&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&tz=0&dev=e&res=12.1053&uuid=4431e752-0ded-4b9e-8ab0-b892472198a3%3A3%3A1
173.233.137.36200 OK 1.3 kB URL HTTP/1.1 priestsuede.com/watch.1239046969675?key=292fb21b3bd0a7de3e5bcb1b05752de7&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&tz=0&dev=e&res=12.1053&uuid=4431e752-0ded-4b9e-8ab0-b892472198a3%3A3%3A1
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (614)
Hash 271fd182845062876d03305d9579a237
3c8537e3476ea5945255a88f1c2c74aede69e248
f26e2d79ab73e737082ebf46f6a292f07b776e21d4d96923ecd15d08790aaeab
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1239046969675?key=292fb21b3bd0a7de3e5bcb1b05752de7&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&tz=0&dev=e&res=12.1053&uuid=4431e752-0ded-4b9e-8ab0-b892472198a3%3A3%3A1 HTTP/1.1
Host: priestsuede.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bosnews.xyz/
Cookie: u_pl=18292181; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI5MjE4MSwiayI6IjI5MmZiMjFiM2JkMGE3ZGUzZTViY2IxYjA1NzUyZGU3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDk3NzQ3LCJwaWQiOjYyMDU5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNiwicHQiOjQsInBrIjoieGRwbTlpYTAiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2Jvc25ld3MueHl6LzIwMjMvMDIvMDEvdGhlLW1hZG9mZi1uZXRmbGl4LXNwZWNpYWwtbGVzc29ucy1mb3ItaW52ZXN0b3JzLyJ9fQ.ugWpP-fiG0vEuogin5NngAHP1Cbr4bdiVGk3721AVwc
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 06:39:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI5MjE4MSwiayI6IjI5MmZiMjFiM2JkMGE3ZGUzZTViY2IxYjA1NzUyZGU3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDk3NzQ3LCJwaWQiOjYyMDU5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNiwicHQiOjQsInBrIjoieGRwbTlpYTAiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHA6Ly9ib3NuZXdzLnh5ei8yMDIzLzAyLzAxL3RoZS1tYWRvZmYtbmV0ZmxpeC1zcGVjaWFsLWxlc3NvbnMtZm9yLWludmVzdG9ycy8ifX0.FdzdItUjQKXJO5CUHNsxzmFaAQGJsfl3UVRtTBrdY9M; expires=Tue, 07 Feb 2023 06:40:17 GMT; secure; SameSite=None
uid_id2=4431e752-0ded-4b9e-8ab0-b892472198a3:3:1; expires=Tue, 14 Feb 2023 06:39:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 05c2f04754eb1a783e66d4f00a59e4be
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=18292204
173.233.137.36200 OK 1.3 kB URL HTTP/1.1 jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=18292204
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 49af78e5dc07f8e31eaffd6298a88cf1
0b527a3c6482673a98f04d1fd225731cda399789
e787a564f3b68408a7b4c3299851526330d81dd5df427c0c69dffd5f8fd5c95a
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=18292204 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bosnews.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 06:39:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Wed, 08 Feb 2023 06:39:17 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTgyOTIyMDQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2Jvc25ld3MueHl6LyJ9fQ.ueIODj8XyTqV-ZQEt2wGjuv23K0VKwI_04esKzZTA9o; expires=Tue, 07 Feb 2023 06:40:17 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ef9e46a884f573f93239a75bcf852521
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
priestsuede.com/watch.1239046969675?shu=2649decbcf84493363f6e84d16ea032e56f67d7d859df668da816558f5d69bc68ea0fc4e809c620961da58f4ac1ae4f913e74623fe6ea53b025d032acc484cf0ed10b9f24ca6789440b8e0fa6663de06de19d474cd6838429eee8d01482767a8&pst=1675752017&rmtc=t&uuid=4431e752-0ded-4b9e-8ab0-b892472198a3%3A3%3A1&pii=&in=false&key=292fb21b3bd0a7de3e5bcb1b05752de7&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&tz=0&dev=e&res=12.1053
173.233.137.36200 OK 761 B URL HTTP/1.1 priestsuede.com/watch.1239046969675?shu=2649decbcf84493363f6e84d16ea032e56f67d7d859df668da816558f5d69bc68ea0fc4e809c620961da58f4ac1ae4f913e74623fe6ea53b025d032acc484cf0ed10b9f24ca6789440b8e0fa6663de06de19d474cd6838429eee8d01482767a8&pst=1675752017&rmtc=t&uuid=4431e752-0ded-4b9e-8ab0-b892472198a3%3A3%3A1&pii=&in=false&key=292fb21b3bd0a7de3e5bcb1b05752de7&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&tz=0&dev=e&res=12.1053
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (547)
Hash 591aa077ee07b1a70be635d442e18084
3aaed82ee229098e0d540c7152f18a995eccdd3f
37c60f0be194b4c190214da4aa330f82d7aeb8e8a390ce5e2b19e13922d21676
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1239046969675?shu=2649decbcf84493363f6e84d16ea032e56f67d7d859df668da816558f5d69bc68ea0fc4e809c620961da58f4ac1ae4f913e74623fe6ea53b025d032acc484cf0ed10b9f24ca6789440b8e0fa6663de06de19d474cd6838429eee8d01482767a8&pst=1675752017&rmtc=t&uuid=4431e752-0ded-4b9e-8ab0-b892472198a3%3A3%3A1&pii=&in=false&key=292fb21b3bd0a7de3e5bcb1b05752de7&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&tz=0&dev=e&res=12.1053 HTTP/1.1
Host: priestsuede.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://priestsuede.com/watch.1239046969675?key=292fb21b3bd0a7de3e5bcb1b05752de7&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&tz=0&dev=e&res=12.1053&uuid=4431e752-0ded-4b9e-8ab0-b892472198a3%3A3%3A1
Cookie: u_pl=18292181; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI5MjE4MSwiayI6IjI5MmZiMjFiM2JkMGE3ZGUzZTViY2IxYjA1NzUyZGU3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDk3NzQ3LCJwaWQiOjYyMDU5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNiwicHQiOjQsInBrIjoieGRwbTlpYTAiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHA6Ly9ib3NuZXdzLnh5ei8yMDIzLzAyLzAxL3RoZS1tYWRvZmYtbmV0ZmxpeC1zcGVjaWFsLWxlc3NvbnMtZm9yLWludmVzdG9ycy8ifX0.FdzdItUjQKXJO5CUHNsxzmFaAQGJsfl3UVRtTBrdY9M; uid_id2=4431e752-0ded-4b9e-8ab0-b892472198a3:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 06:39:17 GMT
Content-Type: text/html
Content-Length: 761
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
Access-Control-Allow-Origin: http://bosnews.xyz/2023/02/01/the-madoff-netflix-special-lessons-for-investors/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=4431e752-0ded-4b9e-8ab0-b892472198a3:3:1; expires=Tue, 14 Feb 2023 06:39:17 GMT; secure; SameSite=None
iprc462430fb78a1d32f8cbf2e8d1c6998f3=2717338; expires=Wed, 08 Feb 2023 08:39:17 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 08 Feb 2023 06:39:17 GMT; secure; SameSite=None
uncs=1; expires=Wed, 08 Feb 2023 06:39:17 GMT; secure; SameSite=None
pdhtkv26=true; expires=Wed, 08 Feb 2023 06:39:17 GMT; secure; SameSite=None
uncs26=1; expires=Wed, 08 Feb 2023 06:39:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7a33829c2c0afedcae76c163ee4d0dc0
Strict-Transport-Security: max-age=0; includeSubdomains
peeksdragoncontinually.com/watch.172684320468?key=292fb21b3bd0a7de3e5bcb1b05752de7&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&tz=0&dev=e&res=12.1053&uuid=4431e752-0ded-4b9e-8ab0-b892472198a3%3A3%3A1
173.233.137.52200 OK 1.3 kB URL HTTP/1.1 peeksdragoncontinually.com/watch.172684320468?key=292fb21b3bd0a7de3e5bcb1b05752de7&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&tz=0&dev=e&res=12.1053&uuid=4431e752-0ded-4b9e-8ab0-b892472198a3%3A3%3A1
IP 173.233.137.52:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (614)
Hash abb34dbe012d6ba57031c0c2aae1e0b8
1a33e5ec4e5ed1c2b6c247cd48162d2f5db43ab5
7249217a70a731ab0fbe837c5a0a643f7526696b35d8ee4cb2d4bb83821621fa
GET /watch.172684320468?key=292fb21b3bd0a7de3e5bcb1b05752de7&kw=%5B%22the%22%2C%22madoff%22%2C%22netflix%22%2C%22special%22%2C%22lessons%22%2C%22for%22%2C%22investors%22%2C%22%E2%80%93%22%2C%22boss%22%2C%22news%22%5D&refer=http%3A%2F%2Fbosnews.xyz%2F2023%2F02%2F01%2Fthe-madoff-netflix-special-lessons-for-investors%2F&tz=0&dev=e&res=12.1053&uuid=4431e752-0ded-4b9e-8ab0-b892472198a3%3A3%3A1 HTTP/1.1
Host: peeksdragoncontinually.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bosnews.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 06:39:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=18292181; expires=Wed, 08 Feb 2023 06:39:17 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI5MjE4MSwiayI6IjI5MmZiMjFiM2JkMGE3ZGUzZTViY2IxYjA1NzUyZGU3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDk3NzQ3LCJwaWQiOjYyMDU5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNiwicHQiOjQsInBrIjoieGRwbTlpYTAiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2Jvc25ld3MueHl6LzIwMjMvMDIvMDEvdGhlLW1hZG9mZi1uZXRmbGl4LXNwZWNpYWwtbGVzc29ucy1mb3ItaW52ZXN0b3JzLyJ9fQ.ugWpP-fiG0vEuogin5NngAHP1Cbr4bdiVGk3721AVwc; expires=Tue, 07 Feb 2023 06:40:17 GMT; secure; SameSite=None
uid_id2=4431e752-0ded-4b9e-8ab0-b892472198a3:3:1; expires=Tue, 14 Feb 2023 06:39:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6fba741ce6a0ea8a5b6679c08864bc22
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16357
Expires: Tue, 07 Feb 2023 11:11:55 GMT
Date: Tue, 07 Feb 2023 06:39:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16357
Expires: Tue, 07 Feb 2023 11:11:55 GMT
Date: Tue, 07 Feb 2023 06:39:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16357
Expires: Tue, 07 Feb 2023 11:11:55 GMT
Date: Tue, 07 Feb 2023 06:39:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16357
Expires: Tue, 07 Feb 2023 11:11:55 GMT
Date: Tue, 07 Feb 2023 06:39:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16357
Expires: Tue, 07 Feb 2023 11:11:55 GMT
Date: Tue, 07 Feb 2023 06:39:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0594f78c4fdfed5dd2e0666312555f40
db903b9a3f387c1510170f8d16dd4d289f7df83f
8874083a529064657b18be58147ae7df5fe79c822c4bd2a023fdf3df7186a62e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3712
x-amzn-requestid: 44c7e7bd-1a95-49b6-9b0a-f8aff3725ded
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftbOtH-lIAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba591-2fb19c33646c3d327681e9f9;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 11:59:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ws42XiDa6w4O13v7obhNXNfA0QQIv03RG0Ze0IPrKWxxvsvUY2eCVg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:48:55 GMT
age: 31823
etag: "db903b9a3f387c1510170f8d16dd4d289f7df83f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eedb4de12585c70ddb5b8f94fe6a59e2
83c9437e71a0a03b3e8ff652155a85eafa76cdda
d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4227
x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77sTH4jIAMFnsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V_4NzIAVBOZMjf_YIM3bowFdlP1y4peI5JI-jO105s3NVjmyYnC0Tg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:48:48 GMT
age: 31830
etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92008e687831334af1cdbf4b8a57579f
e6ff750f12836637adf5b253d64c2102fdf3c180
39af3e630e0271b54139849c1b596efbdc69a23ce943e5330341d49f77798c7c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7183
x-amzn-requestid: 02695a8d-2ab8-4d77-bfbe-f99418d8ef00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f78YOGsyoAMF5wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e17434-2614cef4059e7fd5009cb46d;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:42:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5wy_7Z30HRIcZufSPCTKu9UoJD1o_NDlhuyL5bvidDwbqC_3p99yYA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:44:57 GMT
age: 32061
etag: "e6ff750f12836637adf5b253d64c2102fdf3c180"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F198b8ebd-22a2-44e4-af1d-3429fb3e64bb.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F198b8ebd-22a2-44e4-af1d-3429fb3e64bb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 08d66d83f1ae9acd6e442c4dcaed2a20
8c258ac6de196f8c32f1af69e7a754da0610b090
a32b5df8fd6bea737e04679d05e9f0cc645cbe6d799329877e78f9e994a6eff6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F198b8ebd-22a2-44e4-af1d-3429fb3e64bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12368
x-amzn-requestid: 218d5607-8914-4189-b54a-87800397fa67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2aEYnIAMFWNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf5-0245bba8207cdf9a5a580299;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GQtdjIY6JkJNL3UHzff9s4DOyG1f10BzA1-u9hTPjppunAlp-DL-IQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 01:38:45 GMT
age: 18033
etag: "8c258ac6de196f8c32f1af69e7a754da0610b090"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3cd20c6639e2b0d996fbbd7df2d4f47
2e54c22fb83981e2690161cd521e4fc3998e9c16
9b2b1f3e062fca74341d09540e44d2a02ec451b8349440ed5917073e8fab988d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6316
x-amzn-requestid: 1988058c-5aee-4964-9046-83a5f14a927d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwhjnFdxoAMFgpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dce2e3-5ec35d0d6bef4d4944c629c0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 10:33:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Z9b1A_GpinQXvbA-g2PoKhVSNVd5gMrId0WUTmKSCkg-YAan1dtp-w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 22:21:35 GMT
age: 29863
etag: "2e54c22fb83981e2690161cd521e4fc3998e9c16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75b0935816ca54d5d20a9fffa5531e0d
bd8374980c16b7d5a28e55b8bef2215713b1ebb2
4ab6f49d22d029681754b617001f93467d63035acdaf12905c2314cab77991af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13390
x-amzn-requestid: 0664e077-13a4-4a97-afc2-3969cee56958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2pu6Fb7oAMF_0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df565f-057ee8fa26aa83d21f875d73;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 07:10:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cAwOWu-_JYTMa0l-1A07FxgOGtG7P59D7XlovXByRA9dQxfsS2An7w==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 18:44:40 GMT
age: 42878
etag: "bd8374980c16b7d5a28e55b8bef2215713b1ebb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
jennyvisits.com/dyfc1k09?shu=abf81464bd92107e16c7305bcdcdf12d697823c467380d2a6f0f19c504c0ba0d9313f37e3a0691daf76311a4cc6503c631d4c7cafb6994ec4cf7a39609d1787338e0ca1d33f703ca65a6450c20aec14ec84c66633385dbd7ade4600547c607f343&pst=1675752017&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Fbosnews.xyz%2F&psid=18292204
173.233.137.36302 Found 0 B URL HTTP/1.1 jennyvisits.com/dyfc1k09?shu=abf81464bd92107e16c7305bcdcdf12d697823c467380d2a6f0f19c504c0ba0d9313f37e3a0691daf76311a4cc6503c631d4c7cafb6994ec4cf7a39609d1787338e0ca1d33f703ca65a6450c20aec14ec84c66633385dbd7ade4600547c607f343&pst=1675752017&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Fbosnews.xyz%2F&psid=18292204
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dyfc1k09?shu=abf81464bd92107e16c7305bcdcdf12d697823c467380d2a6f0f19c504c0ba0d9313f37e3a0691daf76311a4cc6503c631d4c7cafb6994ec4cf7a39609d1787338e0ca1d33f703ca65a6450c20aec14ec84c66633385dbd7ade4600547c607f343&pst=1675752017&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Fbosnews.xyz%2F&psid=18292204 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jennyvisits.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTgyOTIyMDQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2Jvc25ld3MueHl6LyJ9fQ.ueIODj8XyTqV-ZQEt2wGjuv23K0VKwI_04esKzZTA9o; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 06:39:17 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
Set-Cookie: pdhtkv=true; expires=Wed, 08 Feb 2023 06:39:17 GMT
uncs=1; expires=Wed, 08 Feb 2023 06:39:17 GMT
pdhtkv28=true; expires=Wed, 08 Feb 2023 06:39:17 GMT
uncs28=1; expires=Wed, 08 Feb 2023 06:39:17 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8b257b4cc36d63f8599a9475f95b45e0
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
23.36.79.11307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Tue, 07 Feb 2023 06:39:18 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 07 Feb 2023 06:39:18 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228792360350%7c1%22%7d%5d; domain=.unibet.com; expires=Thu, 07-Feb-3022 06:39:18 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=39, ak_p; desc="465486_388255495_136946290_5859_3452_1_0";dur=1
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 07 Feb 2023 06:39:18 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
set-cookie: JSESSIONID=node01ubvrfgqnwph81pzcj0lw7snsb3110256.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01ubvrfgqnwph81pzcj0lw7sns; Path=/; Domain=.unibet.nu; Expires=Thu, 06-Feb-2025 06:39:18 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Thu, 06-Feb-2025 06:39:18 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://jennyvisits.com/"; Path=/; Domain=.unibet.nu; Expires=Thu, 06-Feb-2025 06:39:18 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_11FF301A3A9C4400837B5ACA1C795678; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68246908; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fjennyvisits.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_11FF301A3A9C4400837B5ACA1C795678%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://jennyvisits.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Tue, 07 Feb 2023 06:39:18 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: __ucbt=node01ubvrfgqnwph81pzcj0lw7sns; uniattr=ST.0.T; uniattr_ref="https://jennyvisits.com/"; affiliateId=1; B-TAG=127656177_11FF301A3A9C4400837B5ACA1C795678; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fjennyvisits.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_11FF301A3A9C4400837B5ACA1C795678%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Tue, 07 Feb 2023 06:39:18 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Tue, 07 Feb 2023 06:39:18 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2ffaac74142c32f8a4a5e94784b0cd8a
889fc39756dabd019893876b1f800d302a6c0105
ebb714e1c4553a432d0cb2bcd60d6ae5174eb0a6b553d66cf56077c37c2fbbf0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB714E1C4553A432D0CB2BCD60D6AE5174EB0A6B553D66CF56077C37C2FBBF0"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10008
Expires: Tue, 07 Feb 2023 09:26:06 GMT
Date: Tue, 07 Feb 2023 06:39:18 GMT
Connection: keep-alive
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
85.184.96.5200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228792360350%7c1%22%7d%5d; btag=127656177_11FF301A3A9C4400837B5ACA1C795678
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
104.18.25.188200 OK 2.5 kB URL HTTP/2 welcome.unibet.com/custom.js
IP 104.18.25.188:0
Hash b2f6d5e16a72c64701fdc1471e889f73
75cc89408f9c79b1c69b2f0c31d76b465513803f
9f94ee8f6ca1e58daabbb1890f9ad6152edd10eac257ee2e74ea2d27c55dafb7
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228792360350%7c1%22%7d%5d; btag=127656177_11FF301A3A9C4400837B5ACA1C795678
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 79601
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a20ad7e940b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
104.18.25.188200 OK 4.9 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356)
Hash 5d9f06ff8e830e913a7e3b7396447e4d
5bbbf8641b11a069ef492b4bf57406b6a807783e
4805f76c3b2e5bf903048393ebefdc99d330c2f36d582a848a51061a233c6cb5
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228792360350%7c1%22%7d%5d; btag=127656177_11FF301A3A9C4400837B5ACA1C795678
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99183CF8FA"
x-ms-request-id: d4160c8c-201e-0016-7481-31e4d5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 410931
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a20ad7ea40b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.106200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:28:50 GMT
expires: Thu, 01 Feb 2024 22:28:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 461428
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 06:39:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:300,400,500
142.250.74.106200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 142.250.74.106:0
Hash 8bc1f1ee1d06765d631ea089668e9f41
e7071f4b1add5b5ba389df99cfdc0fc33bbb4879
4a380cd38c096a530b2fa79700836dadc335a6f809292f1eed9dd1154846e161
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Feb 2023 06:39:18 GMT
date: Tue, 07 Feb 2023 06:39:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.132.15200 OK 110 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.132.15:0
File type ASCII text, with very long lines (54456), with no line terminators
Size 110 kB (110300 bytes)
Hash 7d1a44f148c52d6b159a2ba354e92208
7e3c5ea7e212e8a34691c5bae2766015e13ae50e
a481868643f8d53f8cb24521a513a9b46d50c471adfdef61a2c254acbf201c42
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: text/css
x-amz-id-2: kIWUcp4/gRprxrhG4Bo7YL49QfCfoJzgcb+lBni7kDeALpU6YcOHbXZK3Ce3+VKgInDBPr7yuoA=
x-amz-request-id: GQJ6HHGYZ6JW9X6Q
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 898016
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTxb%2BxCvizL%2BNkuz81zyd0r3%2F7z9uwgOfPxMRonv78QEE%2F33mzrIwCZg8XY%2BvCmZUwJW03ngSrQ4is4dds9XGxq8OMCZvOA9wLvev2J4%2BCmBUpG%2B2BBY0G6reuxv1HYhHzdTnuVb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795a20ae1e9f892a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
104.18.25.188200 OK 12 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3207), with no line terminators
Hash 76cabe009d762ffd0c86ecd2a0bdbc6b
be0f46dba082bbf5ce92714c9d8eb01d1b67f5eb
ea56ef6e4ae78effc693a575d28afbe80be66b2fbd5a933ec242ec054dd0e36c
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228792360350%7c1%22%7d%5d; btag=127656177_11FF301A3A9C4400837B5ACA1C795678
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915A7459F"
x-ms-request-id: e677fb13-901e-0061-5581-313141000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 410932
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a20ad7e9c0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
104.18.25.188200 OK 2.6 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5740), with no line terminators
Hash d356ce90e93641c8696abb7dd0df7dce
f083c45824ecc7b27bd290a0ba618deb9be1c90c
8072b6c7371f4b25c3c2b36f692ac8ad146466d0db91a1d10aa1dd4473cf78cd
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228792360350%7c1%22%7d%5d; btag=127656177_11FF301A3A9C4400837B5ACA1C795678
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99184AD9A4"
x-ms-request-id: fa9ed380-a01e-0027-7f81-3105c6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 410931
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a20ad8ea50b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
104.18.25.188200 OK 996 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (966), with no line terminators
Hash a785cbbf653b22ecd061a4a9cd21ee12
cfbc51401507ce2c777f20718ad83d90bd6cba56
1578e4f91e221ad5438b1b4b041d5d29be4c005152f5646d19df519b4c6cbc64
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228792360350%7c1%22%7d%5d; btag=127656177_11FF301A3A9C4400837B5ACA1C795678
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99174612EA"
x-ms-request-id: 82c2bcc2-201e-0029-1081-312c76000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 410931
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a20ad8ea70b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
172.64.132.15200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
IP 172.64.132.15:0
File type Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Hash 3638e62ea50e6f5859b6a15276c25c87
f5aa1a463e223a294a42b314e1c63a614d594ec0
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: font/woff2
content-length: 74320
x-amz-id-2: M4A/F0JmvDZ1O1xRg2EBakOzxZF3bSCcwS7PM2TzdgHMYzotAgHsHpRFaX6ety8BGzuScpc+CmY=
x-amz-request-id: KZBF2W9RM5AR88GJ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: "3638e62ea50e6f5859b6a15276c25c87"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2067949
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKQogjLrG%2B%2F%2BIDP3sDVmAwDSaX%2FVZKDf3OMU2a%2FV78lum2vPYdiM%2B3rxrrcMGEIizHPLH6OlJfNDInsX2BtJt9Ofki4j6SlKptAedXkIxKjfLtL5Ckam%2B9uLZA6Ws3sgwJJEiSXj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795a20af5fcf892a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 06:39:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 06:39:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/widget/betslip/betslip.js
104.18.25.188200 OK 20 kB URL HTTP/2 welcome.unibet.com/widget/betslip/betslip.js
IP 104.18.25.188:0
File type ASCII text, with very long lines (693)
Hash 5c3d29fffa0d818bd24ed97313ad56cb
25abb98d7f9d682e51829bca7b7e4703023c68e5
eda993c965ac32b9eaf3450dec9b77308ca6b4ed37968120b1a42fd142ac6782
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228792360350%7c1%22%7d%5d; btag=127656177_11FF301A3A9C4400837B5ACA1C795678
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 556a432d-701e-0079-3f03-03ee26000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 79602
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a20ae9f740b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
142.250.74.168200 OK 81 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP 142.250.74.168:0
File type ASCII text, with very long lines (62112)
Hash 485a1d02752d5546da5e148cac91e2e4
ef4d8fa09fcf14b2b5fc0da5e8cdfd90d636641e
aada30ef4a7c6321a98ecc6b17fc6370ae558c2f57931ea008f20540f67fa331
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 Feb 2023 06:39:18 GMT
expires: Tue, 07 Feb 2023 06:39:18 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 Feb 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81056
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 22:02:00 GMT
expires: Mon, 05 Feb 2024 22:02:00 GMT
cache-control: public, max-age=31536000
age: 117439
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 70d7e4cd91d9f630c160410d22c1cede
82f5d0fbb11bcde09c107b6c1cbc6e014bb08b85
b8679be6c92167c51793ca4a8774caf0a50949737a99652243208fcfda917faf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 06:39:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
104.18.25.188200 OK 897 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP 104.18.25.188:0
File type PNG image data, 33 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash 75d19e0525bce46c8d3f74732efe150d
8d58678d0c0e860cd0cff8ef9dc96b85b5dea480
ebdff4d019ac6a7f3e6724f0ca8a96d17e85c627b4319675e7b24266295e0859
GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228792360350%7c1%22%7d%5d; btag=127656177_11FF301A3A9C4400837B5ACA1C795678
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:19 GMT
content-type: image/x-icon
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914F4D898"
x-ms-request-id: e6735b96-c01e-0021-0381-313679000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 410924
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a20b0086c0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 1.1 kB URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash aa285981f31d75e476cccc6fff9c01cb
a2bb4d1707226161245292df3f56edabd4926a7d
71e052999fcb0f61276f6f7c931926876c80da5a9332a7d69247e81df6b0c892
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228792360350%7c1%22%7d%5d; btag=127656177_11FF301A3A9C4400837B5ACA1C795678
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 277 B IP 93.184.220.29:0
Hash 0a5c96f592a671498b3246a41741dd61
9bfea29c897161161c55a5e1577c53b115e5a6e9
af877d398a97827091e9ad60f72273822b0853ad164c5c87c35f30affe656f70
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6457
Cache-Control: max-age=105285
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 06:39:19 GMT
Etag: "63e0d123-115"
Expires: Wed, 08 Feb 2023 11:54:04 GMT
Last-Modified: Mon, 06 Feb 2023 10:06:27 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 277
script.crazyegg.com/pages/scripts/0012/9242.js?465486
104.19.148.8410 Gone 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?465486
IP 104.19.148.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pages/scripts/0012/9242.js?465486 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 410 Gone
date: Tue, 07 Feb 2023 06:39:19 GMT
content-type: application/javascript
content-length: 0
last-modified: Mon, 06 Feb 2023 15:00:56 GMT
cache-control: public, max-age=86400, s-maxage=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 56303
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a20b0491db506-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 0 B URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 10:26:49 GMT
expires: Sun, 04 Feb 2024 10:26:49 GMT
cache-control: public, max-age=31536000
age: 245550
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
104.18.25.188200 OK 462 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (807), with no line terminators
Hash 22128655a2b8e20065831904ec794b0b
81e3f163e26bf088a4d7423050c7a044c32d15f2
e3c2c89b56ca630f80eb1af1ced778c97e5e9d9d38e700a5ed5444a4b997127c
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228792360350%7c1%22%7d%5d; btag=127656177_11FF301A3A9C4400837B5ACA1C795678
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF99157C1D3C"
x-ms-request-id: ec6073d8-501e-0051-6881-318f8e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 410932
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a20ad7e9e0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 56e11c978bcfa2c239f9be3bc040a827
237bc8b21c19df1c5fe76c6691f96a9f46a7c0ee
787156908a29d8fbc2443ef7ab9de1982159107338d817cf8648db94d9dac439
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5634
Cache-Control: max-age=90090
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 06:39:19 GMT
Etag: "63e098ff-1d7"
Expires: Wed, 08 Feb 2023 07:40:49 GMT
Last-Modified: Mon, 06 Feb 2023 06:06:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
185.89.210.180200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 185.89.210.180:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 07 Feb 2023 06:39:19 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: b1ff2a9c-ac2e-4ee1-b2e8-29dd88cedffb
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GVU:2tJq!@wnf-Te9(>wL5L!!'@M$^pD#; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 08-May-2023 06:39:19 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675752007572
34.241.134.251200 OK 498 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675752007572
IP 34.241.134.251:0
File type JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Hash 4350d6d853f6d66714e4c00adffa2370
cfc38331cac8a4e93c4a18942e3bc94e385e59f0
cb81b735663ed1b3af8681a575651cb9da12d532fb4330c65fc44544cf085bc8
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675752007572 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-0e1730cee.edge-irl1.demdex.com 1 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=84100373692958169180072784961022914421; Max-Age=15552000; Expires=Sun, 06 Aug 2023 06:39:19 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: zMOAx3g7RAQ=
Content-Length: 498
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e13f91e2e8b1fa7474b504e9a260c7a2
a08ddb56bc8760a566536e15e93e8321a7bfc1a0
52ca8a5727dc747b38363cee935f8f4cadbc5da6a15ad1cc19cdc64515cf186a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4581
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 06:39:19 GMT
Last-Modified: Tue, 07 Feb 2023 05:22:59 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=84106763825567634690075532597273400046&ts=1675752007779
15.236.125.10200 OK 2 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=84106763825567634690075532597273400046&ts=1675752007779
IP 15.236.125.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=84106763825567634690075532597273400046&ts=1675752007779 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://welcome.unibet.com
access-control-allow-credentials: true
date: Tue, 07 Feb 2023 06:39:19 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 765a51872c457884282d5f53e33508ed
3425a325219ca1a6159947b3ead29b7253ee632a
2ec5defb19b2adc1730a226715e2e2f63abeb794d56071da9f80d28f6dd6f589
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 195
Cache-Control: max-age=110566
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 06:39:19 GMT
Etag: "63e0fe3a-118"
Expires: Wed, 08 Feb 2023 13:22:05 GMT
Last-Modified: Mon, 06 Feb 2023 13:18:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 765a51872c457884282d5f53e33508ed
3425a325219ca1a6159947b3ead29b7253ee632a
2ec5defb19b2adc1730a226715e2e2f63abeb794d56071da9f80d28f6dd6f589
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4206
Cache-Control: max-age=114577
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 06:39:19 GMT
Etag: "63e0fe3a-118"
Expires: Wed, 08 Feb 2023 14:28:56 GMT
Last-Modified: Mon, 06 Feb 2023 13:18:50 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 765a51872c457884282d5f53e33508ed
3425a325219ca1a6159947b3ead29b7253ee632a
2ec5defb19b2adc1730a226715e2e2f63abeb794d56071da9f80d28f6dd6f589
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 195
Cache-Control: max-age=110566
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 06:39:19 GMT
Etag: "63e0fe3a-118"
Expires: Wed, 08 Feb 2023 13:22:05 GMT
Last-Modified: Mon, 06 Feb 2023 13:18:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
unibet.demdex.net/dest5.html?d_nsid=0
34.251.47.116200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP 34.251.47.116:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Tue, 7 Feb 2023 06:39:19 GMT
DCS: dcs-prod-irl1-1-v045-0e6039550.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:02:57 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: YSDts/dXQMk=
Content-Length: 2791
Connection: keep-alive
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
104.18.25.188200 OK 2.5 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1066), with no line terminators
Hash bf2899c2ce7b60b5fa778248925082cb
ceab437a17a6f66463e8eb2df4c5fbf48c86343f
ef6e16af52f72dfae700d80b095a4435f3ea126b49ef2354d1add3fa2d3a51c1
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228792360350%7c1%22%7d%5d; btag=127656177_11FF301A3A9C4400837B5ACA1C795678
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99173FAB3F"
x-ms-request-id: af16bb2e-701e-0046-1c81-312685000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 410931
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a20ad8ea60b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash ccf1a685a8e8121aad872e822e17a7a6
52b0728efa25389a1e3600800a48835bda471bc8
eb044ad9a12684ad270e3f3476bfc4fe5f8b91ecaafa73dd9031a1f7f0986001
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=116846
Date: Tue, 07 Feb 2023 06:39:19 GMT
Etag: "63e1081a-1d7"
Expires: Wed, 08 Feb 2023 15:06:45 GMT
Last-Modified: Mon, 06 Feb 2023 14:00:58 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jvfSy6d2zYP4zpXP1Hqd67vEPZHVpAsBRKUx8e-LYw_OBppwxt-LJg==
Age: 3947
cm.everesttech.net/cm/dd?d_uuid=84100373692958169180072784961022914421
18.203.152.154302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=84100373692958169180072784961022914421
IP 18.203.152.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=84100373692958169180072784961022914421 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Tue, 07 Feb 2023 06:39:19 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y_HyFwAAAGmZKAMx; Domain=.everesttech.net; Expires=Wed, 07-Feb-2024 06:39:19 GMT; Path=/
everest_session_v2="Y@HyFwAAAGmZKQMx"; Version=1; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_HyFwAAAGmZKAMx
Server: AMO-cookiemap/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y_HyFwAAAGmZKAMx
34.241.134.251302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y_HyFwAAAGmZKAMx
IP 34.241.134.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y_HyFwAAAGmZKAMx HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-0078c8bc4.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y_HyFwAAAGmZKAMx
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=43667072299365368343721685953534217075; Max-Age=15552000; Expires=Sun, 06 Aug 2023 06:39:19 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 8mbhQfHISxQ=
Content-Length: 0
Connection: keep-alive
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
104.40.147.180200 OK 1.6 kB URL HTTP/2 bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP 104.40.147.180:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d4704f3cd898edb30f058d569a9e2642
4b0ce402b131498a23f91687771c1b8e26e5bf25
11c1e0da56bfbb4994f9ab3f6602f7a0b790b5e381aea884a996a2fd87c0db37
GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Tue, 07 Feb 2023 06:39:19 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=918a28837d469cda54fea86f65a3d5a5f06872944f26694d3e52a68732d0d39c;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=918a28837d469cda54fea86f65a3d5a5f06872944f26694d3e52a68732d0d39c;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.25.188404 Not Found 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228792360350%7c1%22%7d%5d; btag=127656177_11FF301A3A9C4400837B5ACA1C795678
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: application/xml
x-ms-request-id: 55e0a0de-201e-0006-60be-3a21bd000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 196
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a20ad8eab0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
104.16.174.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP 104.16.174.188:0
GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:19 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 102
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a20b31f890b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228792360350%7c1%22%7d%5d; btag=127656177_11FF301A3A9C4400837B5ACA1C795678
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF991835F51F"
x-ms-request-id: 1328b90b-701e-0024-5c81-31e4a2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 410932
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a20ad7ea20b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228792360350%7c1%22%7d%5d; btag=127656177_11FF301A3A9C4400837B5ACA1C795678
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF9917716257"
x-ms-request-id: 78c0b78e-401e-0000-7881-311202000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 410931
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a20ad8ea90b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.25.188404 Not Found 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228792360350%7c1%22%7d%5d; btag=127656177_11FF301A3A9C4400837B5ACA1C795678
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: application/xml
x-ms-request-id: 55e0a0de-201e-0006-60be-3a21bd000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 196
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a20aecf8e0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228792360350%7c1%22%7d%5d; btag=127656177_11FF301A3A9C4400837B5ACA1C795678
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914DE94BB"
x-ms-request-id: 580bcb77-701e-0034-8081-3121ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 410926
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a20ad6e870b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
stats.wp.com/e-202306.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202306.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bosnews.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 06:39:15 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 05 Feb 2024 00:13:42 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: djoKeCzytkLU3NSdQsOPbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
x-ms-request-id: 2bf4868b-801e-006d-52be-3aa649000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
set-cookie: btag=127656177_11FF301A3A9C4400837B5ACA1C795678;max-age=2592000; domain=.unibet.com;path=/;secure;samesite=none;httponly
server: cloudflare
cf-ray: 795a20acadf40b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
104.16.174.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP 104.16.174.188:0
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:19 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 102
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a20b30f830b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228792360350%7c1%22%7d%5d; btag=127656177_11FF301A3A9C4400837B5ACA1C795678
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915D02464"
x-ms-request-id: 9ee27f41-c01e-000e-3881-313bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 410930
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a20ad8eb10b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228792360350%7c1%22%7d%5d; btag=127656177_11FF301A3A9C4400837B5ACA1C795678
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF99188E686E"
x-ms-request-id: fae4441f-101e-0040-4d81-31153a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 410932
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a20ad7e8b0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_11FF301A3A9C4400837B5ACA1C795678&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675751958249)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202327639%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228792360350%7c1%22%7d%5d; btag=127656177_11FF301A3A9C4400837B5ACA1C795678
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 06:39:18 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF991898A021"
x-ms-request-id: e9253db8-601e-0075-8081-31792e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 410926
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a20ad7e8f0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2