Overview

URLlocalmovement.com/
IP 45.33.18.44 (United States)
ASN#63949 Linode, LLC
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-04 10:23:15 UTC
StatusLoading report..
IDS alerts0
Blocklist alert4
urlquery alerts No alerts detected
Tags None

Domain Summary (0)

No passive DNS data

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-04 2 localmovement.com/ Phishing
2022-12-04 2 localmovement.com/mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZCJ3DZSHAfXtJEQdycFVu (...) Phishing
2022-12-04 2 d38psrni17bvxu.cloudfront.net/scripts/js3.js Malware
2022-12-04 2 www1.localmovement.com/ls.php Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 45.33.18.44
Date UQ / IDS / BL URL IP
2023-02-03 08:50:00 +0000 0 - 0 - 2 bphn.com/ 45.33.18.44
2023-02-03 05:08:23 +0000 0 - 0 - 2 xxxmodels.xyz/ 45.33.18.44
2023-02-02 03:42:42 +0000 0 - 0 - 1 www.pedcases.com/podcasts 45.33.18.44
2023-01-30 16:25:51 +0000 0 - 0 - 1 camplejunelegalclaimhelp.com/ 45.33.18.44
2023-01-29 21:26:51 +0000 0 - 0 - 1 ww8.seelai.com/' 45.33.18.44


Last 5 reports on ASN: Linode, LLC
Date UQ / IDS / BL URL IP
2023-02-03 10:21:14 +0000 0 - 0 - 67 www.invest4land.com/the-evolving-shape-of-mod (...) 80.85.87.236
2023-02-03 09:31:25 +0000 0 - 0 - 33 drsteveyoung.com/config/asf/login.php 45.56.110.40
2023-02-03 09:12:12 +0000 0 - 1 - 0 nodesentry.com/ 45.79.158.120
2023-02-03 09:10:30 +0000 0 - 6 - 0 ipu.co.uk/ 212.111.43.226
2023-02-03 08:56:25 +0000 0 - 0 - 1 www.wasteconnections.com.com/make-a-payment 72.14.185.43


Last 5 reports on domain: localmovement.com
Date UQ / IDS / BL URL IP
2023-01-08 10:16:57 +0000 0 - 2 - 6 www1.localmovement.com/?tm=1&subid4=167317299 (...) 13.248.148.254
2022-12-04 10:23:19 +0000 0 - 0 - 3 localmovement.com/mtm/direct/.eJxtikEKAjEMRe- (...) 45.33.30.197
2022-12-04 10:23:15 +0000 0 - 0 - 4 localmovement.com/ 45.33.18.44
2022-12-03 10:27:51 +0000 0 - 0 - 2 www1.localmovement.com/?tm=1&subid4=167006324 (...) 76.223.26.96
2022-12-02 10:19:48 +0000 0 - 0 - 1 www1.localmovement.com/?tm=1&subid4=166997636 (...) 13.248.148.254


Last 1 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-11-25 11:18:12 +0000 0 - 0 - 4 www.pieepic.com/ 208.117.2.100

JavaScript

Executed Scripts (42)

Executed Evals (8)
#1 JavaScript::Eval (size: 221) - SHA256: 1e9feb5c0b74e0384d390d5e88fffbb9340d8f4f3bc79c5113e636899efa1eba
(function() {
    if (google_tag_manager["GTM-WN69JL"].macro(8)) {
        var b = google_tag_manager["GTM-WN69JL"].macro(9),
            a = b.indexOf("afftrack\x3d");
        if (-1 < a) {
            a += 9;
            var c = b.indexOf("__", a);
            return -1 < c ? b.substr(a, c - a) : null
        }
    }
    return null
})();
#2 JavaScript::Eval (size: 221) - SHA256: cfdfef51845ee08469e1e564f2862c2a2b7ee4982898f91cc31e07ce2f5fd01c
(function() {
    if (google_tag_manager["GTM-WN69JL"].macro(4)) {
        var b = google_tag_manager["GTM-WN69JL"].macro(5),
            a = b.indexOf("afftrack\x3d");
        if (-1 < a) {
            a += 9;
            var c = b.indexOf("__", a);
            return -1 < c ? b.substr(a, c - a) : null
        }
    }
    return null
})();
#3 JavaScript::Eval (size: 225) - SHA256: 19c8decf747250623382fce3507e93a5eaf168c0077657ca0c62eef6004d0c03
(function() {
    if (google_tag_manager["GTM-WVT65V5"].macro(23)) {
        var b = google_tag_manager["GTM-WVT65V5"].macro(24),
            a = b.indexOf("afftrack\x3d");
        if (-1 < a) {
            a += 9;
            var c = b.indexOf("__", a);
            return -1 < c ? b.substr(a, c - a) : null
        }
    }
    return null
})();
#4 JavaScript::Eval (size: 225) - SHA256: 0f198042c5229c82c7b9fed16ae0912ade0dba430c1b4fd6c42941c848d3d37f
(function() {
    if (google_tag_manager["GTM-WVT65V5"].macro(25)) {
        var b = google_tag_manager["GTM-WVT65V5"].macro(26),
            a = b.indexOf("afftrack\x3d");
        if (-1 < a) {
            a += 9;
            var c = b.indexOf("__", a);
            return -1 < c ? b.substr(a, c - a) : null
        }
    }
    return null
})();
#5 JavaScript::Eval (size: 225) - SHA256: 2350b8abc001b0faa87b1de6c37d71e3f05db361cb9d2694aa0a07e02ae47581
(function() {
    if (google_tag_manager["GTM-WVT65V5"].macro(29)) {
        var b = google_tag_manager["GTM-WVT65V5"].macro(30),
            a = b.indexOf("afftrack\x3d");
        if (-1 < a) {
            a += 9;
            var c = b.indexOf("__", a);
            return -1 < c ? b.substr(a, c - a) : null
        }
    }
    return null
})();
#6 JavaScript::Eval (size: 221) - SHA256: 512e2601d237c9ed3bc53aa924408d71d6fbe662652b1f08cbcf033d80721b7b
(function() {
    if (google_tag_manager["GTM-WN69JL"].macro(2)) {
        var b = google_tag_manager["GTM-WN69JL"].macro(3),
            a = b.indexOf("afftrack\x3d");
        if (-1 < a) {
            a += 9;
            var c = b.indexOf("__", a);
            return -1 < c ? b.substr(a, c - a) : null
        }
    }
    return null
})();
#7 JavaScript::Eval (size: 221) - SHA256: 762ec4503d5524d7d22233e6966ad3ca5bdb9bc22f39b92417bbe9b28b74a755
(function() {
    if (google_tag_manager["GTM-WN69JL"].macro(6)) {
        var b = google_tag_manager["GTM-WN69JL"].macro(7),
            a = b.indexOf("afftrack\x3d");
        if (-1 < a) {
            a += 9;
            var c = b.indexOf("__", a);
            return -1 < c ? b.substr(a, c - a) : null
        }
    }
    return null
})();
#8 JavaScript::Eval (size: 225) - SHA256: f723d432f697b9a3451348044f45487b1973c76dec3beb5a893f1822d0fcd625
(function() {
    if (google_tag_manager["GTM-WVT65V5"].macro(27)) {
        var b = google_tag_manager["GTM-WVT65V5"].macro(28),
            a = b.indexOf("afftrack\x3d");
        if (-1 < a) {
            a += 9;
            var c = b.indexOf("__", a);
            return -1 < c ? b.substr(a, c - a) : null
        }
    }
    return null
})();

Executed Writes (1)
#1 JavaScript::Write (size: 13) - SHA256: 0c62c11e910d7c0d6b6c9800b70e78bfd9220e1f78bd7bb34ae4c3646d05f6e5
< body > < /body>


HTTP Transactions (117)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13787
Expires: Sun, 04 Dec 2022 14:12:50 GMT
Date: Sun, 04 Dec 2022 10:23:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4260
Cache-Control: 'max-age=158059'
Date: Sun, 04 Dec 2022 10:23:03 GMT
Last-Modified: Sun, 04 Dec 2022 09:12:03 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8729
Expires: Sun, 04 Dec 2022 12:48:32 GMT
Date: Sun, 04 Dec 2022 10:23:03 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 10:20:05 GMT
cache-control: public,max-age=3600
age: 178
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: M3OU31u/SZ2leS17KG9O1esCNyyRqo+ulx6yKtECZJ9Ob2mdKAvIzvOmtzeDH5Xr280lBENDE5Y=
x-amz-request-id: YNGZANN2MXADGV5W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 09:46:56 GMT
age: 2167
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET / HTTP/1.1 
Host: localmovement.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         45.33.23.183
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
server: openresty/1.13.6.1
date: Sun, 04 Dec 2022 10:23:03 GMT
content-length: 4669
vary: Accept-Language
content-language: en
connection: close


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (303)
Size:   4669
Md5:    144fcb04968e5db118d3d7c9007491a5
Sha1:   e6e0e9ce998f624ddfe0ffcc0c68383bd18601b5
Sha256: ceff1b40ec608fef07b261764e4f7b6db73705fbbfbafc058218312e2ae147b8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 04 Dec 2022 10:23:03 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZCJ3DZSHAfXtJEQdycFVuxm3ug94aERTuDBAeo4N2ykNJCSfmWS2a4ZmZomCZhYFmLK1gfh7RYCFWvRqJqfjJPDUlIMaFGyr9uyq_8rp_P9su-PLjKO5HGJww9XuhXX-e7TD_B6A0QhNto:1p1m9H:eBdofS095lLdiPo1kjDYdB4ofn0/1/ HTTP/1.1 
Host: localmovement.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://localmovement.com/
Connection: keep-alive

search
                                         45.33.23.183
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
server: openresty/1.13.6.1
date: Sun, 04 Dec 2022 10:23:03 GMT
content-length: 406
x-mtm-path: 4
x-mtm-prov: 300:0.00;308:19.01
x-mtm-rd: 0.42
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJsb2NhbG1vdmVtZW50LmNvbSIsImh0dHA6Ly93d3cxLmxvY2FsbW92ZW1lbnQuY29tLz90bT0xJnN1YmlkND0xNjcwMTQ5MzgzLjAyNzE5MzAwMDAmS1cxPUdldCUyMEFuJTIwT25saW5lJTIwRGVncmVlJktXMj1FbGl0ZSUyMERhdGluZyUyMFNlcnZpY2VzJktXMz1EZWRpY2F0ZWQlMjBHYW1pbmclMjBTZXJ2ZXJzJktXND1CMkIlMjBUcmF2ZWwlMjBCb29raW5nJTIwU3lzdGVtJktXNT1CMkIlMjBUcmF2ZWwlMjBCb29raW5nJTIwU3lzdGVtJktXNj1HZXQlMjBBbiUyME9ubGluZSUyMERlZ3JlZSZLVzc9U29jaWFsJTIwTWVkaWElMjBBdXRvbWF0aW9uJTIwTWFya2V0aW5nJTIwU29mdHdhcmUmS1c4PU1ha2UlMjBNb25leSUyMEZyb20lMjBIb21lJktXOT1CMkIlMjBUcmF2ZWwlMjBCb29raW5nJTIwU3lzdGVtJnNlYXJjaGJveD0wJmJhY2tmaWxsPTAiLDEsIjIwMjItMTItMDQgMTA6MjM6MDMiLDEsIjE2NzAxNDkzODMuMDI3MTkzMDAwMCIsMzA4LG51bGwsbnVsbF0:1p1m9H:l-5IttoG5Muw_rxVFDDbR__ieEw; expires=Sun, 04-Dec-2022 11:23:03 GMT; Max-Age=3600; Path=/
connection: close


--- Additional Info ---
Magic:  ASCII text, with very long lines (406), with no line terminators
Size:   406
Md5:    c87413f6843de8d8d7ce64bfc7fdfe47
Sha1:   a6bbb8825e6ca1e9b318b2dfd2d1708a6a6d4a80
Sha256: 24ea099dd99e9214c5235032075ab0b9b98ac25f92f17e9e25b29eb3a6d531e1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 10:11:19 GMT
cache-control: public,max-age=3600
age: 705
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4252
Cache-Control: 'max-age=158059'
Date: Sun, 04 Dec 2022 10:23:04 GMT
Last-Modified: Sun, 04 Dec 2022 09:12:12 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m9llR70YNZmueWuXoPLouA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.89.136.7
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cwgHDTRh2OsTvbB31/APIvm0jBc=

                                        
                                            GET /?tm=1&subid4=1670149383.0271930000&KW1=Get%20An%20Online%20Degree&KW2=Elite%20Dating%20Services&KW3=Dedicated%20Gaming%20Servers&KW4=B2B%20Travel%20Booking%20System&KW5=B2B%20Travel%20Booking%20System&KW6=Get%20An%20Online%20Degree&KW7=Social%20Media%20Automation%20Marketing%20Software&KW8=Make%20Money%20From%20Home&KW9=B2B%20Travel%20Booking%20System&searchbox=0&backfill=0 HTTP/1.1 
Host: www1.localmovement.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://localmovement.com/
Upgrade-Insecure-Requests: 1

search
                                         76.223.26.96
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 04 Dec 2022 10:23:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Redirect: zeropark_zeroclick
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2262)
Size:   2488
Md5:    17054a4750e389671d0f96fb2da1ff70
Sha1:   43a9f52913f00653ff41d71907047b9399f44dbd
Sha256: af4b07809c69ffafe9aff98d43c1786337b2897b6b2a571855569ad9ed166213
                                        
                                            GET /scripts/js3.js HTTP/1.1 
Host: d38psrni17bvxu.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.localmovement.com/

search
                                         54.230.245.22
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 1134
Connection: keep-alive
Server: nginx
Date: Sun, 04 Dec 2022 04:54:34 GMT
Last-Modified: Tue, 17 Aug 2021 09:17:22 GMT
Accept-Ranges: bytes
ETag: "611b7ea2-46e"
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: o6qTims5FWvlEMcaeP2HYblldF6-RrexVO4swYLPnY1Sm8Y0wVtkFw==
Age: 19711


--- Additional Info ---
Magic:  ASCII text, with very long lines (506)
Size:   1134
Md5:    64b79b43df8fbf2c5d082964b9116a68
Sha1:   dc3c763519baf0f4c32bb60bfc429651a491ea01
Sha256: c57e9feec209e3ea5eb1d75a1ba6fa277242a3df250055be8446052b51e58637

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /track.php?domain=localmovement.com&toggle=browserjs&uid=MTY3MDE0OTM4NC40OTkzOmUxNmNmYzdjMDc5OGYyNTJkNGMzMTI3ZGJjMmM5OTM0NGI4ZTZkMmU3ZDExNmQ1YjZmZWJmYTJhNTIyNjM0MDk6NjM4Yzc1MDg3OWU1ZQ%3D%3D HTTP/1.1 
Host: www1.localmovement.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.localmovement.com/?tm=1&subid4=1670149383.0271930000&KW1=Get%20An%20Online%20Degree&KW2=Elite%20Dating%20Services&KW3=Dedicated%20Gaming%20Servers&KW4=B2B%20Travel%20Booking%20System&KW5=B2B%20Travel%20Booking%20System&KW6=Get%20An%20Online%20Degree&KW7=Social%20Media%20Automation%20Marketing%20Software&KW8=Make%20Money%20From%20Home&KW9=B2B%20Travel%20Booking%20System&searchbox=0&backfill=0

search
                                         76.223.26.96
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 04 Dec 2022 10:23:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2687
Expires: Sun, 04 Dec 2022 11:07:52 GMT
Date: Sun, 04 Dec 2022 10:23:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2687
Expires: Sun, 04 Dec 2022 11:07:52 GMT
Date: Sun, 04 Dec 2022 10:23:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2687
Expires: Sun, 04 Dec 2022 11:07:52 GMT
Date: Sun, 04 Dec 2022 10:23:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2687
Expires: Sun, 04 Dec 2022 11:07:52 GMT
Date: Sun, 04 Dec 2022 10:23:05 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 45184
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8989
Md5:    a6e7b32ac999cf3c899a234c621fa91a
Sha1:   fc5d4f3163ebb9faf85968cbb1d194e8e68418be
Sha256: f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:26:41 GMT
age: 10584
etag: "1d702df3a64258628f4124eafd580695f2d350af"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16143
Md5:    14dcca2a9c4792d835ee709bcd947402
Sha1:   1d702df3a64258628f4124eafd580695f2d350af
Sha256: da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 45027
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5681
Md5:    43309032a892c486f9985ef520df696e
Sha1:   36f4682ca6a33ff80ee02129c77e6f27e996ede0
Sha256: 24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:06 GMT
age: 45359
etag: "8637105f41058bc0d2b259d462b560881928adb6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10431
Md5:    2636f91bb8fa4d9bb7bef114c248a9ae
Sha1:   8637105f41058bc0d2b259d462b560881928adb6
Sha256: 3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 45544
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4666
Md5:    c01fe1cccdb3b672bbade6d98217ffe9
Sha1:   a9a529dc9894827f6243a1bf57f81caa4fe88fc2
Sha256: c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8e3477-9245-4318-82d9-b30607246872.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6901
x-amzn-requestid: 5dd4545b-c48a-4fa2-8aa5-c7d0a5efeafe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsByFqCoAMF4CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc071-6b96e54876cde366748564d6;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Yy5pEWjBXne3kPQxZCLQdqdamtqa4udO00I6ro3bMUDTybHTZY_DgA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:53:43 GMT
age: 44962
etag: "e800712e4f8d9589670d8ee3a744ac0aedf7b6e3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6901
Md5:    89e5fc40e9e626a035abde2964ba0959
Sha1:   e800712e4f8d9589670d8ee3a744ac0aedf7b6e3
Sha256: 64a41309871b71682370e2b2f3735ac70039802fff4e1e46013f5aa1f15b4084
                                        
                                            POST /ls.php HTTP/1.1 
Host: www1.localmovement.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 2214
Origin: http://www1.localmovement.com
Connection: keep-alive
Referer: http://www1.localmovement.com/?tm=1&subid4=1670149383.0271930000&KW1=Get%20An%20Online%20Degree&KW2=Elite%20Dating%20Services&KW3=Dedicated%20Gaming%20Servers&KW4=B2B%20Travel%20Booking%20System&KW5=B2B%20Travel%20Booking%20System&KW6=Get%20An%20Online%20Degree&KW7=Social%20Media%20Automation%20Marketing%20Software&KW8=Make%20Money%20From%20Home&KW9=B2B%20Travel%20Booking%20System&searchbox=0&backfill=0

search
                                         76.223.26.96
HTTP/1.1 201 Created
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Sun, 04 Dec 2022 10:23:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 638c750916944c746453e47f
Charset: utf-8
Access-Control-Allow-Origin: http://www1.localmovement.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_LWokUOmxlNF9r/e1Sl5IjKkD0nWkjIrtC0TaEbJuYolsK9mA/fT/o7X3oobB7dnioFvZpuYP1jiCWSDvuYaMDQ==


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www1.localmovement.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.localmovement.com/?tm=1&subid4=1670149383.0271930000&KW1=Get%20An%20Online%20Degree&KW2=Elite%20Dating%20Services&KW3=Dedicated%20Gaming%20Servers&KW4=B2B%20Travel%20Booking%20System&KW5=B2B%20Travel%20Booking%20System&KW6=Get%20An%20Online%20Degree&KW7=Social%20Media%20Automation%20Marketing%20Software&KW8=Make%20Money%20From%20Home&KW9=B2B%20Travel%20Booking%20System&searchbox=0&backfill=0

search
                                         76.223.26.96
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Sun, 04 Dec 2022 10:23:06 GMT
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes

                                        
                                            GET /track.php?click=8bc5311fea51f5d88ad90580a49f43a22d8f5165&domain=localmovement.com&uid=MTY3MDE0OTM4NC40OTkzOmUxNmNmYzdjMDc5OGYyNTJkNGMzMTI3ZGJjMmM5OTM0NGI4ZTZkMmU3ZDExNmQ1YjZmZWJmYTJhNTIyNjM0MDk6NjM4Yzc1MDg3OWU1ZQ%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2MzhjNzUwODc5ZTQzfHx8MTY3MDE0OTM4NC44ODk2fGRmYTQ5OTk4OWIxYTU2NTU1NzJlYzdlNjZhZDg2YzdjMmFhMjUzMjh8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxkZGVlMDI3MmU2NDVhZjdhOTgzN2M4ZDllYzkzNzM3YjM3YjQ4MDgxfDB8ZHAtdGVhbWludGVybmV0MTJfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off HTTP/1.1 
Host: www1.localmovement.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.localmovement.com/?tm=1&subid4=1670149383.0271930000&KW1=Get%20An%20Online%20Degree&KW2=Elite%20Dating%20Services&KW3=Dedicated%20Gaming%20Servers&KW4=B2B%20Travel%20Booking%20System&KW5=B2B%20Travel%20Booking%20System&KW6=Get%20An%20Online%20Degree&KW7=Social%20Media%20Automation%20Marketing%20Software&KW8=Make%20Money%20From%20Home&KW9=B2B%20Travel%20Booking%20System&searchbox=0&backfill=0

search
                                         76.223.26.96
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 04 Dec 2022 10:23:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-View-Match: true
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

                                        
                                            GET /zcvisitor/a372db23-73bd-11ed-84ff-0a5af0e8e43f/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1e3ae610-2049-11eb-8aeb-0afaf647e889 HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.localmovement.com/
Upgrade-Insecure-Requests: 1

search
                                         3.208.247.235
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Sun, 04 Dec 2022 10:23:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: PNWhRqSQ


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1100
Md5:    29953aea88eef7d720dbd23041bc6252
Sha1:   f644fa6a762c9306426dc3519241ab78b3584867
Sha256: 09b4e2a035d11c845c9df7d1435ae5b946a548889f3376d2a4ebf9fd9723350d
                                        
                                            GET /zcredirect?visitid=a372db23-73bd-11ed-84ff-0a5af0e8e43f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcvisitor/a372db23-73bd-11ed-84ff-0a5af0e8e43f/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1e3ae610-2049-11eb-8aeb-0afaf647e889
Upgrade-Insecure-Requests: 1

search
                                         3.208.247.235
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Sun, 04 Dec 2022 10:23:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: znkTmZLC


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (371)
Size:   828
Md5:    6d8ea58fd2610c7b3a6ebe9d1f2ec682
Sha1:   828b2285b2c5f916375ff74d443270f807101e8f
Sha256: bc8b8382147c9f151e09c9e0bcc14ad9fc99f5ede150adcad26c5ed67f70d1c0
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcredirect?visitid=a372db23-73bd-11ed-84ff-0a5af0e8e43f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

search
                                         3.208.247.235
HTTP/1.1 404
Content-Type: text/html;charset=utf-8
                                        
Date: Sun, 04 Dec 2022 10:23:06 GMT
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: lUlUzhjT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size:   653
Md5:    ba2732b1b2fa2626ffaa15f62f9e7d66
Sha1:   203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         65.9.54.126
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Dec 2022 10:23:06 GMT
Etag: "638b49df-1d7"
Last-Modified: Sun, 04 Dec 2022 10:10:43 GMT
Server: ECS (dcb/7EC7)
X-Cache: Miss from cloudfront
Via: 1.1 f3f3e5094c644e85d297de594ccdba30.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
X-Amz-Cf-Id: CAK5Ye40ZNUvuFoBPG0gRKLDoZ0NMjp5bnzBLBTKel9JfbxmqZoqkQ==
Age: 743

                                        
                                            GET /redir/?aff=1055&instrument=forex&afftrack=wu73dh512n5paauk295c4u04&clickid=wu73dh512n5paauk295c4u04 HTTP/1.1 
Host: affiliate.iqbroker.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         45.60.156.148
HTTP/2 302 Found
                                        
server: nginx
date: Sun, 04 Dec 2022 10:23:07 GMT
content-length: 0
location: https://iqbroker.com/lp/forex-trading/?aff=1055&afftrack=wu73dh512n5paauk295c4u04&clickid=wu73dh512n5paauk295c4u04&aff_model=
backend: arbitre_v4_api
strict-transport-security: max-age=15555600
x-content-type-options: nosniff
set-cookie: visid_incap_2683110=IfGZJdWtSAqPxfhfV9K/nwt1jGMAAAAAQUIPAAAAAAChDCa0XZ+BdVbGQiFNKD2B; expires=Sun, 03 Dec 2023 22:15:23 GMT; HttpOnly; path=/; Domain=.iqbroker.com incap_ses_7235_2683110=SMv7UIhFJ0QT1XuUr+JnZAt1jGMAAAAA4HBHoks0lZ3xpysgw9K64A==; path=/; Domain=.iqbroker.com
x-cdn: Imperva
x-iinfo: 13-106501811-106501815 NNNN CT(29 55 0) RT(1670149387170 17) q(0 0 1 0) r(2 2) U5
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 10:23:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtm.js?id=GTM-WN69JL HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 10:23:07 GMT
expires: Sun, 04 Dec 2022 10:23:07 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87471
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (23810)
Size:   87471
Md5:    aae2514c5ff3008fafd440752feecfb5
Sha1:   a49c78e0b56eecdd5015b502e1fd078e6dfb1447
Sha256: 4f900ca18dd02f43e63930d62fc1fdbf4d613cf422ef79bc7622bbd5377894ef
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 10:23:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2546
Cache-Control: max-age=126844
Date: Sun, 04 Dec 2022 10:23:08 GMT
Etag: "638bb797-117"
Expires: Mon, 05 Dec 2022 21:37:12 GMT
Last-Modified: Sat, 03 Dec 2022 20:54:47 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /lp/forex-trading/_next/static/images/icon_firefox-b0f8b2fa60edff7aaafb770787ac9c2c.svg HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/pt/>; rel="canonical"
backend: arbitre_v4
remote-addr: 23.3.90.108
content-encoding: gzip
content-length: 4323
date: Sun, 04 Dec 2022 10:23:08 GMT
vary: Accept-Encoding
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (12313)
Size:   4323
Md5:    2f22c8e243d8d58cbddc50268fb67eb8
Sha1:   3f65d8fbb96c65e9c13aa79e07baac4e5042905f
Sha256: fbadf87c42ddc44e6d3f14f3ff53762aa2f678dd5c7713119918786648b05412
                                        
                                            GET /lp/forex-trading/static/withdrawal_visa.svg HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
content-length: 879
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/en/>; rel="canonical"
backend: arbitre_v4
remote-addr: 2.21.240.95
accept-ranges: bytes
date: Sun, 04 Dec 2022 10:23:08 GMT
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (878)
Size:   879
Md5:    2369213734dc5a921850b345c4c2f625
Sha1:   1d5f14b4986fdddda4fb4b9d06fd9b53de8c147f
Sha256: e7dec4d8501c1eade84841a2171328096df17b55388044a80e26505b3c43866f
                                        
                                            GET /lp/forex-trading/static/withdrawal_neteller.svg HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
content-length: 805
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/pt/>; rel="canonical"
backend: arbitre_v4
remote-addr: 2.21.240.96
accept-ranges: bytes
date: Sun, 04 Dec 2022 10:23:08 GMT
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (804)
Size:   805
Md5:    8e605b8de55e766d9c6d8e2ac54285e7
Sha1:   d4a11f2f73aaf292f13cb6c83925d99901919180
Sha256: d307118dce8c93702b37ad3c198e3419465885c0c529eabe1f6fb7a37805c8ac
                                        
                                            GET /lp/static/common/fonts/WorkSans/worksans_bold.woff2 HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://iqbroker.com
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
content-length: 16576
last-modified: Fri, 02 Dec 2022 14:21:22 GMT
backend: arbitre_v4
remote-addr: 2.21.240.236
accept-ranges: bytes
date: Sun, 04 Dec 2022 10:23:08 GMT
vary: Origin
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Overwrite, Destination, Content-Type, Depth, User-Agent, Translate, Range, Content-Range, Timeout, X-File-Size, X-Requested-With, If-Modified-Since, If-None-Match, X-File-Name, Cache-Control, Location, Lock-Token, Chrome-Proxy
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin: https://iqbroker.com
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16576, version 1.0\012- data
Size:   16576
Md5:    2bbec02ba4bdd9cc9b88135e9f302a10
Sha1:   5ccfa9047b97de5a1ea9a2003e320b825b7475fe
Sha256: a25e14865126cb8fb6fba6ec8e05a94bf93b5f999bcc8785a80b54001d120eb5
                                        
                                            GET /lp/forex-trading/_next/static/MD46MFCGNC3iGGV3OJ0RA/pages/index.js HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/en/>; rel="canonical"
backend: arbitre_v4
remote-addr: 23.60.69.12
content-encoding: gzip
content-length: 147800
date: Sun, 04 Dec 2022 10:23:08 GMT
vary: Accept-Encoding
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   147800
Md5:    592d0b8593496f713ba97776ed796263
Sha1:   21042ebb4789be7dd6a8ecb100b7caded809e212
Sha256: 94f4fd450a25b450d569fa420a5e4296c5e597414ba9e35848bb9fafe7347c6a
                                        
                                            GET /lp/forex-trading/_next/static/runtime/webpack-e9ef7d1fc2501b770153.js HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/pt/>; rel="canonical"
backend: arbitre_v4
remote-addr: 2.21.240.105
content-encoding: gzip
content-length: 1202
date: Sun, 04 Dec 2022 10:23:08 GMT
vary: Accept-Encoding
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2342), with no line terminators
Size:   1202
Md5:    2e17c0956ecf158a2ef3d8c5bf0cc676
Sha1:   db7d30673b7517c4f043cfa2515f335f02580c51
Sha256: 197f10667ad3adbe76a4ecd8262995daa1a957bec0a70e072890e554219a7108
                                        
                                            GET /lp/forex-trading/static/withdrawal_skrill.svg HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/pt/>; rel="canonical"
backend: arbitre_v4
remote-addr: 2.21.240.95
content-encoding: gzip
content-length: 651
date: Sun, 04 Dec 2022 10:23:08 GMT
vary: Accept-Encoding
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1101)
Size:   651
Md5:    fab3a3afc438e6a3ef344f31a0926b36
Sha1:   533301716f9d68ca10f11d77420fe173934eaf6c
Sha256: 7fc138ef21574de9bc652e8dc0f3cad59bcb4f85416e01c255f8b0684287507b
                                        
                                            GET /lp/forex-trading/static/item1_poster.jpg HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 36702
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/pt/>; rel="canonical"
backend: arbitre_v4
remote-addr: 23.60.69.2
accept-ranges: bytes
date: Sun, 04 Dec 2022 10:23:08 GMT
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x840, components 3\012- data
Size:   36702
Md5:    4b883b4c13e7e8f281d73a726de2b7ad
Sha1:   36a5e8f06d76322df612172ac0c81e19ad2ef2df
Sha256: 035d2b69ada23bc1a9a34d657cc76d0b0a926b9f548fee25179d24c0a73555f5
                                        
                                            GET /lp/forex-trading/_next/static/MD46MFCGNC3iGGV3OJ0RA/pages/_app.js HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/en/>; rel="canonical"
backend: arbitre_v4
remote-addr: 2.21.240.221
content-encoding: gzip
content-length: 7363
date: Sun, 04 Dec 2022 10:23:08 GMT
vary: Accept-Encoding
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18068), with no line terminators
Size:   7363
Md5:    7a24c85fc9aaecaa4a93ee81ab5430fd
Sha1:   49276018fa662c4cf2e349a2820c7403d35a3f62
Sha256: bc13ac89a73d7ea9dd00002909fb6c2cf3053d19f6a4e32d1aafa13ab26c6270
                                        
                                            GET /lp/forex-trading/static/item3_poster.jpg HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 35485
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/pt/>; rel="canonical"
backend: arbitre_v4
remote-addr: 2.21.240.95
accept-ranges: bytes
date: Sun, 04 Dec 2022 10:23:08 GMT
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x840, components 3\012- data
Size:   35485
Md5:    4f1158f0ab0d91c956216cecce232784
Sha1:   7a0616b53183c74ee082594d51ddf96f21064a9c
Sha256: d0712722861db01ab4c769ee3fa1d3a06c2eb9c20ebd14e86b1805e712886db3
                                        
                                            GET /lp/static/common/fonts/WorkSans/worksans_regular.woff2 HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://iqbroker.com
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
content-length: 15112
last-modified: Fri, 02 Dec 2022 14:21:22 GMT
backend: arbitre_v4
remote-addr: 2.21.240.89
accept-ranges: bytes
date: Sun, 04 Dec 2022 10:23:08 GMT
vary: Origin
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Overwrite, Destination, Content-Type, Depth, User-Agent, Translate, Range, Content-Range, Timeout, X-File-Size, X-Requested-With, If-Modified-Since, If-None-Match, X-File-Name, Cache-Control, Location, Lock-Token, Chrome-Proxy
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin: https://iqbroker.com
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15112, version 1.0\012- data
Size:   15112
Md5:    a7ba1db101d3cc661d43c04191aefd2c
Sha1:   6c9e97ac6982e2ef865a9a1c28a55dd8b2c27688
Sha256: 6a645c93a587df5075444babe7d852b13ed4e4d24e339e307551acf743e214ec
                                        
                                            GET /lp/forex-trading/static/withdrawal_maestro.svg HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/pt/>; rel="canonical"
backend: arbitre_v4
remote-addr: 2.21.240.95
content-encoding: gzip
content-length: 1093
date: Sun, 04 Dec 2022 10:23:08 GMT
vary: Accept-Encoding
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2162)
Size:   1093
Md5:    30c5dd78d4d06e9d14cd9c6ca7e0ad79
Sha1:   c27f9b9a624d99e426123b7ec0713dc370cf6d91
Sha256: f4a6fbe6cc5511f02edf0d68aa5121d0677150ba3425beef409c4fa4f79b9fc3
                                        
                                            GET /lp/forex-trading/static/withdrawal_mastercard.svg HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/pt/>; rel="canonical"
backend: arbitre_v4
remote-addr: 2.21.240.222
content-encoding: gzip
content-length: 1111
date: Sun, 04 Dec 2022 10:23:08 GMT
vary: Accept-Encoding
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2471)
Size:   1111
Md5:    ad27fa106fd620c4c0372ef5524bdf9f
Sha1:   71558e36fc5feba9a12401beef65cb26e29775c2
Sha256: 7b00a5bbafba26feecdce911b9501cdb60498e1386feeba25efd976f8d29c914
                                        
                                            GET /lp/forex-trading/static/withdrawal_visa_electron.svg HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/pt/>; rel="canonical"
backend: arbitre_v4
remote-addr: 23.3.90.119
content-encoding: gzip
content-length: 1297
date: Sun, 04 Dec 2022 10:23:08 GMT
vary: Accept-Encoding
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2599)
Size:   1297
Md5:    d5dd1763c630c5cbe9bc7d64a428fc57
Sha1:   81e7085bce03fc37d336e42b72ba03553789e947
Sha256: 0d1b47e036d193e6e40ed02842bc983ac10f6233726cdd270f6cec77d13ac289
                                        
                                            GET /lp/forex-trading/static/bgr.jpg HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 70367
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/pt/>; rel="canonical"
backend: arbitre_v4
remote-addr: 23.3.90.109
accept-ranges: bytes
date: Sun, 04 Dec 2022 10:23:08 GMT
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 4364x2178, components 3\012- data
Size:   70367
Md5:    43690a9d27671d9e21e8576d2f8a8bce
Sha1:   dff80eee0e4c25c358d7a58584f057ba6c0db284
Sha256: 2c6a13e34a6d107fb9789da429450f3b820f1536e1558deac86a808ef15d3a61
                                        
                                            GET /lp/forex-trading/static/withdrawal_webmoney.svg HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/pt/>; rel="canonical"
backend: arbitre_v4
remote-addr: 2.21.240.196
content-encoding: gzip
content-length: 1103
date: Sun, 04 Dec 2022 10:23:08 GMT
vary: Accept-Encoding
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2263)
Size:   1103
Md5:    d261056dc5c874ab70f702b03dff8670
Sha1:   0e48f041c8d1904531ea0ad01edcf8f3115d7b4a
Sha256: b7860c0e2c895b0303405e169ec106092af0e9d1d348e85faec207cf328c02d7
                                        
                                            GET /lp/forex-trading/static/review1.png HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
content-length: 4466
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/pt/>; rel="canonical"
backend: arbitre_v4
remote-addr: 23.60.69.10
accept-ranges: bytes
date: Sun, 04 Dec 2022 10:23:08 GMT
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit colormap, non-interlaced\012- data
Size:   4466
Md5:    f5688931f63a4d4d9c4deeb4c856c29e
Sha1:   00c3c6b833ecf0afe888afd23ed73ef03dd59148
Sha256: b65b4c179e82aedf35705ef6ba102ffdab1a53dfa29fd69251be0635f4040886
                                        
                                            GET /lp/forex-trading/static/review3.png HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
content-length: 5233
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/en/>; rel="canonical"
backend: arbitre_v4
remote-addr: 23.60.69.10
accept-ranges: bytes
date: Sun, 04 Dec 2022 10:23:08 GMT
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit colormap, non-interlaced\012- data
Size:   5233
Md5:    a1972f0409aa2c8d33a4076feac6fda6
Sha1:   adda20f875c49041a51e140ade59c386b55bae74
Sha256: 9fb3350ee66b2d575fa3f80bb1f9fee3374bad2faf9d98b07cf374f0189a0aaf
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2546
Cache-Control: max-age=126844
Date: Sun, 04 Dec 2022 10:23:08 GMT
Etag: "638bb797-117"
Expires: Mon, 05 Dec 2022 21:37:12 GMT
Last-Modified: Sat, 03 Dec 2022 20:54:47 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /lp/forex-trading/static/video_screen.jpg HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 41501
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/th/>; rel="canonical"
backend: arbitre_v4
remote-addr: 23.60.69.10
accept-ranges: bytes
date: Sun, 04 Dec 2022 10:23:08 GMT
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x840, components 3\012- data
Size:   41501
Md5:    e6f3493bcd3ba4d7e9e2120e15a85d45
Sha1:   bf3c618ef9fc8ab734f47d196e63b9ea78c4990b
Sha256: 5f6bd7b92b7f76814fc3984d2030e7e4097de171fa7b7460b95bff4164af2719
                                        
                                            GET /lp/forex-trading/static/item2_poster.jpg HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 33028
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/en/>; rel="canonical"
backend: arbitre_v4
remote-addr: 2.21.240.199
accept-ranges: bytes
date: Sun, 04 Dec 2022 10:23:08 GMT
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x840, components 3\012- data
Size:   33028
Md5:    42281e9e887105c6d11381da78c5949c
Sha1:   28dcb685720812b00f56dbc9d06ba495772d77dd
Sha256: eb12a99a681a8eb03df78bbb401d174e564bf5a591ed79214f37db7cd7c8b6b2
                                        
                                            GET /lp/forex-trading/_next/static/images/platform_desktop-105b0d5af86910fcb5259c1a6f826adf.svg HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/en/>; rel="canonical"
backend: arbitre_v4
remote-addr: 2.21.240.212
content-encoding: gzip
content-length: 37906
date: Sun, 04 Dec 2022 10:23:08 GMT
vary: Accept-Encoding
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   37906
Md5:    d58ab4ee2eb2139b8afdbccf78ae8fd9
Sha1:   1cdaf2992e9c2368a2d7166b5b2c302bf77e6424
Sha256: bc0625bc434367fe7c82f9b6a293505e691d11b5b81ab704c71d829f9a01efea
                                        
                                            GET /lp/forex-trading/_next/static/chunks/commons.263409280c3553cfc281.js HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/pt/>; rel="canonical"
backend: arbitre_v4
remote-addr: 2.21.240.212
content-encoding: gzip
content-length: 99045
date: Sun, 04 Dec 2022 10:23:08 GMT
vary: Accept-Encoding
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   99045
Md5:    c4d62275ad6f327153d91fbc2d439b0e
Sha1:   e76c3b50e27b1514bef4c5cb73f8cb1906d93db9
Sha256: d6e6f9df494ce1baf121b68b6d12c536fbc37712daefa1a8b4e8e78dd8bf7a6a
                                        
                                            GET /lp/forex-trading/static/item1_video.webm HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.88
HTTP/2 206 Partial Content
content-type: video/webm
                                        
server: nginx
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/en/>; rel="canonical"
backend: arbitre_v4
remote-addr: 2.21.240.228
accept-ranges: bytes
date: Sun, 04 Dec 2022 10:23:08 GMT
content-range: bytes 0-486625/486626
content-length: 486626
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  WebM\012- EBML file, creator webmB\20\012- data
Size:   486626
Md5:    3d9e4b2f4d5bf38586db29bf3539f66a
Sha1:   cefe8c83119630442d70769291772b23cd058025
Sha256: 5ea54e503b131752cffc43b2458c24c1346f8952f714d68e585b3c4418ec6967
                                        
                                            GET /lp/forex-trading/static/item2_video.webm HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.88
HTTP/2 206 Partial Content
content-type: video/webm
                                        
server: nginx
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/ko/>; rel="canonical"
backend: arbitre_v4
remote-addr: 23.3.90.101
accept-ranges: bytes
date: Sun, 04 Dec 2022 10:23:08 GMT
content-range: bytes 0-647596/647597
content-length: 647597
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  WebM\012- EBML file, creator webmB\20\012- data
Size:   647597
Md5:    1b81f0a47a68878ca5483f22b7eafb91
Sha1:   8f46a39494ff12a80321f06c935708b57bf9aa92
Sha256: e571e377c67c95f135e3201abcf7d76286d0a9bcaac9c72db08401c00da9f14a
                                        
                                            GET /lp/forex-trading/static/item3_video.webm HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.88
HTTP/2 206 Partial Content
content-type: video/webm
                                        
server: nginx
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/ko/>; rel="canonical"
backend: arbitre_v4
remote-addr: 2.21.240.231
accept-ranges: bytes
date: Sun, 04 Dec 2022 10:23:08 GMT
content-range: bytes 0-1000809/1000810
content-length: 1000810
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  WebM\012- EBML file, creator webmB\20\012- data
Size:   1000810
Md5:    87b388d756dd5c1c17f6e0b763095f79
Sha1:   1d1ff76228a7a9745fa9cbd73a7d213575658687
Sha256: 7ba6e80cda5ee27fb97f4409e858cf0c580dc643d0bd21ce7c15f1dc0162d73a
                                        
                                            GET /?st=pba& HTTP/1.1 
Host: websdk.appsflyer.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.88
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
x-amz-id-2: 4haMOXDItrc8YAsvjP5Y/gbfdGolA2yEsUPI+FqwDDhYzG2L2zfJACl/etuphYJSQMXfI7TXm8g=
x-amz-request-id: MKFRWNGA75DSVKN5
Last-Modified: Wed, 27 Apr 2022 08:41:43 GMT
ETag: "cc82ca2a69eac2386ea395ea1e0ad0f6"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2992
Expires: Sun, 04 Dec 2022 11:13:00 GMT
Date: Sun, 04 Dec 2022 10:23:08 GMT
Content-Length: 9575
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (21856)
Size:   9575
Md5:    2902a2c87591f52fe75ec67763d36598
Sha1:   f95fdcd612b076f2deccc29c4674a80f1db9cad6
Sha256: 3f9873dc0fcde232799bfaea802351433c9934862bb296e993c442cf0fbfcd6f
                                        
                                            GET /mgsensor.js?d=1670149385769 HTTP/1.1 
Host: a.mgid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.19.134.78
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 10:23:08 GMT
vary: Accept-Encoding
x-mg-request-uuid: 7113c46e-4627-4ef3-8e75-4be182d29e24
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=scvBudaULoXLGMdE9jZPhsTBfmy5FinmYkvuRS9Ppzo-1670149388-0-AZDJc8GeFLnP1QMpIYEIyvHYcTI2xXeL0gTLallpa5ipp/PKALoy1i7jYqxQmpFXxDLcljbq1yFuhpKZdokfOek=; path=/; expires=Sun, 04-Dec-22 10:53:08 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7743d32bfeff1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15105), with no line terminators
Size:   5235
Md5:    c5bf712c49b3782c89281f5698ed92d5
Sha1:   497d242df30199f3597617ee0fb400ea4dac3b62
Sha256: 96d1bfce3cb963f9ce4b5ed17b112f0c8a622ada1f93148a662438fba2b8bd0f
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.14
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 04 Dec 2022 08:46:55 GMT
expires: Sun, 04 Dec 2022 10:46:55 GMT
cache-control: public, max-age=7200
age: 5773
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 10:23:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BH1SENMS6L&cid=1729053143.1670149386&gtm=2oebu0&aip=1&z=1838476303 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 10:23:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: u3DNW74I2EpII1Wzb1kIKCwh/58Cu1viirDUJJ/J2d2d3QLGz3MpMpg39PJ48kKjexRDwxmutenQGuwua80USw==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Sun, 04 Dec 2022 10:23:08 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   27340
Md5:    44ecaa3c2a4929a40141edc4540aaf84
Sha1:   f29a573182333b2500d41bfc389d6c5232dfb348
Sha256: 6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 10:23:08 GMT
Content-Length: 938
Connection: keep-alive
Expires: Thu, 08 Dec 2022 08:33:36 GMT
ETag: "0c4277a397bea0fd845c3d50d25611c09c019242"
Last-Modified: Sun, 04 Dec 2022 08:33:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 50
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7743d32effb70afa-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5682
Cache-Control: max-age=122824
Date: Sun, 04 Dec 2022 10:23:08 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 20:30:12 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 10:23:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /lp/forex-trading/_next/static/images/favicon-16x16-35eb524c3ef37951f7c6725f2faf9ac1.png HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
content-length: 429
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/en/>; rel="canonical"
backend: arbitre_v4
remote-addr: 2.21.240.95
accept-ranges: bytes
date: Sun, 04 Dec 2022 10:23:08 GMT
set-cookie: IsAppStoreCountry=true; expires=Wed, 04 Jan 2023 10:23:08 GMT; domain=.iqoption.com; path=/; secure; SameSite=None connection_track=c52d8515c327e3236d2738bc23799b37
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   429
Md5:    35eb524c3ef37951f7c6725f2faf9ac1
Sha1:   b97ac7225ab30a831998b29556e8a3361d44a9a1
Sha256: 543c6de6d1378fef8237ba0eae724a8823a6d7542276462c2efbc8ba25760f6c
                                        
                                            GET /metrika/tag.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         87.250.250.119
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 73266
date: Sun, 04 Dec 2022 10:23:08 GMT
access-control-allow-origin: *
etag: "6388ac0c-11e32"
expires: Sun, 04 Dec 2022 11:23:08 GMT
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Size:   73266
Md5:    a4567a1e52f99c2b3870f58375ec8cac
Sha1:   dbfc795e71fc19f7e45e8637abc4ac770f639a48
Sha256: 2b13b5716855040bd9a08972b0e61369e50c6daa402ed937e18f6795f82429c8
                                        
                                            GET /lp/api/cookies HTTP/1.1 
Host: banking.trading
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iqbroker.com/
Origin: https://iqbroker.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         185.117.134.138
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Sun, 04 Dec 2022 10:23:08 GMT
content-length: 108
access-control-allow-credentials: true
access-control-allow-origin: https://iqbroker.com
backend: arbitre_v4_api
strict-transport-security: max-age=15555600
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   108
Md5:    b82324f523a57740738b801d7803a5c4
Sha1:   27ac403588140544b12e630a7f264eaa5058fc82
Sha256: 216cd6620b4e2e1247222fb537a047b2479f3f848ae141ede93711fa7baebbab
                                        
                                            GET /lp/api/cookies HTTP/1.1 
Host: iq-options.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iqbroker.com/
Origin: https://iqbroker.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         185.117.134.138
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Sun, 04 Dec 2022 10:23:08 GMT
content-length: 108
access-control-allow-credentials: true
access-control-allow-origin: https://iqbroker.com
backend: arbitre_v4_api
strict-transport-security: max-age=15555600
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   108
Md5:    b82324f523a57740738b801d7803a5c4
Sha1:   27ac403588140544b12e630a7f264eaa5058fc82
Sha256: 216cd6620b4e2e1247222fb537a047b2479f3f848ae141ede93711fa7baebbab
                                        
                                            GET /lp/api/cookies HTTP/1.1 
Host: iqoption.co.th
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iqbroker.com/
Origin: https://iqbroker.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         185.117.134.138
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Sun, 04 Dec 2022 10:23:08 GMT
content-length: 108
access-control-allow-credentials: true
access-control-allow-origin: https://iqbroker.com
backend: arbitre_v4_api
strict-transport-security: max-age=15555600
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   108
Md5:    b82324f523a57740738b801d7803a5c4
Sha1:   27ac403588140544b12e630a7f264eaa5058fc82
Sha256: 216cd6620b4e2e1247222fb537a047b2479f3f848ae141ede93711fa7baebbab
                                        
                                            GET /lp/api/cookies HTTP/1.1 
Host: eu.iqoption.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iqbroker.com/
Origin: https://iqbroker.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         185.117.134.138
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Sun, 04 Dec 2022 10:23:08 GMT
content-length: 108
access-control-allow-credentials: true
access-control-allow-origin: https://iqbroker.com
backend: arbitre_v4_api
set-cookie: connection_track=0636c2587ac6525993005f33cfcfd614
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   108
Md5:    b82324f523a57740738b801d7803a5c4
Sha1:   27ac403588140544b12e630a7f264eaa5058fc82
Sha256: 216cd6620b4e2e1247222fb537a047b2479f3f848ae141ede93711fa7baebbab
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2652
Cache-Control: max-age=100667
Date: Sun, 04 Dec 2022 10:23:08 GMT
Etag: "638b50eb-2d7"
Expires: Mon, 05 Dec 2022 14:20:55 GMT
Last-Modified: Sat, 03 Dec 2022 13:36:43 GMT
Server: ECS (amb/6BBA)
X-Cache: HIT
Content-Length: 727

                                        
                                            GET /lp/api/cookies HTTP/1.1 
Host: broker-iqoption.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iqbroker.com/
Origin: https://iqbroker.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         185.117.134.138
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Sun, 04 Dec 2022 10:23:08 GMT
content-length: 108
access-control-allow-credentials: true
access-control-allow-origin: https://iqbroker.com
backend: arbitre_v4_api
strict-transport-security: max-age=15555600
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   108
Md5:    b82324f523a57740738b801d7803a5c4
Sha1:   27ac403588140544b12e630a7f264eaa5058fc82
Sha256: 216cd6620b4e2e1247222fb537a047b2479f3f848ae141ede93711fa7baebbab
                                        
                                            GET /lp/api/cookies HTTP/1.1 
Host: iqoptions.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iqbroker.com/
Origin: https://iqbroker.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         185.117.134.138
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Sun, 04 Dec 2022 10:23:08 GMT
content-length: 108
access-control-allow-credentials: true
access-control-allow-origin: https://iqbroker.com
backend: arbitre_v4_api
strict-transport-security: max-age=15555600
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   108
Md5:    b82324f523a57740738b801d7803a5c4
Sha1:   27ac403588140544b12e630a7f264eaa5058fc82
Sha256: 216cd6620b4e2e1247222fb537a047b2479f3f848ae141ede93711fa7baebbab
                                        
                                            GET /lp/api/cookies HTTP/1.1 
Host: iqbroker.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iqbroker.com/
Origin: https://iqbroker.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         185.117.134.138
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Sun, 04 Dec 2022 10:23:08 GMT
content-length: 108
access-control-allow-credentials: true
access-control-allow-origin: https://iqbroker.com
backend: arbitre_v4_api
strict-transport-security: max-age=15555600
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   108
Md5:    b82324f523a57740738b801d7803a5c4
Sha1:   27ac403588140544b12e630a7f264eaa5058fc82
Sha256: 216cd6620b4e2e1247222fb537a047b2479f3f848ae141ede93711fa7baebbab
                                        
                                            GET /lp/api/cookies HTTP/1.1 
Host: iq-option.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iqbroker.com/
Origin: https://iqbroker.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         185.117.134.138
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Sun, 04 Dec 2022 10:23:08 GMT
content-length: 108
access-control-allow-credentials: true
access-control-allow-origin: https://iqbroker.com
backend: arbitre_v4_api
strict-transport-security: max-age=15555600
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   108
Md5:    b82324f523a57740738b801d7803a5c4
Sha1:   27ac403588140544b12e630a7f264eaa5058fc82
Sha256: 216cd6620b4e2e1247222fb537a047b2479f3f848ae141ede93711fa7baebbab
                                        
                                            GET /lp/api/cookies HTTP/1.1 
Host: iqoption.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iqbroker.com
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         185.117.134.136
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Sun, 04 Dec 2022 10:23:08 GMT
content-length: 108
access-control-allow-credentials: true
access-control-allow-origin: https://iqbroker.com
backend: arbitre_v4_api
set-cookie: connection_track=ed545d9a8fed72cb59e12dbfa3ac0ffe
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   108
Md5:    b82324f523a57740738b801d7803a5c4
Sha1:   27ac403588140544b12e630a7f264eaa5058fc82
Sha256: 216cd6620b4e2e1247222fb537a047b2479f3f848ae141ede93711fa7baebbab
                                        
                                            POST /g/collect?v=2&tid=G-BH1SENMS6L&gtm=2oebu0&_p=1092306973&_gaz=1&cid=1729053143.1670149386&ul=en-us&sr=1280x1024&_s=1&sid=1670149385&sct=1&seg=0&dl=https%3A%2F%2Fiqbroker.com%2Flp%2Fforex-trading%2F%3Faff%3D1055%26afftrack%3Dwu73dh512n5paauk295c4u04%26clickid%3Dwu73dh512n5paauk295c4u04%26aff_model%3D&dt=A%20classic%20Reimagined.%20Forex%20by%20IQ%20Option.&en=page_view&_fv=1&_nsi=1&_ss=2 HTTP/1.1 
Host: region1.analytics.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iqbroker.com
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://iqbroker.com
date: Sun, 04 Dec 2022 10:23:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 10:23:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /hit?aff_id=1055&aff_model=&aff_track=wu73dh512n5paauk295c4u04__clickid-wu73dh512n5paauk295c4u04&brand_id=1&rand=0.5678235495028825&u=37eee2119333ce650184d6b02b409ec7 HTTP/1.1 
Host: tracker.affiliate.iqbroker.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iqbroker.com/
Origin: https://iqbroker.com
Connection: keep-alive
Cookie: visid_incap_2683110=IfGZJdWtSAqPxfhfV9K/nwt1jGMAAAAAQUIPAAAAAAChDCa0XZ+BdVbGQiFNKD2B; incap_ses_7235_2683110=SMv7UIhFJ0QT1XuUr+JnZAt1jGMAAAAA4HBHoks0lZ3xpysgw9K64A==; IsRestrictedCountry=false; IsRegulatedCountry=true; Country=no; CountryID=149; landing=/lp/forex-trading/; aff=1055; retrack=; affextra=; afftrack=wu73dh512n5paauk295c4u04__clickid-wu73dh512n5paauk295c4u04; aff_model=; aff_ts=2022-12-04T10:23:07Z; AffTrackGroup=Black_team_(partnerka); Serv=NL; AppID=id871125783; brand_id=1; platform=9; client_platform_id=9; support_email=support@eu.iqoption.com; company_id=1; IsAppStoreCountry=true; RedirectDomain=iqoption.com; linkPolicy=/en/terms-and-conditions/privacy-policy-new; linkTerms=/en/terms-and-conditions/terms-conditions; RedirectDomains=iqoption.com,iqtrading.asia; _gcl_au=1.1.305262444.1670149386; _ga_BH1SENMS6L=GS1.1.1670149385.1.0.1670149385.60.0.0; _ga=GA1.1.1729053143.1670149386; aff_params={"landing_url":"https://iqbroker.com/lp/forex-trading/"}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         185.117.134.138
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 04 Dec 2022 10:23:08 GMT
content-length: 15
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://iqbroker.com
set-cookie: tsd=3b806f34-ca51-4456-a5cc-3ce81ad6a10d; Expires=Mon, 05 Dec 2022 10:23:08 GMT; HttpOnly; Secure; SameSite=None country_code=NO
strict-transport-security: max-age=15555600
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   15
Md5:    28ec1eee5f4049e3c4f2135069c1d2c8
Sha1:   3505519507ca1c2a089c46e100b80408ca278421
Sha256: edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
                                        
                                            GET /lp/api/cookies HTTP/1.1 
Host: iqoption.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iqbroker.com/
Origin: https://iqbroker.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         185.117.134.136
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Sun, 04 Dec 2022 10:23:08 GMT
content-length: 108
access-control-allow-credentials: true
access-control-allow-origin: https://iqbroker.com
backend: arbitre_v4_api
set-cookie: connection_track=5f3b023023acbd773c0f882a8f9be242
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   108
Md5:    b82324f523a57740738b801d7803a5c4
Sha1:   27ac403588140544b12e630a7f264eaa5058fc82
Sha256: 216cd6620b4e2e1247222fb537a047b2479f3f848ae141ede93711fa7baebbab
                                        
                                            POST /g/collect?v=2&tid=G-BH1SENMS6L&cid=1729053143.1670149386&gtm=2oebu0&aip=1 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iqbroker.com
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         108.177.14.157
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://iqbroker.com
date: Sun, 04 Dec 2022 10:23:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-44367767-1&cid=1729053143.1670149386&jid=1818634014&gjid=1363904590&_gid=615051046.1670149387&_u=YCDAiEABBAAAAEAAI~&z=1979460166 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://iqbroker.com
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         108.177.14.157
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://iqbroker.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 04 Dec 2022 10:23:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 10:23:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /modules.90de377b639fd5b933d2.js HTTP/1.1 
Host: script.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         65.9.44.121
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 68504
date: Thu, 01 Dec 2022 13:37:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "8766036825574dfbddbfc197bd098f6b"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f13ebb34b9ca74b5ffe9e85709c21a7c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: 5mxAAQUxLwjJevXOdyPLIpWAB2yVmejXb1CdBCv2rdbg8liHKII5Zg==
age: 247563
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (48714)
Size:   68504
Md5:    8766036825574dfbddbfc197bd098f6b
Sha1:   3c6087743e1b23d7f071f66d65bec1fdb143a2c2
Sha256: 89c7cf4e7103f90d1cc059e02ac95e97a976de4867e6215945fa6046b04db0b8
                                        
                                            GET /watch/22669009/1?wmode=7&page-url=https%3A%2F%2Fiqbroker.com%2Flp%2Fforex-trading%2F%3Faff%3D1055%26afftrack%3Dwu73dh512n5paauk295c4u04%26clickid%3Dwu73dh512n5paauk295c4u04%26aff_model%3D&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A528%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A128918254595%3Ahid%3A724927717%3Az%3A0%3Ai%3A20221204102306%3Aet%3A1670149387%3Ac%3A1%3Arn%3A377225490%3Arqn%3A1%3Au%3A1670149387274379285%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A17%2C57%2C31%2C0%2C265%2C0%2C%2C143%2C0%2C%2C%2C%2C519%3Aco%3A0%3Ans%3A1670149385063%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670149387%3At%3AA%20classic%20Reimagined.%20Forex%20by%20IQ%20Option.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iqbroker.com
Referer: https://iqbroker.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.250.119
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
content-length: 1115
date: Sun, 04 Dec 2022 10:23:09 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://iqbroker.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 04-Dec-2022 10:23:09 GMT
last-modified: Sun, 04-Dec-2022 10:23:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1115), with no line terminators
Size:   1115
Md5:    35e437011c218e3aba0d8210e7b9aa5f
Sha1:   963c81ebd554fc723b0b9ae6a363a71049797aa4
Sha256: 27a799baffeb05afd6d42de511a55d7ae322bccfb511e9b2e554aabeb89f8f05
                                        
                                            GET /tr/?id=268776370499332&ev=PageView&dl=https%3A%2F%2Fiqbroker.com%2Flp%2Fforex-trading%2F%3Faff%3D1055%26afftrack%3Dwu73dh512n5paauk295c4u04%26clickid%3Dwu73dh512n5paauk295c4u04%26aff_model%3D&rl=&if=false&ts=1670149386939&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1670149386938.559577761&it=1670149386733&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         157.240.240.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 04 Dec 2022 10:23:09 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /metrika/advert.gif HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.250.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Sun, 04 Dec 2022 10:23:09 GMT
access-control-allow-origin: *
etag: "6388ac0c-2b"
expires: Sun, 04 Dec 2022 11:23:09 GMT
accept-ranges: bytes
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /watch/22669009?wmode=7&page-url=https%3A%2F%2Fiqbroker.com%2Flp%2Fforex-trading%2F%3Faff%3D1055%26afftrack%3Dwu73dh512n5paauk295c4u04%26clickid%3Dwu73dh512n5paauk295c4u04%26aff_model%3D&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A528%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A128918254595%3Ahid%3A724927717%3Az%3A0%3Ai%3A20221204102306%3Aet%3A1670149387%3Ac%3A1%3Arn%3A377225490%3Arqn%3A1%3Au%3A1670149387274379285%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A17%2C57%2C31%2C0%2C265%2C0%2C%2C143%2C0%2C%2C%2C%2C519%3Aco%3A0%3Ans%3A1670149385063%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670149387%3At%3AA%20classic%20Reimagined.%20Forex%20by%20IQ%20Option.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iqbroker.com
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.250.119
HTTP/2 302 Found
                                        
location: /watch/22669009/1?wmode=7&page-url=https%3A%2F%2Fiqbroker.com%2Flp%2Fforex-trading%2F%3Faff%3D1055%26afftrack%3Dwu73dh512n5paauk295c4u04%26clickid%3Dwu73dh512n5paauk295c4u04%26aff_model%3D&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A528%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A128918254595%3Ahid%3A724927717%3Az%3A0%3Ai%3A20221204102306%3Aet%3A1670149387%3Ac%3A1%3Arn%3A377225490%3Arqn%3A1%3Au%3A1670149387274379285%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A17%2C57%2C31%2C0%2C265%2C0%2C%2C143%2C0%2C%2C%2C%2C519%3Aco%3A0%3Ans%3A1670149385063%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670149387%3At%3AA%20classic%20Reimagined.%20Forex%20by%20IQ%20Option.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sun, 04 Dec 2022 10:23:09 GMT
access-control-allow-origin: https://iqbroker.com
set-cookie: yabs-sid=2596713651670149389; Path=/; SameSite=None; Secure i=ZNg1rwnsJ9vTy4dnr8SYPECRrLJBf3pzn9mMACeN5En6IDU5PYOvVlAumhi/jl6BHuJrBGCqezNanwF5lD+tbAk2hXI=; Expires=Wed, 01-Dec-2032 10:22:59 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None yandexuid=92205761670149389; Expires=Mon, 04-Dec-2023 10:23:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=92205761670149389; Expires=Mon, 04-Dec-2023 10:23:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure ymex=1701685389.yc.1670149389#1701685389.yrts.1670149389#1701685389.yrtsi.1670149389; Expires=Mon, 04-Dec-2023 10:23:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 04-Dec-2022 10:23:09 GMT
last-modified: Sun, 04-Dec-2022 10:23:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    57f187c7a868faeac558007a8eb6cb2e
Sha1:   11ab10ab109fdb53d91d444ac781101f5a6360c6
Sha256: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
                                        
                                            GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1 
Host: vars.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         65.9.44.28
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3bf14a720d62e0d1295d99086d103efa.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: 29aFlvzLRKmWY1miuDtjuj5CHFAfEcAXqYE0qRmG3uM9fD8rYkR_dw==
age: 940383
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size:   1035
Md5:    e0652b84b7b3b650769c759fc520c3f8
Sha1:   0b55d6e28613350c7f41b88f19e726e6751ad03b
Sha256: 94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
                                        
                                            GET /bat.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         204.79.197.200
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: private,max-age=1800
content-length: 11430
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=1A14FA936FB962BD0FDDE8E36E4C63E4; domain=.bing.com; expires=Fri, 29-Dec-2023 10:23:09 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8C86EA7B7CE94EEEA97D84C2046665D6 Ref B: OSL30EDGE0517 Ref C: 2022-12-04T10:23:09Z
date: Sun, 04 Dec 2022 10:23:09 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Size:   11430
Md5:    df169ce602a3bb847c575192cb8b744f
Sha1:   be40c6958e00904f9f50d56a729b87270a48d7c7
Sha256: e47e8fd99a7313873847ce85655117b5b7ba34ddfed7c2900006f3f2be0ae7ee
                                        
                                            GET /i18n/pixel/events.js?sdkid=CCVAQM3C77U2G17VLMO0&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.128
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 202212041023097791C319EE95D335E5B7
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb614aaf58061e7e31aca0a3667efd5b7b3823bc6135521c5272378283493f76f57b2efcb38cfcd065995b696c837a7d9ec4d2688a70fb29a08b8a71aaf0410ac7a4414a092de53eb71265660e63513c985
content-encoding: gzip
content-length: 1033
x-origin-response-time: 7,23.221.225.156
x-akamai-request-id: cfddc0b2.58b807bd
expires: Sun, 04 Dec 2022 10:23:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 04 Dec 2022 10:23:09 GMT
x-cache: TCP_MISS from a95-101-10-124.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
set-cookie: _ttp=2IRfbiJdSsLb3GLxCHeZOfeZEkZ; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-221-225-156.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=7, inner; dur=1
x-parent-response-time: 106,95.101.10.124
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2091)
Size:   1033
Md5:    6eb75a24181ff951f5f8f47a4d815c5e
Sha1:   af63809fd884feff9cd2b74904c6514924e5c4cb
Sha256: 5ec69e6cd2cd917db7d0ae20fd3c37a625260141f09217c03551f4251bcba302
                                        
                                            GET /i18n/pixel/static/main.MTRjZDliOGFlMA.js HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Cookie: _ttp=2IRfbiJdSsLb3GLxCHeZOfeZEkZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         95.101.10.128
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
cache-control: public, max-age=31536000, immutable
x-tt-logid: 2022120115071667AA432E549451B37C27
x-tt-trace-host: 0107f623d8b8af93de4758d7753b283d208729b098d8fb865fd61dd8a7f9fc13cc9699bae3f6b9ea9d9e1d15126016e0439dcfe655e327d508bca81f1d447dac526a62a637ad231a8701d2cea60607fde8
content-encoding: gzip
date: Sun, 04 Dec 2022 10:23:09 GMT
content-length: 62261
x-cache: TCP_HIT from a95-101-10-124.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=12
x-akamai-request-id: 58b80821
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25602)
Size:   62261
Md5:    af6554b3d6a27605762843859f00442d
Sha1:   c23e931e699bbecae23d986a6cbf209ba0a28070
Sha256: 4078bb4d3ab56862aa139b46186483f51ae7e6eb798bc61f1f8b090fb61c5d3a
                                        
                                            GET /i18n/pixel/static/identify_87671.js HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Cookie: _ttp=2IRfbiJdSsLb3GLxCHeZOfeZEkZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         95.101.10.128
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20221025132332E17C791651961F7529DD
x-tt-trace-host: 01fd55814806c56b8ac2f7e1fc489b012cf7fe6389034e9b793ed3f334e223bd41bfd41207f501e0c60912367ce731d86fcc288b51b0e2e83bc1d92d187febaa71b2c172923b15de83698dac715e98e721
content-encoding: gzip
date: Sun, 04 Dec 2022 10:23:09 GMT
content-length: 30778
x-cache: TCP_MEM_HIT from a95-101-10-124.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 58b8087e
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   35501
Md5:    ff9615d3cff85c7aa4576ed4df5657a6
Sha1:   84f569a928004996825c9ce39c0327d006e6b4a8
Sha256: c5db71b6bb56d091be062c59f4cbb2d816318c6fae1bbccd0c7edb24686b5983
                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 805
Origin: https://iqbroker.com
Connection: keep-alive
Referer: https://iqbroker.com/
Cookie: _ttp=2IRfbiJdSsLb3GLxCHeZOfeZEkZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         95.101.10.128
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2022120410230901DD546C9CA35D3C6FED
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb6a2a54c5890960548a8a1e2e0a2153b79f3d091217a738c2a3702793bd9261ecceccf97140bc1b5bbb2aa717f375671596b34bba99c54ef5e50c4fb51e203d410
expires: Sun, 04 Dec 2022 10:23:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 04 Dec 2022 10:23:09 GMT
x-cache: TCP_MISS from a95-101-10-124.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=5, origin; dur=106
x-origin-response-time: 107,95.101.10.124
x-akamai-request-id: 58b80888
X-Firefox-Spdy: h2

                                        
                                            GET /action/0?ti=5089525&tm=gtm002&Ver=2&mid=6de7db1d-bff5-4774-b477-b81bedc3cfc0&sid=a51046d073bd11edaeedddd409211008&vid=a51054e073bd11ed84b7596772565ae1&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=A%20classic%20Reimagined.%20Forex%20by%20IQ%20Option.&p=https%3A%2F%2Fiqbroker.com%2Flp%2Fforex-trading%2F%3Faff%3D1055%26afftrack%3Dwu73dh512n5paauk295c4u04%26clickid%3Dwu73dh512n5paauk295c4u04%26aff_model%3D&r=&lt=519&evt=pageLoad&sv=1&rn=7309 HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         204.79.197.200
HTTP/2 204 No Content
                                        
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=02B28A8C860B63232E3698FC87FE6229; domain=.bing.com; expires=Fri, 29-Dec-2023 10:23:10 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 77171D72A6B54626BC37C5EC43AD3804 Ref B: OSL30EDGE0517 Ref C: 2022-12-04T10:23:10Z
date: Sun, 04 Dec 2022 10:23:10 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /p/action/5089525.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         204.79.197.200
HTTP/2 204 No Content
                                        
cache-control: private,max-age=1800
set-cookie: MUID=1A08979E20A26E011E7A85EE21576F76; domain=.bing.com; expires=Fri, 29-Dec-2023 10:23:10 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4BAC91BAB9444352BC4DECF3601FD1A2 Ref B: OSL30EDGE0517 Ref C: 2022-12-04T10:23:10Z
date: Sun, 04 Dec 2022 10:23:10 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         65.9.54.126
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162941
Date: Sun, 04 Dec 2022 10:23:10 GMT
Etag: "638c4b44-1d7"
Expires: Tue, 06 Dec 2022 07:38:51 GMT
Last-Modified: Sun, 04 Dec 2022 07:24:52 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 f3f3e5094c644e85d297de594ccdba30.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
X-Amz-Cf-Id: drPkYTlWtCx9VS49vYRlCNK2jfBIMZTnTOR_zEXckTnM6RiiSKrSaA==
Age: 839

                                        
                                            GET /v1/onelink HTTP/1.1 
Host: wa.onelink.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iqbroker.com
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.248.56.25
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Origin: https://iqbroker.com
Date: Sun, 04 Dec 2022 10:23:10 GMT
Content-Length: 13
Connection: keep-alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   13
Md5:    593e8538d63f30de24fbb439dd424870
Sha1:   f838a78077c6d023e0d0bca95f0f335df4b8b468
Sha256: 38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         65.9.54.126
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=163524
Date: Sun, 04 Dec 2022 10:23:10 GMT
Etag: "638c4b44-1d7"
Expires: Tue, 06 Dec 2022 07:48:34 GMT
Last-Modified: Sun, 04 Dec 2022 07:24:52 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 d661c8f821b4dd0011bb1bb50baf07c2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
X-Amz-Cf-Id: -zglls5SVGL3KJYesmqWoSwK2MM7Q5kOfWjjJN9qe0AJgNNRG9graQ==
Age: 1423

                                        
                                            GET /v1/onelink HTTP/1.1 
Host: wa.onelink.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iqbroker.com
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.248.56.25
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Origin: https://iqbroker.com
Date: Sun, 04 Dec 2022 10:23:10 GMT
Content-Length: 13
Connection: keep-alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   13
Md5:    593e8538d63f30de24fbb439dd424870
Sha1:   f838a78077c6d023e0d0bca95f0f335df4b8b468
Sha256: 38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.cn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         47.246.44.205
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Date: Sun, 04 Dec 2022 10:23:11 GMT
Last-Modified: Sat, 03 Dec 2022 23:36:58 GMT
ETag: "638bdd9a-1d7"
Expires: Mon, 05 Dec 2022 23:36:58 GMT
Cache-Control: max-age=134027
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1670149391
Via: cache9.l2de2[458,457,200-0,M], cache9.l2de2[459,0], cache3.se1[479,478,200-0,M], cache3.se1[481,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 04 Dec 2022 10:23:11 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716701493906974655e

                                        
                                            GET /ads/SG_iqoption_@S.js HTTP/1.1 
Host: api.popin.cc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         119.63.193.220
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx
Date: Sun, 04 Dec 2022 10:23:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 14 Sep 2020 08:33:58 GMT
ETag: W/"4511453817dd21621eb260e855ead80c"
Cache-Control: max-age=3600
x-amz-version-id: null
Expires: Sun, 04 Dec 2022 11:23:11 GMT
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Cache-Status: HIT from 10.252.55.26
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (964)
Size:   602
Md5:    f0f2d7ae86eb34ff1c009e24a7d5c0c0
Sha1:   513c07402321ed14267010584a46904e8b57ad98
Sha256: a7248391a34b0adf1405d10c07a499a357c1506f544b992b17c3326c276d2fe3
                                        
                                            GET /popin_discovery5-min.js HTTP/1.1 
Host: api.popin.cc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         119.63.193.220
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 04 Dec 2022 10:23:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 15 Nov 2022 11:05:50 GMT
ETag: W/"66fc13530273f2130968bd58b34b1ea6"
x-amz-version-id: ZSHgav7oxHWIG.1hJRy7dZhzYvDPn4Zl
Expires: Sun, 04 Dec 2022 11:23:11 GMT
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Cache-Status: HIT from 10.252.55.26
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65212), with no line terminators
Size:   43088
Md5:    406fcd1fef98a20924ec24ea94ee1d0a
Sha1:   b68e351a238a85f1f788963e7a3b4970be68659d
Sha256: 1312ca4a2652d4cb7b5c72571566aa6596a01b1e684870c0bf2f71d7f6d7b3fd
                                        
                                            GET /td_js_sdk_171.js HTTP/1.1 
Host: api.popin.cc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         119.63.193.220
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx
Date: Sun, 04 Dec 2022 10:23:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
Cache-Control: max-age=3600
x-amz-version-id: null
Expires: Sun, 04 Dec 2022 11:23:12 GMT
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Cache-Status: HIT from 10.252.55.26
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (15820)
Size:   12707
Md5:    f8c04fbcd2a9a8decb5575efb7579613
Sha1:   25b9b4daa00ce4f2393123574211b07dfdf666d2
Sha256: ca3918c559732ff63c526b8a42b4033c38a6001894d315775fe70db6d0851038
                                        
                                            GET /lp/forex-trading/?aff=1055&afftrack=wu73dh512n5paauk295c4u04&clickid=wu73dh512n5paauk295c4u04&aff_model= HTTP/1.1 
Host: iqbroker.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: visid_incap_2683110=IfGZJdWtSAqPxfhfV9K/nwt1jGMAAAAAQUIPAAAAAAChDCa0XZ+BdVbGQiFNKD2B; incap_ses_7235_2683110=SMv7UIhFJ0QT1XuUr+JnZAt1jGMAAAAA4HBHoks0lZ3xpysgw9K64A==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         185.117.134.138
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Sun, 04 Dec 2022 10:23:07 GMT
last-modified: Fri, 02 Dec 2022 14:20:52 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
set-cookie: IsRestrictedCountry=false; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None IsRegulatedCountry=true; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None Country=no; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None CountryID=149; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None landing=/lp/forex-trading/; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None aff=1055; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None retrack=; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None affextra=; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None afftrack=wu73dh512n5paauk295c4u04__clickid-wu73dh512n5paauk295c4u04; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None aff_model=; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None aff_ts=2022-12-04T10:23:07Z; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None AffTrackGroup=Black_team_(partnerka); expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None Serv=NL; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None AppID=id871125783; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None brand_id=1; expires=Sun, 11 Dec 2022 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None platform=9; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None client_platform_id=9; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None support_email=support@eu.iqoption.com; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None company_id=1; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None IsAppStoreCountry=true; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None RedirectDomain=iqoption.com; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None linkPolicy=/en/terms-and-conditions/privacy-policy-new; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None linkTerms=/en/terms-and-conditions/terms-conditions; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None RedirectDomains=iqoption.com,iqtrading.asia; expires=Wed, 04 Jan 2023 10:23:07 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
link: <https://iqbroker.com/lp/forex-trading/en/>; rel="canonical"
backend: arbitre_v4
remote-addr: 91.90.42.154
content-encoding: gzip
strict-transport-security: max-age=15555600
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /lp/forex-trading/static/review2.png HTTP/1.1 
Host: static.cdnroute.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.88
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
content-length: 5123
last-modified: Fri, 02 Dec 2022 14:20:50 GMT
access-control-allow-origin: *
link: <https://iqoption.com/lp/forex-trading/pt/>; rel="canonical"
backend: arbitre_v4
remote-addr: 23.60.69.3
accept-ranges: bytes
date: Sun, 04 Dec 2022 10:23:08 GMT
x-provider-name: Akamai
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c/hotjar-3225446.js?sv=7 HTTP/1.1 
Host: static.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.113
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 10:22:31 GMT
cache-control: max-age=60
etag: W/efbbf76afae884fe9f41b78cbb51083a
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QhQYZXAg4ZYQfX6RWFRqgDb2vUfX0g5jYMfkVX3v_5oslpucjhj4IQ==
age: 37
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c/hotjar-3225453.js?sv=7 HTTP/1.1 
Host: static.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iqbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.113
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Sun, 04 Dec 2022 10:22:22 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/56c034ac734086bfc5dfbb2c17ffd0b7
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RRVFUBXhTttipJi1l-iNz1VzyL3Euk5zziwxs0dU86M9-nfCQQL_zg==
age: 47
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /zp-redirect?target=https%3A%2F%2Faffiliate.iqbroker.com%2Fredir%2F%3Faff%3D1055%26instrument%3Dforex%26afftrack%3Dwu73dh512n5paauk295c4u04%26clickid%3Dwu73dh512n5paauk295c4u04&caid=2d5ae96c-10d1-4bbe-9cb4-11c1a54aa87c&zpid=a372db23-73bd-11ed-84ff-0a5af0e8e43f&cid=wu73dh512n5paauk295c4u04&rt=D HTTP/1.1 
Host: 1yyhe.trackvoluum.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dipaka-ead.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         35.156.91.109
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
                                        
date: Sun, 04 Dec 2022 10:23:07 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: voluum-cid-v4=%7B%22cid%22%3A%22wu73dh512n5paauk295c4u04%22%2C%22caid%22%3A%222d5ae96c-10d1-4bbe-9cb4-11c1a54aa87c%22%7D; Max-Age=31536000; Expires=Mon, 04-Dec-2023 10:23:07 GMT; Domain=1yyhe.trackvoluum.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /redirect?target=BASE64aHR0cHM6Ly9hZmZpbGlhdGUuaXFicm9rZXIuY29tL3JlZGlyLz9hZmY9MTA1NSZpbnN0cnVtZW50PWZvcmV4JmFmZnRyYWNrPXd1NzNkaDUxMm41cGFhdWsyOTVjNHUwNCZjbGlja2lkPXd1NzNkaDUxMm41cGFhdWsyOTVjNHUwNA&ts=1670149387158&hash=NKJmRySAg2cO8RSerUuO1ML2HdHsrhI3qSydG28L96E&rm=D HTTP/1.1 
Host: deffield-funuals.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         18.192.108.151
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
                                        
server: nginx
date: Sun, 04 Dec 2022 10:23:07 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2


--- Additional Info ---