firefox.settings.services.mozilla.com/v1/
18.165.201.83200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.165.201.83:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 18:03:12 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1872df29670137f21773bdb80da38e36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: XHaXzHtN9evsS-vyOstMGZjyUqVcxArAhsmoqVSdiTljkK0hhB8kLA==
Age: 587
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 60e4edea7b5f4d19f3547a3bb2d5df57
3ee076bab4da3416c2c5808f730cb316c28baef7
763e2dadfdd286a51327cd2000ca335e30cd0b9b7267875d22ca33f7556ba200
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12146
Expires: Sun, 02 Oct 2022 21:35:26 GMT
Date: Sun, 02 Oct 2022 18:13:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.51200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.51:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 59970c86d3717db509a968eaad0da4de.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: gM1l2SbXKkP7KY7Qd-DskPUiS_o8UCHmAcYeKPDGC1uNWoRCk42HyQ==
age: 52784
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 18:13:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.165.201.83200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.165.201.83:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Cache-Control, Alert, Last-Modified, Backoff, Retry-After, Expires, Content-Length, Pragma, ETag
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 02 Oct 2022 17:32:53 GMT
Expires: Sun, 02 Oct 2022 17:43:53 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1872df29670137f21773bdb80da38e36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: GLltk24cGbNYblySdA0SJ8NyWAt3IMOZiTGdajcsn7d-WfQySPfSKA==
Age: 2407
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4432
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:13:00 GMT
Last-Modified: Sun, 02 Oct 2022 16:59:09 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
21.us.findthewind.xyz/feed/?link=true&tid=21&subid=21.2_nojs.us.chrome.&ref=t1.lowtid.com&s1=6339d49b544c5c04383d1980
23.235.251.114301 Moved Permanently 0 B URL HTTP/1.1 21.us.findthewind.xyz/feed/?link=true&tid=21&subid=21.2_nojs.us.chrome.&ref=t1.lowtid.com&s1=6339d49b544c5c04383d1980
IP 23.235.251.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /feed/?link=true&tid=21&subid=21.2_nojs.us.chrome.&ref=t1.lowtid.com&s1=6339d49b544c5c04383d1980 HTTP/1.1
Host: 21.us.findthewind.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache
Location: https://redir.findthewind.xyz/click/invalid/?tid=21&subid=21.2_nojs.us.chrome.
Date: Sun, 02 Oct 2022 18:13:00 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
push.services.mozilla.com/
52.39.175.179101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.175.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: N0flLnP6VY2rxhitzSkN3g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FZCcbX9J7QX/itFgEia94Ouwois=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c7b504109b9f38f9119ad270d108a1cb
c328c6550fadb8b43e178788fc5dd3702115bba6
83bdf6ba675cf17f8fc1e5d646b81c62b137e18f98d9cbb602eeb4e067fb3d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83BDF6BA675CF17F8FC1E5D646B81C62B137E18F98D9CBB602EEB4E067FB3D16"
Last-Modified: Fri, 30 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2385
Expires: Sun, 02 Oct 2022 18:52:46 GMT
Date: Sun, 02 Oct 2022 18:13:01 GMT
Connection: keep-alive
redir.findthewind.xyz/click/invalid/?tid=21&subid=21.2_nojs.us.chrome.
198.211.113.186302 Found 246 B URL HTTP/1.1 redir.findthewind.xyz/click/invalid/?tid=21&subid=21.2_nojs.us.chrome.
IP 198.211.113.186:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document, ASCII text, with no line terminators
Hash d5dae073cb082e3956b697edf40e9368
b83b47d26514de2cfad3d7857cef2e02280750fd
be9bce3300a0af15f9e3e04a517c1804ffd3aba3ad6c781446e492fadb221bd8
GET /click/invalid/?tid=21&subid=21.2_nojs.us.chrome. HTTP/1.1
Host: redir.findthewind.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
X-Powered-By: Express
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: 0
Location: https://t4.coolnovemberbreeze.com/f.php?p=c:hzxytre66499i6lsi&d=63298cc2710a0b70b05d1c4a&s=21
Vary: Accept
Content-Type: text/html; charset=utf-8
Content-Length: 246
Date: Sun, 02 Oct 2022 18:13:01 GMT
Connection: keep-alive
Keep-Alive: timeout=5
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1266ff3bc35358dfcd354354942e4647
04e65282000b33a765f745b05e4660ea757602db
6879ba404adcbf1318119ecbc61fb97bfe859afa03b36daeca980b8ef93e1fea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6879BA404ADCBF1318119ECBC61FB97BFE859AFA03B36DAECA980B8EF93E1FEA"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4310
Expires: Sun, 02 Oct 2022 19:24:51 GMT
Date: Sun, 02 Oct 2022 18:13:01 GMT
Connection: keep-alive
t4.coolnovemberbreeze.com/f.php?p=c:hzxytre66499i6lsi&d=63298cc2710a0b70b05d1c4a&s=21
51.161.115.163302 Found 0 B URL HTTP/1.1 t4.coolnovemberbreeze.com/f.php?p=c:hzxytre66499i6lsi&d=63298cc2710a0b70b05d1c4a&s=21
IP 51.161.115.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f.php?p=c:hzxytre66499i6lsi&d=63298cc2710a0b70b05d1c4a&s=21 HTTP/1.1
Host: t4.coolnovemberbreeze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 02 Oct 2022 18:13:01 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 11z4et6zdy
Raund: 1l0
Location: https://8.us.findthewnd.xyz/feed/?link=true&tid=8&subid=8k.no&ref=&s1=6339d4ad301b413d09750d65
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10274
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 18:13:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edded48f558f739287a040151349ef67
d63b6ba630736d32c364b0e6a369274b2389b7ff
33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:35 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
content-type: image/jpeg
age: 73166
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 463bdcfbec5426e18ecef83b1c373b71
2e533332ee5c49143e58dad32ee3717a39179532
2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:54:45 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
content-type: image/jpeg
age: 73096
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:39 GMT
age: 48682
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9dddb9d84a16a3004821d89836b83dc3
087521979efd5936416fd7f030779fa5725f0a8f
a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6871
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOGp2IAMFxSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:35 GMT
age: 73166
etag: "087521979efd5936416fd7f030779fa5725f0a8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fcf832b-84d6-4938-a540-280bf3205df1.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fcf832b-84d6-4938-a540-280bf3205df1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b11c8ecfed53e302ab48fa5f757513a4
b3cb36455b3cb0a160c705958add6c422a0a48a2
fb66239038dddd134d3c5c7a656c91c57737bc784fabefe15a5ef2981e68e2b0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fcf832b-84d6-4938-a540-280bf3205df1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9012
x-amzn-requestid: 4ea2bfb1-fc99-4777-aa98-0605d4a704ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpmEBlIAMFj2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-039358f5691f895941f485fd;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -zAvZvugUNsIscx7YT34xPY-AiaxduJGMkM23GqxSvfl0EmqWOmysA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:52:38 GMT
age: 73223
etag: "b3cb36455b3cb0a160c705958add6c422a0a48a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6047192460abf4afd600948abb5e6ee1
6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4
d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:47:23 GMT
age: 73538
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d6060fdd9c27ba8acc4ace8fe5d0dba
7e4741f88810573ddc06319d90059a07bdae5aa6
ac4ce7254f9776c852d8bcf6900abf145f16cd6e8f1ba91c47105c58ca431afa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC4CE7254F9776C852D8BCF6900ABF145F16CD6E8F1BA91C47105C58CA431AFA"
Last-Modified: Fri, 30 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 03 Oct 2022 00:13:02 GMT
Date: Sun, 02 Oct 2022 18:13:02 GMT
Connection: keep-alive
8.us.findthewnd.xyz/feed/?link=true&tid=8&subid=8k.no&ref=&s1=6339d4ad301b413d09750d65
23.235.251.114301 Moved Permanently 0 B URL HTTP/1.1 8.us.findthewnd.xyz/feed/?link=true&tid=8&subid=8k.no&ref=&s1=6339d4ad301b413d09750d65
IP 23.235.251.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /feed/?link=true&tid=8&subid=8k.no&ref=&s1=6339d4ad301b413d09750d65 HTTP/1.1
Host: 8.us.findthewnd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache
Location: https://redir.findthewind.xyz/click/invalid/?tid=8&subid=8k.no
Date: Sun, 02 Oct 2022 18:13:03 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
redir.findthewind.xyz/click/invalid/?tid=8&subid=8k.no
198.211.113.186302 Found 234 B URL HTTP/1.1 redir.findthewind.xyz/click/invalid/?tid=8&subid=8k.no
IP 198.211.113.186:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document, ASCII text, with no line terminators
Hash ec5db86b65bb94d1ae856c7ef84ada1e
14cb402b710327b35e5e2cc315cf3e9b18718223
682fdb61228205f6ff34d48ee6229e0ab0f086f9c7c6ec2d53b812c9fff3aa57
GET /click/invalid/?tid=8&subid=8k.no HTTP/1.1
Host: redir.findthewind.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
X-Powered-By: Express
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: 0
Location: https://mono.trffcsource.com/z.php?p=c:9qopki6xxt24fkzm4&d=620239e89b29133e2933cceb&s=8
Vary: Accept
Content-Type: text/html; charset=utf-8
Content-Length: 234
Date: Sun, 02 Oct 2022 18:13:03 GMT
Connection: keep-alive
Keep-Alive: timeout=5
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff3e3941221458a17787521193edab8b
6a7c586e625d2c873ac2f13b678285ff5a6aadf5
158e051563a36831098db5caabe99c436f9632d208b2e8e2a9c2bee72a149cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "158E051563A36831098DB5CAABE99C436F9632D208B2E8E2A9C2BEE72A149CAC"
Last-Modified: Fri, 30 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2419
Expires: Sun, 02 Oct 2022 18:53:22 GMT
Date: Sun, 02 Oct 2022 18:13:03 GMT
Connection: keep-alive
mono.trffcsource.com/z.php?p=c:9qopki6xxt24fkzm4&d=620239e89b29133e2933cceb&s=8
51.83.143.92302 Found 0 B URL HTTP/1.1 mono.trffcsource.com/z.php?p=c:9qopki6xxt24fkzm4&d=620239e89b29133e2933cceb&s=8
IP 51.83.143.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /z.php?p=c:9qopki6xxt24fkzm4&d=620239e89b29133e2933cceb&s=8 HTTP/1.1
Host: mono.trffcsource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 02 Oct 2022 18:13:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 12l0ammm1d
Raund: 25e
Location: https://pdxx-7fmavzpxk2xlm-4-2.lowsea.fun/emw/v1/dt?sid=888.no.firefox.&k=bfb&url=&xrw=&lid=6339d4af495d8750f4661d17&fid=888
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 222ff742759cfdba170c6f1882c62c10
5e33b6215d3a6f9e6c80e71646673c65b234cf94
b096be15a77f218dcda2ccdd6ff4f274e4ef937f8fbeddb0b250ec6b378373a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B096BE15A77F218DCDA2CCDD6FF4F274E4EF937F8FBEDDB0B250EC6B378373A3"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2254
Expires: Sun, 02 Oct 2022 18:50:37 GMT
Date: Sun, 02 Oct 2022 18:13:03 GMT
Connection: keep-alive
pdxx-7fmavzpxk2xlm-4-2.lowsea.fun/emw/v1/dt?sid=888.no.firefox.&k=bfb&url=&xrw=&lid=6339d4af495d8750f4661d17&fid=888
5.161.78.177307 Temporary Redirect 164 B URL HTTP/2 pdxx-7fmavzpxk2xlm-4-2.lowsea.fun/emw/v1/dt?sid=888.no.firefox.&k=bfb&url=&xrw=&lid=6339d4af495d8750f4661d17&fid=888
IP 5.161.78.177:0
ASN #213230 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 813f9846b49c0ada805648edf1b2fdbd
caa24890460f73e6a72bb49426351e67e83b053d
8f03491247cbfa8a2e60e0f7ec62d63b5070659f60383a1c81abeb2b20221be3
GET /emw/v1/dt?sid=888.no.firefox.&k=bfb&url=&xrw=&lid=6339d4af495d8750f4661d17&fid=888 HTTP/1.1
Host: pdxx-7fmavzpxk2xlm-4-2.lowsea.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
date: Sun, 02 Oct 2022 18:13:03 GMT
content-type: text/html
content-length: 164
location: https://cola.trffclb.com/a.php?p=c:xecd97ulmxry7e481&d=62ff4322ec41a549b07c0d74&pid=6339d4af495d8750f4661d17&source=888.no.firefox.
set-cookie: emwxcid_4_1=J30RdCK1xKs9BnD09vVDtaTt4nFBFoA8elil9FlDpCTGrJUlZu; expires=Mon, Oct 02 2023 18:13:03 GMT; Max-Age=31536000; path=/; domain=lowsea.fun; SameSite=Lax
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff3e3941221458a17787521193edab8b
6a7c586e625d2c873ac2f13b678285ff5a6aadf5
158e051563a36831098db5caabe99c436f9632d208b2e8e2a9c2bee72a149cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "158E051563A36831098DB5CAABE99C436F9632D208B2E8E2A9C2BEE72A149CAC"
Last-Modified: Fri, 30 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2418
Expires: Sun, 02 Oct 2022 18:53:22 GMT
Date: Sun, 02 Oct 2022 18:13:04 GMT
Connection: keep-alive
cola.trffclb.com/a.php?p=c:xecd97ulmxry7e481&d=62ff4322ec41a549b07c0d74&pid=6339d4af495d8750f4661d17&source=888.no.firefox.
51.83.143.92302 Found 0 B URL HTTP/1.1 cola.trffclb.com/a.php?p=c:xecd97ulmxry7e481&d=62ff4322ec41a549b07c0d74&pid=6339d4af495d8750f4661d17&source=888.no.firefox.
IP 51.83.143.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /a.php?p=c:xecd97ulmxry7e481&d=62ff4322ec41a549b07c0d74&pid=6339d4af495d8750f4661d17&source=888.no.firefox. HTTP/1.1
Host: cola.trffclb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 02 Oct 2022 18:13:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 12auco2bgv
Raund: 2h2
Location: https://4.us.findthewind.xyz/feed/?link=true&tid=4&subid=4.no&ref=&s1=6339d4b04662a1731219385d
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ca5090bf97ec5527583929d76b5c8a4
80734f7becd3a2f126b517d989b0b34d0eeef52d
845c11d38c3253a6ecb800a7bf029a05a59ec37386050ed6d3b61ea7b5b31c4e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "845C11D38C3253A6ECB800A7BF029A05A59EC37386050ED6D3B61EA7B5B31C4E"
Last-Modified: Fri, 30 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2727
Expires: Sun, 02 Oct 2022 18:58:31 GMT
Date: Sun, 02 Oct 2022 18:13:04 GMT
Connection: keep-alive
4.us.findthewind.xyz/feed/?link=true&tid=4&subid=4.no&ref=&s1=6339d4b04662a1731219385d
23.235.251.114301 Moved Permanently 0 B URL HTTP/1.1 4.us.findthewind.xyz/feed/?link=true&tid=4&subid=4.no&ref=&s1=6339d4b04662a1731219385d
IP 23.235.251.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /feed/?link=true&tid=4&subid=4.no&ref=&s1=6339d4b04662a1731219385d HTTP/1.1
Host: 4.us.findthewind.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache
Location: https://redir.findthewind.xyz/click/invalid/?tid=4&subid=4.no
Date: Sun, 02 Oct 2022 18:13:05 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
redir.findthewind.xyz/click/invalid/?tid=4&subid=4.no
198.211.113.186302 Found 230 B URL HTTP/1.1 redir.findthewind.xyz/click/invalid/?tid=4&subid=4.no
IP 198.211.113.186:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document, ASCII text, with no line terminators
Hash 7ef6d31c814979bd842f5e6f09cfb7bd
4f9fa32f92cbc28d74e40dad8f216379df418ce6
96c1f5b72cb60e7e91cd1d2d542c492e3148b180736ed3fcb36d45a84f454525
GET /click/invalid/?tid=4&subid=4.no HTTP/1.1
Host: redir.findthewind.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
X-Powered-By: Express
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: 0
Location: https://leche.labtrffc.com/p.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240?s=nxs-4
Vary: Accept
Content-Type: text/html; charset=utf-8
Content-Length: 230
Date: Sun, 02 Oct 2022 18:13:05 GMT
Connection: keep-alive
Keep-Alive: timeout=5
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff3e3941221458a17787521193edab8b
6a7c586e625d2c873ac2f13b678285ff5a6aadf5
158e051563a36831098db5caabe99c436f9632d208b2e8e2a9c2bee72a149cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "158E051563A36831098DB5CAABE99C436F9632D208B2E8E2A9C2BEE72A149CAC"
Last-Modified: Fri, 30 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2417
Expires: Sun, 02 Oct 2022 18:53:22 GMT
Date: Sun, 02 Oct 2022 18:13:05 GMT
Connection: keep-alive
leche.labtrffc.com/p.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240?s=nxs-4
51.83.143.92302 Found 0 B URL HTTP/1.1 leche.labtrffc.com/p.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240?s=nxs-4
IP 51.83.143.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240?s=nxs-4 HTTP/1.1
Host: leche.labtrffc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 02 Oct 2022 18:13:05 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round:
Raund:
Location: https://popmyads.com/serve/52264/48075/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxLmNvbQ==
www.linkonclick.com/jump/next.php?r=1041905&sub1=0480754100
35.186.193.41200 OK 2.7 kB URL HTTP/1.1 www.linkonclick.com/jump/next.php?r=1041905&sub1=0480754100
IP 35.186.193.41:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ad3746d4aeaa93451bc08b00b06bba87
edb306d035aa297d9c74e7dd06054c96a5c80e98
3f60f7ec9fcf3cd04cf92e9ec8732d9a43e712dfc9efa26d635e0f9f528795de
GET /jump/next.php?r=1041905&sub1=0480754100 HTTP/1.1
Host: www.linkonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 02 Oct 2022 18:13:06 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
www.linkonclick.com/jump/next.php?stamat=m%257C%252C843YvYhfrB1dQO0dEdHP3xP.b3e%252CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM_BphBdocjrKUrMYrevoV7Wyk6mIESEJQwPDLU8cS7kqg%252C%252C&cbpage=http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0480754100&cbur=0.38477844174055564&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
35.186.193.41302 Moved Temporarily 1 B URL HTTP/1.1 www.linkonclick.com/jump/next.php?stamat=m%257C%252C843YvYhfrB1dQO0dEdHP3xP.b3e%252CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM_BphBdocjrKUrMYrevoV7Wyk6mIESEJQwPDLU8cS7kqg%252C%252C&cbpage=http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0480754100&cbur=0.38477844174055564&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
IP 35.186.193.41:0
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /jump/next.php?stamat=m%257C%252C843YvYhfrB1dQO0dEdHP3xP.b3e%252CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM_BphBdocjrKUrMYrevoV7Wyk6mIESEJQwPDLU8cS7kqg%252C%252C&cbpage=http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0480754100&cbur=0.38477844174055564&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref= HTTP/1.1
Host: www.linkonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Sun, 02 Oct 2022 18:13:06 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Location: http://www.linkonclick.com/script/i.php?stamat=m%257C%252C%252CAiIy4jaXoGU3B_-GH0dEdHP3xP.6c3%252CMDRwx7xqzmszNKoIVrupGmLsJ5XOyjI0wPAEY8xX5VUFpRH4Ay4VYdxuN_8_JbpSTCdZBGn9j2f5je0EcUJ5ts4bqhOrHFHsslgwt8YInSBmzBmR__uRq9brA0wt2R3bfB8caPsXq8gL-_fgS5IyJT1Quph-zz8anC12OU8g3MqjpGgkgnbwuuB35k2zJdsASeDzSMGfj58qm5UoNFkpRkt5BGneHY1sbrh7MVhy7IcG0b6VsMX-aw0ws2fQJO61cMur_5z6w8yvrHhweks5hzoQ4y2-cTURWlR9qtxMcMnq0jwNFGq46uuF1SROGrVYuen4FZa_2qfpHEk106mqDl5TTj7ayTQfxgyOdWiXZu7LJX8tMEawegnvxk6-ukBQNBqQE890qB523SDLYR628KN27oTVzBP6mPG2eX0kF03FzJhU2hWzc52jBIPR8r3i5MSg8d73Zno90fPy0aOFe8MJU5PSQefQXFYZfVmsc3dZl_WeZTftDlKUa4F7maaDQe_yV_Uq-USCnck77xgC9m95VqH9Ylz0CuiFhCUkAxOklKriOECexvTvf_aCKvLX
Via: 1.1 google
www.linkonclick.com/script/i.php?stamat=m%257C%252C%252CAiIy4jaXoGU3B_-GH0dEdHP3xP.6c3%252CMDRwx7xqzmszNKoIVrupGmLsJ5XOyjI0wPAEY8xX5VUFpRH4Ay4VYdxuN_8_JbpSTCdZBGn9j2f5je0EcUJ5ts4bqhOrHFHsslgwt8YInSBmzBmR__uRq9brA0wt2R3bfB8caPsXq8gL-_fgS5IyJT1Quph-zz8anC12OU8g3MqjpGgkgnbwuuB35k2zJdsASeDzSMGfj58qm5UoNFkpRkt5BGneHY1sbrh7MVhy7IcG0b6VsMX-aw0ws2fQJO61cMur_5z6w8yvrHhweks5hzoQ4y2-cTURWlR9qtxMcMnq0jwNFGq46uuF1SROGrVYuen4FZa_2qfpHEk106mqDl5TTj7ayTQfxgyOdWiXZu7LJX8tMEawegnvxk6-ukBQNBqQE890qB523SDLYR628KN27oTVzBP6mPG2eX0kF03FzJhU2hWzc52jBIPR8r3i5MSg8d73Zno90fPy0aOFe8MJU5PSQefQXFYZfVmsc3dZl_WeZTftDlKUa4F7maaDQe_yV_Uq-USCnck77xgC9m95VqH9Ylz0CuiFhCUkAxOklKriOECexvTvf_aCKvLX
35.186.193.41302 Moved Temporarily 0 B URL HTTP/1.1 www.linkonclick.com/script/i.php?stamat=m%257C%252C%252CAiIy4jaXoGU3B_-GH0dEdHP3xP.6c3%252CMDRwx7xqzmszNKoIVrupGmLsJ5XOyjI0wPAEY8xX5VUFpRH4Ay4VYdxuN_8_JbpSTCdZBGn9j2f5je0EcUJ5ts4bqhOrHFHsslgwt8YInSBmzBmR__uRq9brA0wt2R3bfB8caPsXq8gL-_fgS5IyJT1Quph-zz8anC12OU8g3MqjpGgkgnbwuuB35k2zJdsASeDzSMGfj58qm5UoNFkpRkt5BGneHY1sbrh7MVhy7IcG0b6VsMX-aw0ws2fQJO61cMur_5z6w8yvrHhweks5hzoQ4y2-cTURWlR9qtxMcMnq0jwNFGq46uuF1SROGrVYuen4FZa_2qfpHEk106mqDl5TTj7ayTQfxgyOdWiXZu7LJX8tMEawegnvxk6-ukBQNBqQE890qB523SDLYR628KN27oTVzBP6mPG2eX0kF03FzJhU2hWzc52jBIPR8r3i5MSg8d73Zno90fPy0aOFe8MJU5PSQefQXFYZfVmsc3dZl_WeZTftDlKUa4F7maaDQe_yV_Uq-USCnck77xgC9m95VqH9Ylz0CuiFhCUkAxOklKriOECexvTvf_aCKvLX
IP 35.186.193.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/i.php?stamat=m%257C%252C%252CAiIy4jaXoGU3B_-GH0dEdHP3xP.6c3%252CMDRwx7xqzmszNKoIVrupGmLsJ5XOyjI0wPAEY8xX5VUFpRH4Ay4VYdxuN_8_JbpSTCdZBGn9j2f5je0EcUJ5ts4bqhOrHFHsslgwt8YInSBmzBmR__uRq9brA0wt2R3bfB8caPsXq8gL-_fgS5IyJT1Quph-zz8anC12OU8g3MqjpGgkgnbwuuB35k2zJdsASeDzSMGfj58qm5UoNFkpRkt5BGneHY1sbrh7MVhy7IcG0b6VsMX-aw0ws2fQJO61cMur_5z6w8yvrHhweks5hzoQ4y2-cTURWlR9qtxMcMnq0jwNFGq46uuF1SROGrVYuen4FZa_2qfpHEk106mqDl5TTj7ayTQfxgyOdWiXZu7LJX8tMEawegnvxk6-ukBQNBqQE890qB523SDLYR628KN27oTVzBP6mPG2eX0kF03FzJhU2hWzc52jBIPR8r3i5MSg8d73Zno90fPy0aOFe8MJU5PSQefQXFYZfVmsc3dZl_WeZTftDlKUa4F7maaDQe_yV_Uq-USCnck77xgC9m95VqH9Ylz0CuiFhCUkAxOklKriOECexvTvf_aCKvLX HTTP/1.1
Host: www.linkonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Sun, 02 Oct 2022 18:13:06 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Location: https://goosebomb.com/gogate/etoro/30/index.html?action=166473438610000TNOTV415326358024Vcf
Referrer-Policy: no-referrer
Via: 1.1 google
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a2d3925dad8ae1248c7b5d96220bd00a
8b6326da45860d5f480504e23864de0c28523b61
421d30a538dc347afc7fc8eee0fa6502aa65d789eb2353eb9c9f8bd0c5f3b3d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:13:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-E9QBCJNBNS
142.250.74.168200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-E9QBCJNBNS
IP 142.250.74.168:0
File type ASCII text, with very long lines (18966)
Hash 73945da6e7ffd917e2bafd08295bcfb5
acc3fdf3cad3e0fbf4adf6ffda03a1b92a01caaa
2b0d7bcbae3b6df3f95db59a0b434a7b5abfd418900c25cbf8b1c1e30a637bee
GET /gtag/js?id=G-E9QBCJNBNS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 Oct 2022 18:13:06 GMT
expires: Sun, 02 Oct 2022 18:13:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75000
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 2.9 kB IP 142.250.74.3:0
Hash 96f0da3437069233ec4aabff124c8d4c
04c97f04c399b7ee19eb8573d30ff6df1668b7b1
9fcd089236b68ec882f3278f94e6b4a2fe86f234c36d61d272fabefe87a7d302
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:13:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
med.etoro.com/B15344_A89099_TClick_S166473438610000TNOTV415326358024Vcf.aspx
96.6.17.100301 Moved Permanently 241 B URL HTTP/1.1 med.etoro.com/B15344_A89099_TClick_S166473438610000TNOTV415326358024Vcf.aspx
IP 96.6.17.100:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 9c579797d95d997ce715b5231cac0975
153d6bb3957c695ace745db86b4bed7b83863426
7c376ee371cd67c797fce81c16b7539da0f2f40aa6d4877a2d7450865c7b64b8
GET /B15344_A89099_TClick_S166473438610000TNOTV415326358024Vcf.aspx HTTP/1.1
Host: med.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Content-Length: 241
Location: http://med.etoro.com/aw.aspx?B=15344&A=89099&Task=Click&SubAffiliateID=166473438610000TNOTV415326358024Vcf
X-Robots-Tag: noindex
Expires: Sun, 02 Oct 2022 18:13:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 02 Oct 2022 18:13:07 GMT
Connection: keep-alive
med.etoro.com/aw.aspx?B=15344&A=89099&Task=Click&SubAffiliateID=166473438610000TNOTV415326358024Vcf
96.6.17.100301 Moved Permanently 0 B URL HTTP/1.1 med.etoro.com/aw.aspx?B=15344&A=89099&Task=Click&SubAffiliateID=166473438610000TNOTV415326358024Vcf
IP 96.6.17.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aw.aspx?B=15344&A=89099&Task=Click&SubAffiliateID=166473438610000TNOTV415326358024Vcf HTTP/1.1
Host: med.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://med.etoro.com/aw.aspx?B=15344&A=89099&Task=Click&SubAffiliateID=166473438610000TNOTV415326358024Vcf
Expires: Sun, 02 Oct 2022 18:13:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 02 Oct 2022 18:13:07 GMT
Connection: keep-alive
med.etoro.com/aw.aspx?B=15344&A=89099&Task=Click&SubAffiliateID=166473438610000TNOTV415326358024Vcf
96.6.17.100301 Moved Permanently 0 B URL HTTP/1.1 med.etoro.com/aw.aspx?B=15344&A=89099&Task=Click&SubAffiliateID=166473438610000TNOTV415326358024Vcf
IP 96.6.17.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aw.aspx?B=15344&A=89099&Task=Click&SubAffiliateID=166473438610000TNOTV415326358024Vcf HTTP/1.1
Host: med.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 0
Location: http://pages.etoro.com/social-connect/superlink_English.php?utm_medium=Networks&utm_source=89099&utm_content=0&utm_serial=166473438610000TNOTV415326358024Vcf&utm_campaign=166473438610000TNOTV415326358024Vcf&utm_term=
P3P: CP=`NOI DSP COR NID ADMa OPTa OUR NOR`
X-Robots-Tag: noindex
Expires: Sun, 02 Oct 2022 18:13:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 02 Oct 2022 18:13:07 GMT
Connection: keep-alive
Set-Cookie: ASP.NET_SessionId=qjkt4vxkgvyhunfdpkypj1wa; path=/; HttpOnly; SameSite=Lax
AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166473438610000TNOTV415326358024Vcf&Custom=&ClickDateTime=2022-10-02T18:13:07.1102403Z&UserUniqueIdentifier=; domain=.etoro.com; expires=Thu, 01-Dec-2022 00:00:00 GMT; path=/
AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166473438610000TNOTV415326358024Vcf&Custom=&ClickDateTime=2022-10-02T18:13:07.1102403Z&UserUniqueIdentifier=; domain=.etoro.com.cn; expires=Thu, 01-Dec-2022 00:00:00 GMT; path=/
AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166473438610000TNOTV415326358024Vcf&Custom=&ClickDateTime=2022-10-02T18:13:07.1102403Z&UserUniqueIdentifier=; domain=.etorocn.com.cn; expires=Thu, 01-Dec-2022 00:00:00 GMT; path=/
AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166473438610000TNOTV415326358024Vcf&Custom=&ClickDateTime=2022-10-02T18:13:07.1102403Z&UserUniqueIdentifier=; domain=.etoroasia-securities.com; expires=Thu, 01-Dec-2022 00:00:00 GMT; path=/
AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166473438610000TNOTV415326358024Vcf&Custom=&ClickDateTime=2022-10-02T18:13:07.1102403Z&UserUniqueIdentifier=; domain=.etoroasia.cn; expires=Thu, 01-Dec-2022 00:00:00 GMT; path=/
AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166473438610000TNOTV415326358024Vcf&Custom=&ClickDateTime=2022-10-02T18:13:07.1102403Z&UserUniqueIdentifier=; domain=.etoroasia.com; expires=Thu, 01-Dec-2022 00:00:00 GMT; path=/
AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166473438610000TNOTV415326358024Vcf&Custom=&ClickDateTime=2022-10-02T18:13:07.1102403Z&UserUniqueIdentifier=; domain=.etoroasia.com.cn; expires=Thu, 01-Dec-2022 00:00:00 GMT; path=/
AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166473438610000TNOTV415326358024Vcf&Custom=&ClickDateTime=2022-10-02T18:13:07.1102403Z&UserUniqueIdentifier=; domain=.etoroasia-Investing.com; expires=Thu, 01-Dec-2022 00:00:00 GMT; path=/
RequestURL=URL=http://med.etoro.com/aw.aspx?b=15344&a=89099&task=click&subaffiliateid=166473438610000tnotv415326358024vcf; domain=.etoro.com; expires=Tue, 01-Nov-2022 00:00:00 GMT; path=/
pages.etoro.com/social-connect/superlink_English.php?utm_medium=Networks&utm_source=89099&utm_content=0&utm_serial=166473438610000TNOTV415326358024Vcf&utm_campaign=166473438610000TNOTV415326358024Vcf&utm_term=
104.18.35.149301 Moved Permanently 0 B URL HTTP/1.1 pages.etoro.com/social-connect/superlink_English.php?utm_medium=Networks&utm_source=89099&utm_content=0&utm_serial=166473438610000TNOTV415326358024Vcf&utm_campaign=166473438610000TNOTV415326358024Vcf&utm_term=
IP 104.18.35.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /social-connect/superlink_English.php?utm_medium=Networks&utm_source=89099&utm_content=0&utm_serial=166473438610000TNOTV415326358024Vcf&utm_campaign=166473438610000TNOTV415326358024Vcf&utm_term= HTTP/1.1
Host: pages.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 02 Oct 2022 18:13:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 02 Oct 2022 19:13:07 GMT
Location: https://pages.etoro.com/social-connect/superlink_English.php?utm_medium=Networks&utm_source=89099&utm_content=0&utm_serial=166473438610000TNOTV415326358024Vcf&utm_campaign=166473438610000TNOTV415326358024Vcf&utm_term=
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Set-Cookie: __cf_bm=jrn7N8qDXnMapmP0d6p_92FnWZn04xziT8MgBDz1uE4-1664734387-0-AUOmqdPHzPTMj3hsuqdkqRpIi9t70tzjtMrPIs+YtNP4VFdGsZI10bkdU3iITPrw83ovXhigNrUCqQYyD7R3KOJqbp4Ql+Nzqn6XuFS/yXO4; path=/; expires=Sun, 02-Oct-22 18:43:07 GMT; domain=.etoro.com; HttpOnly; SameSite=None
__cfruid=ebe434ea81ab25f6f33b364388d4ac581ac3bdc3-1664734387; path=/; domain=.etoro.com; HttpOnly
Server: cloudflare
CF-RAY: 753f68ffcccdb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn.cookielaw.org/consent/f72d065d-437e-4ee9-87c6-475882c9f118/OtAutoBlock.js
104.16.149.64200 OK 2.1 kB URL HTTP/2 cdn.cookielaw.org/consent/f72d065d-437e-4ee9-87c6-475882c9f118/OtAutoBlock.js
IP 104.16.149.64:0
File type ASCII text, with very long lines (2829)
Hash b9eadb6d05b9bafe419aa99f68097df2
d850dc819264475c6d1cbe6e8419a1016a659db2
a4592788dd762df3672b970f81802bf8325dfca74ed394118867bc4946983f61
GET /consent/f72d065d-437e-4ee9-87c6-475882c9f118/OtAutoBlock.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:07 GMT
content-type: application/x-javascript
content-length: 2072
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: uerbbQW5uv5BmqmfaAl98g==
last-modified: Tue, 14 Dec 2021 12:34:46 GMT
etag: 0x8D9BEFE1D111A88
x-ms-request-id: f237f594-901e-0118-62e7-f0b326000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 758
expires: Sun, 02 Oct 2022 22:13:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 753f6902399e1c06-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
104.16.149.64200 OK 7.2 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP 104.16.149.64:0
File type ASCII text, with very long lines (21747)
Hash cef0e6a73f52f72e73d57867726399ff
2611e0920611a653446508e5f3de017900cc49f2
97cc12a095136523b16da09953e6f3e405b658978cb37cbc3d3ccb9f94faf0a6
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:07 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: zvDmpz9S9y5z1XhncmOZ/w==
last-modified: Fri, 30 Sep 2022 15:54:02 GMT
etag: 0x8DAA2FBFF307DCE
x-ms-request-id: 0f456457-501e-0163-1a00-d5d896000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 1789
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 753f690229931c06-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a2d3925dad8ae1248c7b5d96220bd00a
8b6326da45860d5f480504e23864de0c28523b61
421d30a538dc347afc7fc8eee0fa6502aa65d789eb2353eb9c9f8bd0c5f3b3d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:13:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
marketing.etorostatic.com/cache1/assets/css/onetrust.css
23.38.201.117200 OK 2.7 kB URL HTTP/2 marketing.etorostatic.com/cache1/assets/css/onetrust.css
IP 23.38.201.117:0
File type ASCII text, with very long lines (885)
Hash b3f403de6d79b34f32dba5e4effaabc2
7b436b6060e88daf19f12bd27cbe2533d25a2343
3ec0cde05873dde93c16f4b4f3b7ca7e236ba4e82ab595ee8f13b959f5b2813a
GET /cache1/assets/css/onetrust.css HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7vqiIPn64ptqVNwIM1fvJGjbv11IUdsOT6JKR8Cyxsr81DT/4uax9s7iGzI7fTeV0SwX20GmqJE=
x-amz-request-id: Z3V5BX28EG5962WS
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Jun 2022 12:30:17 GMT
etag: "66e8b2c112ebb5bb9b4fc326d3d5f87b"
x-amz-meta-sha256: 55c8a3b763077bf16466a3a9af5b7e5b2baba7d345cd90b50403058a633bda48
x-amz-meta-s3b-last-modified: 20220616T122823Z
x-amz-version-id: Qcu9.b5PJ70a2SNFK2gJjtsbcFrk1Lur
accept-ranges: bytes
content-type: text/css
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
content-length: 2655
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t1-3.png
23.38.201.117200 OK 32 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t1-3.png
IP 23.38.201.117:0
File type PNG image data, 450 x 392, 8-bit colormap, non-interlaced\012- data
Hash f61c9d2ed729320b71af181ff331cb79
182f5c37accdde48b36e7803de6251cc92319b86
11cf27e9710e187df6c25c3ed4ce130f8d35d9126dbacd711f68b0d2b7996763
GET /cache1/hp/v_250/images/instruments/t1-3.png HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 92R24GLatFUU0eh05veMnGqcA2KrIVfsdBz9zWssCytuT0e3Lb7tPc2v9A+iyx7fTZjRCEWnHVc=
x-amz-request-id: BJSJMDWMK7ZCK773
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:23 GMT
etag: "f61c9d2ed729320b71af181ff331cb79"
x-amz-meta-sha256: 11cf27e9710e187df6c25c3ed4ce130f8d35d9126dbacd711f68b0d2b7996763
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: YkW8_gVG77z0IkOnT2pWi2camXx3AgiY
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 31786
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t2-1.png
23.38.201.117200 OK 11 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t2-1.png
IP 23.38.201.117:0
File type PNG image data, 744 x 504, 8-bit colormap, non-interlaced\012- data
Hash 5a95a095169c27431449bf549b99993d
91a11cffc857dcaa2b38fa901423b227870ac1e4
681caf8f93ff1be67796803a478cd4cb5df61fc228bd7388056599430d44a708
GET /cache1/hp/v_250/images/instruments/t2-1.png HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: K4TQrvgv6tHAKlL+ySccGF7oIFbHIm62RTqZ2kB54E9ph5Z0n4O9Fr37Li7vBlcPNEqBlNn15Zg=
x-amz-request-id: BJSS8ZSZ4K6J87Q8
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:24 GMT
etag: "5a95a095169c27431449bf549b99993d"
x-amz-meta-sha256: 681caf8f93ff1be67796803a478cd4cb5df61fc228bd7388056599430d44a708
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: 6s15Jbvt_YhVTfS.Qm19BI1gvokKxcHz
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 11234
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t2bg.jpg
23.38.201.117200 OK 67 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t2bg.jpg
IP 23.38.201.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1933x1230, components 3\012- data
Hash 19c57357b906758af6469a6b2a2c8846
e360a5922a6d44ca6066ff5dff01ef2440fd7368
358be7efee5b5551b4c5a7d977226283bfc40d89b01417e354aa1bfc098da8a2
GET /cache1/hp/v_250/images/instruments/t2bg.jpg HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: CzOhkgu5Y0R6HoaBI3spOEsIC0ULFFWfQP/StDzqj7O8zeKrbqTF2gmrAiXeQrLylU+M0/ANeRM=
x-amz-request-id: BJSZ59B0WDG7GH0E
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:25 GMT
etag: "19c57357b906758af6469a6b2a2c8846"
x-amz-meta-sha256: 358be7efee5b5551b4c5a7d977226283bfc40d89b01417e354aa1bfc098da8a2
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: RNRY.bWk105UAkjO4Db33xjz7lHZilcf
accept-ranges: bytes
content-type: image/jpeg
server: AmazonS3
content-length: 66908
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t2-2.png
23.38.201.117200 OK 21 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t2-2.png
IP 23.38.201.117:0
File type PNG image data, 668 x 938, 8-bit colormap, non-interlaced\012- data
Hash beb13238cf465f668c413a022f5633c8
31760dac17b8e58942c79708a4616c3a1df4b233
88e45ef77d50a2091ec00708b669d6d306bf4dc8ea78984a2a9bc14318abe6db
GET /cache1/hp/v_250/images/instruments/t2-2.png HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: ky3vrANJhtTj+F60HsRTmFy7QMNFEWRYKVWaE2DyXeaBTBmkZn6svQRqLkPAK6t0vCsNwJQ9vwY=
x-amz-request-id: BJSN4THC2967ZG2T
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:24 GMT
etag: "beb13238cf465f668c413a022f5633c8"
x-amz-meta-sha256: 88e45ef77d50a2091ec00708b669d6d306bf4dc8ea78984a2a9bc14318abe6db
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: 42HIJXJNQSkchYiJUGINB9CQEa72HNtD
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 21388
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t2-2a.png
23.38.201.117200 OK 1.5 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t2-2a.png
IP 23.38.201.117:0
File type PNG image data, 136 x 132, 8-bit colormap, non-interlaced\012- data
Hash 6bedb1b3afc69447f7ea0c00993b53a8
1281f1fd5df23a9a19bd8573619007d04f6047ac
55900142e5def76acbb70acdb21d824b8b06f6d90a9a52fee556a5c3d3e1dab4
GET /cache1/hp/v_250/images/instruments/t2-2a.png HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Ufl333+IK+sRnq39yz/zLZBDDGAqJ3hqjeULNbOsy81coHYrh0pPuwNsCqrWwdm0Uvjiqbr3ti0=
x-amz-request-id: BJSJSH4E3B2X317K
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:24 GMT
etag: "6bedb1b3afc69447f7ea0c00993b53a8"
x-amz-meta-sha256: 55900142e5def76acbb70acdb21d824b8b06f6d90a9a52fee556a5c3d3e1dab4
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: uxnagM4KgutOS.DThfIN7h9TDKtsInO0
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 1473
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t3-2.png
23.38.201.117200 OK 21 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t3-2.png
IP 23.38.201.117:0
File type PNG image data, 436 x 390, 8-bit colormap, non-interlaced\012- data
Hash dad8f4f5e1f7c6afaa7a1d02bbad4aae
7c47738ec815ba441c70d30967035c1a2c3a34ff
82d364f0c185402cc8da9b63d834ba5056a6e814d452879c1df6cd9cfbf8d2b5
GET /cache1/hp/v_250/images/instruments/t3-2.png HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: vYYw4/nX6J0XwQyBd7Bxo8ppBa11euWIhuDvwJG3+nyQlemDKpJ4ol5vRCRWMd3J1rhCuy9Zzfk=
x-amz-request-id: BJSG6VSZV3NPRZZ5
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:25 GMT
etag: "dad8f4f5e1f7c6afaa7a1d02bbad4aae"
x-amz-meta-sha256: 82d364f0c185402cc8da9b63d834ba5056a6e814d452879c1df6cd9cfbf8d2b5
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: .ea0J.LF3Tey.FSpyPfEDCWl6aYThAFP
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 21261
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t1-2.png
23.38.201.117200 OK 115 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t1-2.png
IP 23.38.201.117:0
File type PNG image data, 588 x 638, 8-bit colormap, non-interlaced\012- data
Size 115 kB (115422 bytes)
Hash a0edff04cdbe03fe84f35b2368beedd9
6231c9d9265502517533892d8a0f42d5790c0310
51a46214b92336ada7340f10305a167388d3421a6cd322090db15d5703dfa7d7
GET /cache1/hp/v_250/images/instruments/t1-2.png HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: CLncvM4L18ZkiKjHvjGrOYpGKksF2UJqMLsRtr7/JixW0QqS6mNX7SWENSlm9Aj8le9WdCqQ7XM=
x-amz-request-id: BJSTAV1CC0CZR8SW
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:23 GMT
etag: "a0edff04cdbe03fe84f35b2368beedd9"
x-amz-meta-sha256: 51a46214b92336ada7340f10305a167388d3421a6cd322090db15d5703dfa7d7
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: gsLHL9_akY3qvzziYmuZ43tVdbQ8cOch
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 115422
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=GTM-55ZB4XN
142.250.74.46200 OK 42 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=GTM-55ZB4XN
IP 142.250.74.46:0
File type ASCII text, with very long lines (2039)
Hash bb1d90475c4f7040fa8e152a28786b7b
caa840bb87e64a0f609e6cf02fd6c05375df93ff
0b3cfaf6979b701190800fb0a54491097b2700b7aa6ced7c5b1866418f605a27
GET /optimize.js?id=GTM-55ZB4XN HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 Oct 2022 18:13:07 GMT
expires: Sun, 02 Oct 2022 18:13:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41663
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-E9QBCJNBNS>m=2oe9s0&_p=296095856&cid=817332929.1664734387&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664734386&sct=1&seg=0&dl=https%3A%2F%2Fgoosebomb.com%2Fgogate%2Fetoro%2F30%2Findex.html%3Faction%3D166473438610000TNOTV415326358024Vcf&dt=loading...&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-E9QBCJNBNS>m=2oe9s0&_p=296095856&cid=817332929.1664734387&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664734386&sct=1&seg=0&dl=https%3A%2F%2Fgoosebomb.com%2Fgogate%2Fetoro%2F30%2Findex.html%3Faction%3D166473438610000TNOTV415326358024Vcf&dt=loading...&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-E9QBCJNBNS>m=2oe9s0&_p=296095856&cid=817332929.1664734387&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664734386&sct=1&seg=0&dl=https%3A%2F%2Fgoosebomb.com%2Fgogate%2Fetoro%2F30%2Findex.html%3Faction%3D166473438610000TNOTV415326358024Vcf&dt=loading...&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: null
date: Sun, 02 Oct 2022 18:13:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t3bg.jpg
23.38.201.117200 OK 59 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t3bg.jpg
IP 23.38.201.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1933x1230, components 3\012- data
Hash 6d94c8cb40dfa33fccc8b4800f2c7e0e
745c0d98d4cde90d8717feadfa120e0cc20dab1f
a0bb83d719f2fdf76bae2c031b6a10875676bf1d0c47dae43c8182b7b8f95eda
GET /cache1/hp/v_250/images/instruments/t3bg.jpg HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: XyBWTcKB6ZnhqlKK/cUvo3Mkusx8tebxk8v4iJZ1SngSydT4rYfmHqKA1NPou6jsVLdVHFTSpuc=
x-amz-request-id: BJSW4ZMF254PA5ET
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:26 GMT
etag: "6d94c8cb40dfa33fccc8b4800f2c7e0e"
x-amz-meta-sha256: a0bb83d719f2fdf76bae2c031b6a10875676bf1d0c47dae43c8182b7b8f95eda
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: pyA8G.VrAE4shNTZPyu3hFkUKsSZGk39
accept-ranges: bytes
content-type: image/jpeg
server: AmazonS3
content-length: 59017
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t3-3.png
23.38.201.117200 OK 11 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t3-3.png
IP 23.38.201.117:0
File type PNG image data, 322 x 432, 8-bit colormap, non-interlaced\012- data
Hash b7322c639dcf276550e310727cf76893
136b5f1a82788708f04b74a30fcefdadaff00e43
6123cab143cf8d85ef530972afd495cac11d35c417b90d8ec05724db5bd4bd3c
GET /cache1/hp/v_250/images/instruments/t3-3.png HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: ynBcBZLuM0g8KM2F3SRl5wWRChG7u8muIqcCU58ccgoEdfV0x23Je45/tjxzNW1Pv46uF30VAQQ=
x-amz-request-id: BJSN68QDJ2WRDK40
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:26 GMT
etag: "b7322c639dcf276550e310727cf76893"
x-amz-meta-sha256: 6123cab143cf8d85ef530972afd495cac11d35c417b90d8ec05724db5bd4bd3c
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: r9skgKWaP8RVY9nRMto5PlKboL4BQb73
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 11012
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t3-4.png
23.38.201.117200 OK 43 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t3-4.png
IP 23.38.201.117:0
File type PNG image data, 660 x 684, 8-bit colormap, non-interlaced\012- data
Hash 43f62ee21492814c91e306a57be05ee7
77e0ddcffc72c83f9c6690f521a4594d0eacdf7a
55dc7c105ed71ed3781f433e6dd1943311e87e7d7330f9f11f10f0e502c170aa
GET /cache1/hp/v_250/images/instruments/t3-4.png HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: CQyOioDgEwsXle/cn0DSfXbIj4PtX6wwvvY03kgw+sPBr5gMr79OxJ6rVKvDrcsLStc69BjQXWU=
x-amz-request-id: BJSNRPZPM3RB1Y56
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:26 GMT
etag: "43f62ee21492814c91e306a57be05ee7"
x-amz-meta-sha256: 55dc7c105ed71ed3781f433e6dd1943311e87e7d7330f9f11f10f0e502c170aa
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: ZJ9bAs_aawgIHhTc3zcLSZS.lxwDFu4K
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 42876
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/f72d065d-437e-4ee9-87c6-475882c9f118/f72d065d-437e-4ee9-87c6-475882c9f118.json
104.16.149.64200 OK 1.5 kB URL HTTP/2 cdn.cookielaw.org/consent/f72d065d-437e-4ee9-87c6-475882c9f118/f72d065d-437e-4ee9-87c6-475882c9f118.json
IP 104.16.149.64:0
File type JSON data\012- , ASCII text, with very long lines (4265), with no line terminators
Hash 6439835da3e85cb6917ac06b2dab2b37
b65ad002a7c48559e9124256295c1c688e8f3084
bd2d9654f22da1c44528cfd8a925b24a3b015d80bee375849d1e8800a8970c21
GET /consent/f72d065d-437e-4ee9-87c6-475882c9f118/f72d065d-437e-4ee9-87c6-475882c9f118.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:07 GMT
content-type: application/x-javascript
content-length: 1490
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: ZDmDXaPoXLaResBrLasrNw==
last-modified: Tue, 14 Dec 2021 12:34:46 GMT
etag: 0x8D9BEFE1D14004E
x-ms-request-id: 16122373-c01e-0026-35e7-f04352000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 14365
expires: Sun, 02 Oct 2022 22:13:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 753f6902da681c06-OSL
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/images/hp-2022/cover-desktop-half.jpg
23.38.201.117200 OK 94 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/images/hp-2022/cover-desktop-half.jpg
IP 23.38.201.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x2160, components 3\012- data
Hash b05c8e47e71ba8a0fe73a0da54f010ef
f26455efe60bcf1e74e693574e482b0a952e3de9
2c763340f1c0aa9c8bbd9b138ea1a054282b17e1fd2831efed5bbd74c09438d7
GET /cache1/hp/v_250/images/hp-2022/cover-desktop-half.jpg HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: zqCA8I7VwQ4OM57SeL41enO3ZjqGkwlCS7cjlH8/RylZXzy3zQnrVtSi0iaVUFdNRZjfpzfdllE=
x-amz-request-id: XSS69QHT5BYHDT0P
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 16:16:38 GMT
etag: "b05c8e47e71ba8a0fe73a0da54f010ef"
x-amz-meta-sha256: 2c763340f1c0aa9c8bbd9b138ea1a054282b17e1fd2831efed5bbd74c09438d7
x-amz-meta-s3b-last-modified: 20220920T161111Z
x-amz-version-id: VChvjEsOHCDhESR_vRlWIZZI9qChCEb_
accept-ranges: bytes
content-type: image/jpeg
server: AmazonS3
content-length: 94463
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t1bg.jpg
23.38.201.117200 OK 72 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/images/instruments/t1bg.jpg
IP 23.38.201.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1934x1230, components 3\012- data
Hash 2b8c66295f644aad1bbd97bffcf8f910
f34b342b50c43263d6c130286958086addefd3d6
923d9c95a2e280eafb71ef8bae9001ce3bc574272986250090409b8e10b78472
GET /cache1/hp/v_250/images/instruments/t1bg.jpg HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: YFTNty5SIcdhKq450TYHwf7SRkH10wCrNu6VxS0n04wBpLStduNxmbhS13gnNaIasJR4Ietz9UY=
x-amz-request-id: BJSVX197ACP9V7RR
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:24 GMT
etag: "2b8c66295f644aad1bbd97bffcf8f910"
x-amz-meta-sha256: 923d9c95a2e280eafb71ef8bae9001ce3bc574272986250090409b8e10b78472
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: rXQsdf5tcUphlZZ7QaAie.wlAbWxbLl7
accept-ranges: bytes
content-type: image/jpeg
server: AmazonS3
content-length: 72188
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
X-Firefox-Spdy: h2
marketing.etorostatic.com/others/logger/logger.js
23.38.201.117200 OK 2.3 kB URL HTTP/2 marketing.etorostatic.com/others/logger/logger.js
IP 23.38.201.117:0
File type ASCII text, with very long lines (5055), with no line terminators
Hash f620bec033fe844135374191b331937d
ef75dd9e7bddaaa53d9171c7b6869f5d72553f51
c61b3f992c23497120340e96694c29b94ca8b2576820677e0432031b636eee87
GET /others/logger/logger.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: rFRtyRRvy8awZWbEw8KKBuYcsMr0FOn3VrHsw7WXTDWRDWcW8NmTXAtMX967njSth5isxYRudTE=
x-amz-request-id: 114803B553D57FD9
x-amz-replication-status: COMPLETED
last-modified: Wed, 15 Jan 2020 16:04:01 GMT
etag: "3a046ce8f3379b2e5a5fa5ee3ed02808"
x-amz-meta-s3b-last-modified: 20200115T160219Z
x-amz-version-id: RlsNx2j0zjqTyHD11R2PocORgBI_87x2
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sun, 02 Oct 2022 18:18:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
content-length: 2285
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 172bd79e1aae63a38e86faac65c28031
37dab1dab091867ff1246f74e1468e4d7287b1a2
2fe707058123db9eb5f95bbf59fde321b46aa4254fd221bf0366ad5db392bde3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3202
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:13:07 GMT
Last-Modified: Sun, 02 Oct 2022 17:19:45 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 280
cdn.fonts.net/t/1.css?apiType=css&projectid=1be8a670-63f2-11ec-84cb-06c8b378e9d2
104.17.225.78200 OK 0 B URL HTTP/2 cdn.fonts.net/t/1.css?apiType=css&projectid=1be8a670-63f2-11ec-84cb-06c8b378e9d2
IP 104.17.225.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/1.css?apiType=css&projectid=1be8a670-63f2-11ec-84cb-06c8b378e9d2 HTTP/1.1
Host: cdn.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:07 GMT
content-type: text/css
content-length: 0
x-amz-id-2: GRPkHhcw79bOcCMiC6Lk/3R+biVkfewbadZBIPw+mWLTSryl47D47kYYgkVnok/0wC2rWI5RyIU=
x-amz-request-id: 62YSVXFX1S5ERBRP
last-modified: Wed, 02 Mar 2022 13:37:38 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=0, s-maxage=604800
x-amz-version-id: UxGg7yvoIp4Iz40xCftbPfdHYneoL6ou
cf-cache-status: HIT
age: 179556
accept-ranges: bytes
set-cookie: __cf_bm=IQh2wBu3d47zp.OLC4b8n80X5JDEPcn6qbkybGiTOUY-1664734387-0-AaEzdAUNVsvSFGx0Ol+0Pmenn56UVbbzk3aJzSEqoNyxcx6cVsnzyIixqu6nc8gzLPcWYDLS9OEMxbyS0PZ0FyQ=; path=/; expires=Sun, 02-Oct-22 18:43:07 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 753f69035bedb521-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 24090a00d04ea02ee67da30e9c674d76
7e7cbc58e89aba8584068e3c96a8ffdbc1406293
f470d356d0ddd3dcf0a650ec20d249394da0ad1a31972720260df12c299ed6dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5858
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:13:07 GMT
Last-Modified: Sun, 02 Oct 2022 16:35:29 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 280
marketing.etorostatic.com/cache1/fonts/madera2/Madera-Regular.woff2
23.38.201.117200 OK 32 kB URL HTTP/2 marketing.etorostatic.com/cache1/fonts/madera2/Madera-Regular.woff2
IP 23.38.201.117:0
File type Web Open Font Format (Version 2), TrueType, length 31960, version 1.0\012- data
Hash 4a61fe67108ddbb01a2ceaf3687ba30e
3a60eb0e91c3f79e58c93ac63f040f07c5c4e058
2be6e9d5643e9857ffdb9f65021173c77f920dac2e106ee31b2f38608d5ac661
GET /cache1/fonts/madera2/Madera-Regular.woff2 HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: giTQxaaku6b/my15IZ7MGbnS0j3R+Drz9aYHcOnTWdLimAm+vlONGNcGBk1VXAhvbuCj0dmjAZs=
x-amz-request-id: RB02W0BVGXZQ1Q0C
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Feb 2022 18:32:32 GMT
etag: "4a61fe67108ddbb01a2ceaf3687ba30e"
x-amz-meta-sha256: 2be6e9d5643e9857ffdb9f65021173c77f920dac2e106ee31b2f38608d5ac661
x-amz-meta-s3b-last-modified: 20220203T192734Z
x-amz-version-id: rdjZTCyTVtTzW48kSfmVzYhmpJIbNpae
accept-ranges: bytes
content-type: application/font-woff2
server: AmazonS3
content-length: 31960
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/images/flags-hd2022.png
23.38.201.117200 OK 17 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/images/flags-hd2022.png
IP 23.38.201.117:0
File type PNG image data, 830 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 69d14115558936d84e16ec7efd2f4f45
a6268986699c86e577ca5589a0fcf2880661f7ea
68de9a9df604b303ce3c1c4fd7f977ecd4eeea196253f88d01d605a262c72a26
GET /cache1/hp/v_250/images/flags-hd2022.png HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: TBVqRoB02EDyfVmR0znW/MNspedH9bXBBIhZ5E5yqJ3jEmjjuff+OOrTSAXRCNf4skiXRHJz8GQ=
x-amz-request-id: Y4J7D71XBE8X7XME
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 15:06:18 GMT
etag: "69d14115558936d84e16ec7efd2f4f45"
x-amz-meta-sha256: 68de9a9df604b303ce3c1c4fd7f977ecd4eeea196253f88d01d605a262c72a26
x-amz-meta-s3b-last-modified: 20220920T144902Z
x-amz-version-id: otKQpwD91003SDrhrFJwP7u7k7kYEK4v
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 16703
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/fonts/tusker/TuskerGrotesk-3500Medium.woff2
23.38.201.117200 OK 12 kB URL HTTP/2 marketing.etorostatic.com/cache1/fonts/tusker/TuskerGrotesk-3500Medium.woff2
IP 23.38.201.117:0
File type Web Open Font Format (Version 2), TrueType, length 11992, version 1.0\012- data
Hash 1f385d1ea2e1c06cda506bafc17a4a94
0dc0ebf0502018976383091908379054b5a3cfed
e71acf0321143c30f016a710cfb525b48b2ba940ac7d83660614082eb06880ca
GET /cache1/fonts/tusker/TuskerGrotesk-3500Medium.woff2 HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: TnE1OvfRhb4wemqIMdAklRBV9anTek/CjSVpczlM56PMWdd3Awm6/s25i8C/yNMd3Kztf88tMvY=
x-amz-request-id: 0RKDVHM0FMVA32ZS
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Sun, 06 Feb 2022 22:24:49 GMT
etag: "1f385d1ea2e1c06cda506bafc17a4a94"
x-amz-meta-sha256: e71acf0321143c30f016a710cfb525b48b2ba940ac7d83660614082eb06880ca
x-amz-meta-s3b-last-modified: 20220206T231742Z
x-amz-version-id: U.WW5Nm_KS0r7k_Vxl0S9.MycmUEi2Pu
accept-ranges: bytes
content-type: application/font-woff2
server: AmazonS3
content-length: 11992
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/fonts/tusker/TuskerGrotesk-4700Bold.woff2
23.38.201.117200 OK 12 kB URL HTTP/2 marketing.etorostatic.com/cache1/fonts/tusker/TuskerGrotesk-4700Bold.woff2
IP 23.38.201.117:0
File type Web Open Font Format (Version 2), TrueType, length 12028, version 1.0\012- data
Hash ee570da55652b90a2222880a1ece7323
d9a81b65239041b42c6aed22f5809797f0574c1e
26c2ac92dcf7740f3239e5c1dc01c2e90bf468aacaea52438db80c031af94962
GET /cache1/fonts/tusker/TuskerGrotesk-4700Bold.woff2 HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: xDtdJzSi21sF7CpiuxjIbrQdQrHfCf0qZSuIYVXllN38HVN7OiOcLrLEIAOZRHPfr0UXkqds/bQ=
x-amz-request-id: 0RKEXE4EJ8774W83
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Sun, 06 Feb 2022 22:24:52 GMT
etag: "ee570da55652b90a2222880a1ece7323"
x-amz-meta-sha256: 26c2ac92dcf7740f3239e5c1dc01c2e90bf468aacaea52438db80c031af94962
x-amz-meta-s3b-last-modified: 20220206T231740Z
x-amz-version-id: _nNBWNk.b.aBJaK32Y.ScZnJcz4Is6Dl
accept-ranges: bytes
content-type: application/font-woff2
server: AmazonS3
content-length: 12028
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/fonts/madera2/Madera-Light.woff2
23.38.201.117200 OK 32 kB URL HTTP/2 marketing.etorostatic.com/cache1/fonts/madera2/Madera-Light.woff2
IP 23.38.201.117:0
File type Web Open Font Format (Version 2), TrueType, length 31636, version 1.0\012- data
Hash e20f6e1c0681c07f69d37c428c0684d3
4aa36ecd12f2e7d3592807a0a3879914252faeb5
c2dfcbd62bd88bad9f09d80b0d1b2de5bf8276e6586a5431839c7ce9393fd4f7
GET /cache1/fonts/madera2/Madera-Light.woff2 HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: TVzcGMyrSRRAiX3OtO+JaeCIIWTuUd+EwTnEzNsZ7AgFflv7+H3xjLd4Nk7ctVtZpx+Ie+enpiQ=
x-amz-request-id: EXZTJQVA4Y4CV0JC
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Feb 2022 18:32:26 GMT
etag: "e20f6e1c0681c07f69d37c428c0684d3"
x-amz-meta-sha256: c2dfcbd62bd88bad9f09d80b0d1b2de5bf8276e6586a5431839c7ce9393fd4f7
x-amz-meta-s3b-last-modified: 20220203T192738Z
x-amz-version-id: TUjDnqX6S_vwWlvloC3aK3KdDGBYmBw_
accept-ranges: bytes
content-type: application/font-woff2
server: AmazonS3
content-length: 31636
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/fonts/madera2/Madera-Medium.woff2
23.38.201.117200 OK 32 kB URL HTTP/2 marketing.etorostatic.com/cache1/fonts/madera2/Madera-Medium.woff2
IP 23.38.201.117:0
File type Web Open Font Format (Version 2), TrueType, length 31844, version 1.0\012- data
Hash 9d7f82d9510b57b2d00f328d87ef3869
2a031c8ae51e62d8dc30fa0bb47f57a3695224c1
c464ce47b2b31c08077e73656eb309e07cecd335cbc93c87efe552e281de0815
GET /cache1/fonts/madera2/Madera-Medium.woff2 HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: d6poWwwwj9abPq/ES4oNvQTY1I4y2hMv1EdVnTf07kpNv7a2N1tn1ySx9pMV8KWPcG6wwi1unZI=
x-amz-request-id: K8KWP566ERFJBVE1
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Feb 2022 18:32:29 GMT
etag: "9d7f82d9510b57b2d00f328d87ef3869"
x-amz-meta-sha256: c464ce47b2b31c08077e73656eb309e07cecd335cbc93c87efe552e281de0815
x-amz-meta-s3b-last-modified: 20220203T192736Z
x-amz-version-id: VMc3owpvYk5nHUjZ.xX4Wq.u2RPawBMa
accept-ranges: bytes
content-type: application/font-woff2
server: AmazonS3
content-length: 31844
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/fonts/madera2/Madera-Bold.woff2
23.38.201.117200 OK 32 kB URL HTTP/2 marketing.etorostatic.com/cache1/fonts/madera2/Madera-Bold.woff2
IP 23.38.201.117:0
File type Web Open Font Format (Version 2), TrueType, length 31920, version 1.0\012- data
Hash db85a0ddc6f6973df4bc98a1b2ed9d65
c6bba41edc8501b76aed9bff58597edef1c2502f
26902b4d0a3ba49a4a9b3aa0c8f9c185270ee162252f78cec00c831c9f5b05f8
GET /cache1/fonts/madera2/Madera-Bold.woff2 HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: WQ8beP0j6j+XiswbzEpXZzamytHc5Av0QHRr7qawf362iuN3koZ3ealTS4jkLvOGZ6OcInkYl0Y=
x-amz-request-id: RB02FFVVAVWJVG5D
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Feb 2022 18:32:24 GMT
etag: "db85a0ddc6f6973df4bc98a1b2ed9d65"
x-amz-meta-sha256: 26902b4d0a3ba49a4a9b3aa0c8f9c185270ee162252f78cec00c831c9f5b05f8
x-amz-meta-s3b-last-modified: 20220203T192740Z
x-amz-version-id: zGguxQ5kSDF0NdIOnvToUoLZcOnV9szR
accept-ranges: bytes
content-type: application/font-woff2
server: AmazonS3
content-length: 31920
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/js/waypoints.min.js
23.38.201.117200 OK 2.6 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/js/waypoints.min.js
IP 23.38.201.117:0
File type ASCII text, with very long lines (8887), with no line terminators
Hash 1d2137aea2d4a9fca68a7b135e2cb9f3
e97ca29d385352fc286f1711bbdc45584161a316
ea701f82ca58f8a09ebd7d00a58deb97c1c2a09ecdd3a5486e91dab13f98113e
GET /cache1/hp/v_250/js/waypoints.min.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 9lFezzLGhy5accCsGYcyDyckewdqZE6Df8H6ytpCQuSWrMcKQiCNX7H2YhvOccJk0UxxBNsnPHo=
x-amz-request-id: 5E8B8NFW9H2EH0EG
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:43:00 GMT
etag: "1b79decba8cf0c886b7be539cfdbaa16"
x-amz-meta-sha256: 291c0fb451ed0410d515b7c4f0eeb429cae40f52a560a67aed3de8d7210e75a3
x-amz-meta-s3b-last-modified: 20200803T094544Z
x-amz-version-id: OAj0wpBsOOe0r5kxCMrusioy2xpCNFTE
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
content-length: 2635
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/js/slick.min.js
23.38.201.117200 OK 9.6 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/js/slick.min.js
IP 23.38.201.117:0
File type ASCII text, with very long lines (32034), with CRLF line terminators
Hash 17232e2fe3e81d95e6f1cb7c4d5b9e57
510e1569ab0187ef5712a7630d673536e8c519ac
4bd093df7a16ca8f4d58c12a14859fdc0ef3f8ffb58c9b82126031787f2f5132
GET /cache1/hp/v_250/js/slick.min.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: JlrnGLJ6W/UxGhdYSC8CH8xghXbLPjPNChhyxW9KZUfoGKU71X7LjptjjFXM/+ltoatY8umxNmk=
x-amz-request-id: 5E85XVS4GHHW1N8V
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:43:00 GMT
etag: "823f2a98db35550b1d2a78f530b1c633"
x-amz-meta-sha256: 0cf4b4cdcf20a06c8cfb25a84b84e0c7e81f51cd78de9b6231a1b54ed0e0935b
x-amz-meta-s3b-last-modified: 20200803T094544Z
x-amz-version-id: YetQublaGzZokQiJoN6572gELuBFGXNz
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
content-length: 9568
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/js/jquery-3.5.1.min.js
23.38.201.117200 OK 31 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/js/jquery-3.5.1.min.js
IP 23.38.201.117:0
File type ASCII text, with very long lines (65451)
Hash e96fc85ce0a9070920b87b1072dd9e1d
afd9871c95caf6a26ae56e8c661789d00c510162
43e3ac1190912814c4b67ca3512c14745d1b41ce4740d3df73ead62561ca31dd
GET /cache1/hp/v_250/js/jquery-3.5.1.min.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: e54UiWLmzXf08GlFZQOwNLmjw248K84CkHRaduvC3FXRYfpbzInEkKvkHjrXjI1R6iLGr6Oq0hk=
x-amz-request-id: 5E8854E5AX589C4N
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:57 GMT
etag: "dc5e7f18c8d36ac1d3d4753a87c98d0a"
x-amz-meta-sha256: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
x-amz-meta-s3b-last-modified: 20210919T132249Z
x-amz-version-id: 4aWmwoVEWdk_DjJ9o9.1cbellEQnGA4x
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
content-length: 30950
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash d4e7c39ccaa7fac7fadedf0954b88f64
f0be9458149d34face416d203d065d1100d56578
7712db1dbd46ae15118107e7ced0cacd116d254713bc1aa3fc612a2bfaef4d4a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3387
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:13:07 GMT
Last-Modified: Sun, 02 Oct 2022 17:16:40 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 727
marketing.etorostatic.com/cache1/hp/v_250/js/script.min.js?v=1664369424
23.38.201.117200 OK 59 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/js/script.min.js?v=1664369424
IP 23.38.201.117:0
Hash 73446eb73856db65a5c3d6ab0d81b048
57104a4e8491e89e52ae2f390df45d5129ad79b0
e09c8bdbd085f0d5a68d101ed292b3cac227bad57015cf89deb1b08c26885626
GET /cache1/hp/v_250/js/script.min.js?v=1664369424 HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: UstjKmYHGN8WYkG4pmB/h9V8h19OUGh2i1FjFliBykUGT8I/5sV5tTJfxJJZrQoeJnxvynArGRo=
x-amz-request-id: F7QGAR8H44KYKRW6
x-amz-replication-status: COMPLETED
last-modified: Wed, 28 Sep 2022 12:51:07 GMT
etag: "57f5dcf3502cfebc456129a3dda31b0e"
x-amz-meta-sha256: 569eb69f141bb73e2a8a26b17eac9225b107485d936601eaf2571740898714a6
x-amz-meta-s3b-last-modified: 20220928T124714Z
x-amz-version-id: PgqNRpUIgU8eF2OAyi4TWyrPd9U26uVw
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/images/favicon/favicon-16x16.png
23.38.201.117200 OK 1.0 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/images/favicon/favicon-16x16.png
IP 23.38.201.117:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 6f73b13c53883dda26ced7b25bdf69ef
a4743cd740ba05c518cc754a3ab2715f6a23d762
4470f15d8d0268f1cf44bfc45a544baa38a6aa114dab9ad02b76b48034d156b9
GET /cache1/hp/v_250/images/favicon/favicon-16x16.png HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: q9Fv8gRd6+b337XtoTpjf0lXha/xDl8MDnEInDhNQHkRs5JLXmey+zDMgkhZFANHULI0QMT1Yxk=
x-amz-request-id: 85NZMGGA0Z9XBNVH
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:41:48 GMT
etag: "6f73b13c53883dda26ced7b25bdf69ef"
x-amz-meta-sha256: 4470f15d8d0268f1cf44bfc45a544baa38a6aa114dab9ad02b76b48034d156b9
x-amz-meta-s3b-last-modified: 20200803T094544Z
x-amz-version-id: 8hLOOpLCaCPyjH8.y7Cb39Asiw_Qt5uv
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 1020
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:07 GMT
date: Sun, 02 Oct 2022 18:13:07 GMT
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/css/style-newhp.min.css?v=1663759468
23.38.201.117200 OK 8.2 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/css/style-newhp.min.css?v=1663759468
IP 23.38.201.117:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (58067)
Hash f953d5c71910c6ac52b43b461396312a
4f05910e43fe46b681cda2c81af778b5cd2d28b2
26a8ffd9765eda92a46eee6f2fd622e562ff124b394101c0118118ecca68c09c
GET /cache1/hp/v_250/css/style-newhp.min.css?v=1663759468 HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: RfoPvqKXzaq3HI+vj6CoefVvf/rn2n4Ybn6GKCGCDpFtSSsEb3ieUmiGkL2VP8WWZnbBJe+joTo=
x-amz-request-id: YFFS03YFYAZHRAFH
x-amz-replication-status: COMPLETED
last-modified: Wed, 21 Sep 2022 11:22:06 GMT
etag: "eb05627089f6248f125b58845182861e"
x-amz-meta-sha256: a9f2f6aa1eda10879c3d4149f011cb5529f07bb4ab43c09bd61e5d81c88b0012
x-amz-meta-s3b-last-modified: 20220920T204059Z
x-amz-version-id: BS1lBzQzv2GL0QuRJy7fh_FPT1FP8XXD
accept-ranges: bytes
content-type: text/css
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:08 GMT
date: Sun, 02 Oct 2022 18:13:08 GMT
content-length: 8214
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/videos/cover-desktop-half.mp4
23.38.201.117206 Partial Content 1.9 MB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/videos/cover-desktop-half.mp4
IP 23.38.201.117:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 1.9 MB (1938926 bytes)
Hash 6723d5f38a20e6310736b586d4c014bc
ab879dbd1d56808c2dc8fd57522287ecad37d54b
986f905322355695191101ded23f81a6fb6508fe7b5a8a28bc5385726bfd7901
GET /cache1/hp/v_250/videos/cover-desktop-half.mp4 HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
x-amz-id-2: k0S3PTtQ6A7+7DCDF0jarhfLPTSbwVz1bTqEGKIUxZtmifOjl4sOuF9FVlox4Ojv2OaWaUfjwJU=
x-amz-request-id: VAB4HZ7XE1BNTWVP
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 16:16:56 GMT
etag: "53205974fecdfed20a25d53ffbfd6bef"
x-amz-meta-sha256: 086a1f99f93c021b8bd1aa13042c342054e3da9302fc41c00c55b31f7c7058ae
x-amz-meta-s3b-last-modified: 20220920T155830Z
x-amz-version-id: 5gD_fe1tCLrWjg18GcLMs5qAtl1xDeyt
accept-ranges: bytes
content-type: video/mp4
server: AmazonS3
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:08 GMT
date: Sun, 02 Oct 2022 18:13:08 GMT
content-range: bytes 0-2625182/2625183
content-length: 2625183
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.27.0/otBannerSdk.js
104.16.149.64200 OK 78 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.27.0/otBannerSdk.js
IP 104.16.149.64:0
File type ASCII text, with very long lines (65455)
Hash f1e687b418a03f55376f8dabb88831b1
59e7de3f39b2bd1d3cff8b1286f317d913a03fac
a8f0ed59befb0dc3da4e194382166d61584fc77442140cdbe734a761ca07ded2
GET /scripttemplates/6.27.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:08 GMT
content-type: application/javascript
content-length: 78056
content-encoding: gzip
content-md5: 8eaHtBigP1U3b42ruIgxsQ==
last-modified: Mon, 29 Nov 2021 20:31:00 GMT
etag: 0x8D9B37727F240FD
x-ms-request-id: 7f82bfc5-f01e-0048-0667-33ea7b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 1758
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 753f6905de391c06-OSL
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/images/hp-2022/reliability-icon.svg
23.38.201.117200 OK 2.9 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/images/hp-2022/reliability-icon.svg
IP 23.38.201.117:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (450)
Hash 0a6e20a299b321b57e48a9c83871cc0c
b3474e03f92a55d42c5ee4032fb1f7b38bd5fd80
f63e3109498dbf1f9ff656b0b151cf3a9ae0c22cb74369a32f1cd726dde79a19
GET /cache1/hp/v_250/images/hp-2022/reliability-icon.svg HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marketing.etorostatic.com/cache1/hp/v_250/css/style-newhp.min.css?v=1663759468
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-amz-id-2: LzbecIzhwvBoQ7BWygJldYYYM6We6Ivc0s9yeELNTux/bvYN3Yt+4RBXo+6y+IJIMyE0XHUm5Ew=
x-amz-request-id: P36RY7P00A1N12Z3
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:15 GMT
etag: "0a6e20a299b321b57e48a9c83871cc0c"
x-amz-meta-sha256: f63e3109498dbf1f9ff656b0b151cf3a9ae0c22cb74369a32f1cd726dde79a19
x-amz-meta-s3b-last-modified: 20220312T200400Z
x-amz-version-id: YLr9yDu4y6poTawQ7WP7MojiYbCk.0rk
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 2891
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:08 GMT
date: Sun, 02 Oct 2022 18:13:08 GMT
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-1871831.js?sv=6
143.204.68.120200 OK 7.8 kB URL HTTP/2 static.hotjar.com/c/hotjar-1871831.js?sv=6
IP 143.204.68.120:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (11752)
Hash 2d774082d01b7ca9ec9e0e990241e3e2
9d96ae45d02709a415951bf5c372da689f7c105d
d92e727b5b35ff37c80530c416a62508b50d487853e1f6d1be517594ce00722e
GET /c/hotjar-1871831.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Sun, 02 Oct 2022 18:12:24 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/c355f147f458a4315014d8a3729a7507
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0bd4d5448b19873aafd864e434b36f0e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
x-amz-cf-id: zh3PYbCpNDnsmK56hhqHa2_hPHdhbaQk-eJN-3g-tXC0wiB6D3K01g==
age: 44
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/images/hp-2022/globe-icon.svg
23.38.201.117200 OK 3.4 kB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/images/hp-2022/globe-icon.svg
IP 23.38.201.117:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (575)
Hash d8016306372e33ba7354032b4de316ac
7caeb070e9f95ab00ca267ad95c37530d3be361e
3c0a8e3833fe2d4d7d1223b97cd931988d4069eb89071d4d55b3a1434a02d571
GET /cache1/hp/v_250/images/hp-2022/globe-icon.svg HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marketing.etorostatic.com/cache1/hp/v_250/css/style-newhp.min.css?v=1663759468
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-amz-id-2: zEZql33RdFD015QzhOK47P8wzFLSFm/IcV6Blksieco1+krqTMPmOXsvpWNCUzjqRe5kvLJGWuU=
x-amz-request-id: P36N4Q9BMY5E42PD
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:11 GMT
etag: "d8016306372e33ba7354032b4de316ac"
x-amz-meta-sha256: 3c0a8e3833fe2d4d7d1223b97cd931988d4069eb89071d4d55b3a1434a02d571
x-amz-meta-s3b-last-modified: 20220312T200400Z
x-amz-version-id: qXWG2jxf6eO4.Ee8JU9epi0qWNdNYdex
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 3405
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:08 GMT
date: Sun, 02 Oct 2022 18:13:08 GMT
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/fonts/socials/socials.ttf?qtqow1
23.38.201.117200 OK 2.2 kB URL HTTP/2 marketing.etorostatic.com/cache1/fonts/socials/socials.ttf?qtqow1
IP 23.38.201.117:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, socials \012- data
Hash 379e2da7fbcf7192af131dab8664fa44
191a7c64f76a91ab3ac7418ef12e16155ffe916b
8c31b82294313eacadc653a0eeac4cc2c911b75c8f3792453823e72c3c73b3f2
GET /cache1/fonts/socials/socials.ttf?qtqow1 HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: VqG8Xoz+PNUpc5ek0EHqjuCErGzCqKx3w2Mb/U3IRKb02qkQEhEC1dsBPpa357J3lamLhU00/dI=
x-amz-request-id: ABP0NYTQMK8XRN5V
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Jan 2022 19:09:35 GMT
etag: "379e2da7fbcf7192af131dab8664fa44"
x-amz-meta-sha256: 8c31b82294313eacadc653a0eeac4cc2c911b75c8f3792453823e72c3c73b3f2
x-amz-meta-s3b-last-modified: 20220111T153358Z
x-amz-version-id: 64DCSoh81dgHS5BU7pf3T55ups5kO3ge
accept-ranges: bytes
content-type: application/x-font-ttf
server: AmazonS3
content-length: 2232
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:08 GMT
date: Sun, 02 Oct 2022 18:13:08 GMT
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/hp/v_250/videos/cover-desktop-half.mp4
23.38.201.117206 Partial Content 1.3 MB URL HTTP/2 marketing.etorostatic.com/cache1/hp/v_250/videos/cover-desktop-half.mp4
IP 23.38.201.117:0
Size 1.3 MB (1347231 bytes)
Hash d4589626ee28b17662fa4f3ccc446e7d
8ea8a0981f61a5e89a6878527a656afb629ab9f5
16ad838e0c6849f13342a1db95d6db64cf4c6df8e1b0f6db0db2388aca39dae7
GET /cache1/hp/v_250/videos/cover-desktop-half.mp4 HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=1277952-
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
x-amz-id-2: k0S3PTtQ6A7+7DCDF0jarhfLPTSbwVz1bTqEGKIUxZtmifOjl4sOuF9FVlox4Ojv2OaWaUfjwJU=
x-amz-request-id: VAB4HZ7XE1BNTWVP
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 16:16:56 GMT
etag: "53205974fecdfed20a25d53ffbfd6bef"
x-amz-meta-sha256: 086a1f99f93c021b8bd1aa13042c342054e3da9302fc41c00c55b31f7c7058ae
x-amz-meta-s3b-last-modified: 20220920T155830Z
x-amz-version-id: 5gD_fe1tCLrWjg18GcLMs5qAtl1xDeyt
accept-ranges: bytes
content-type: video/mp4
server: AmazonS3
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:08 GMT
date: Sun, 02 Oct 2022 18:13:08 GMT
content-range: bytes 1277952-2625182/2625183
content-length: 1347231
X-Firefox-Spdy: h2
vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
143.204.68.5200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
IP 143.204.68.5:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2431), with no line terminators
Hash f6a9ca04b0687ea3c0d98e8430c8c77b
35503b2deb23091a9a9c6c68d4020dbdf879588e
8e4328ecb6b395499567369e3c227231dbdaf361f43ce315934d7a2a3abbed41
GET /box-69edcc3187336f9b0a3fbb4c73be9fe6.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1044
date: Wed, 07 Sep 2022 09:17:07 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ffcbf18841bd703b7328f6803e6f0530.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
x-amz-cf-id: wriSbJl4QoaHfxI6RyEBOil1UyDYAj2gvqgEKYK4xRIspEQ2KL-VJg==
age: 2192161
X-Firefox-Spdy: h2
marketing.etorostatic.com/cache1/fonts/socials/socials.woff?qtqow1
23.38.201.117200 OK 2.3 kB URL HTTP/2 marketing.etorostatic.com/cache1/fonts/socials/socials.woff?qtqow1
IP 23.38.201.117:0
File type Web Open Font Format, TrueType, length 2308, version 1.0\012- data
Hash b63c50623057857a66071527d3d19e34
60a97e3734cf76a48f1605076590257bfd370f5e
1e0140569fe23bdc3e016d72430447b3ce26f9edc0ab13d468c0b0588f9cffcc
GET /cache1/fonts/socials/socials.woff?qtqow1 HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: SbuN5uTeAbiLvwg0l6RWT5GcWDZBpW5c/cufnxT2YwGTrQ28ARdF3bRVi+0p5zOx3aqQYMQ0XQ8=
x-amz-request-id: P9HV07KX2C62PBM9
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Jan 2022 19:09:35 GMT
etag: "b63c50623057857a66071527d3d19e34"
x-amz-meta-sha256: 1e0140569fe23bdc3e016d72430447b3ce26f9edc0ab13d468c0b0588f9cffcc
x-amz-meta-s3b-last-modified: 20220111T153358Z
x-amz-version-id: k7ckggrGpXnM_OQiM5sA8.VZMQT0daDq
accept-ranges: bytes
content-type: application/octet-stream
server: AmazonS3
content-length: 2308
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 18:13:08 GMT
date: Sun, 02 Oct 2022 18:13:08 GMT
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/f72d065d-437e-4ee9-87c6-475882c9f118/f3b2c177-d411-4b76-a21a-21650b13ebf4/en.json
104.16.149.64200 OK 14 kB URL HTTP/2 cdn.cookielaw.org/consent/f72d065d-437e-4ee9-87c6-475882c9f118/f3b2c177-d411-4b76-a21a-21650b13ebf4/en.json
IP 104.16.149.64:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
Hash 7b4d0389cd3bdfc36b615a0b060eed3c
a13bee7f9604f7dc3b55ddbbad915fd605ab9a4b
bd7cccf2a2ad2ff6c00b8fd8238da52e11e19f36d1e30447f7c4561576788a57
GET /consent/f72d065d-437e-4ee9-87c6-475882c9f118/f3b2c177-d411-4b76-a21a-21650b13ebf4/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:08 GMT
content-type: application/x-javascript
content-length: 14384
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: e00Dic0738NrYVoLBg7tPA==
last-modified: Tue, 14 Dec 2021 12:34:59 GMT
etag: 0x8D9BEFE24E4B72A
x-ms-request-id: 42befd17-e01e-00f6-6ee7-f0fff0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 13431
expires: Sun, 02 Oct 2022 22:13:08 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 753f690768cb1c06-OSL
X-Firefox-Spdy: h2
etorologsapi.etoro.com/api/v2/monitoring?applicationIdentifier=marketingSites
20.54.209.212200 OK 0 B URL HTTP/2 etorologsapi.etoro.com/api/v2/monitoring?applicationIdentifier=marketingSites
IP 20.54.209.212:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/monitoring?applicationIdentifier=marketingSites HTTP/1.1
Host: etorologsapi.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 572
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:08 GMT
content-length: 0
server: Kestrel
cache-control: private, max-age=0, must-revalidate=true, noCache=true, noStore=true
vary: Origin
access-control-allow-origin: https://www.etoro.com
request-context: appId=cid-v1:fd70748c-8efd-4b7f-a0f0-36ea0c443ced
X-Firefox-Spdy: h2
etorologsapi.etoro.com/api/v2/monitoring?applicationIdentifier=marketingSites
20.54.209.212200 OK 0 B URL HTTP/2 etorologsapi.etoro.com/api/v2/monitoring?applicationIdentifier=marketingSites
IP 20.54.209.212:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/monitoring?applicationIdentifier=marketingSites HTTP/1.1
Host: etorologsapi.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 663
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:08 GMT
content-length: 0
server: Kestrel
cache-control: private, max-age=0, must-revalidate=true, noCache=true, noStore=true
vary: Origin
access-control-allow-origin: https://www.etoro.com
request-context: appId=cid-v1:fd70748c-8efd-4b7f-a0f0-36ea0c443ced
X-Firefox-Spdy: h2
script.hotjar.com/modules.61e17720cf639c3e96a7.js
18.164.68.101200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.61e17720cf639c3e96a7.js
IP 18.164.68.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5450)
Hash 45de0f96840c8fb1af04e26779d5aa8a
2c3ffc88333cdbb38908ac8c09f8643648d98d0f
8192f37cadfedefa8dbdbea6f2c78c1e4ad233ba9934d8fb0e22a71434a78cba
GET /modules.61e17720cf639c3e96a7.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 66156
date: Fri, 30 Sep 2022 07:19:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "ca82760cd662a268a9b556ae44a96740"
last-modified: Fri, 30 Sep 2022 07:18:43 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8939944fc38fd924b1fd4243119debb8.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P4
x-amz-cf-id: YHaS7kBPDGz10B9gS-BGKGTJYyArLcQJrMhie9H1hAp7ZNIAidOpOA==
age: 212042
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.27.0/assets/v2/otPcCenter.json
104.16.149.64200 OK 12 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.27.0/assets/v2/otPcCenter.json
IP 104.16.149.64:0
File type JSON data\012- , ASCII text, with very long lines (37703)
Hash 71e3871d634182b17c1b15ca3d58f7e4
4063bf0afb25a8c96bdd33f6d24ca832067c7806
c20f40887a2fdad6ea7070063acf1150881e18405c91338338e88be4195583b5
GET /scripttemplates/6.27.0/assets/v2/otPcCenter.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:08 GMT
content-type: application/json
content-length: 11602
content-encoding: gzip
content-md5: ceOHHWNBgrF8GxXKPVj35A==
last-modified: Mon, 29 Nov 2021 20:30:52 GMT
etag: 0x8D9B377239B4147
x-ms-request-id: a3c3cc4e-901e-00f9-2cec-ec1206000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 11739
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 753f69090b731c06-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.27.0/assets/otFlat.json
104.16.149.64200 OK 3.0 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.27.0/assets/otFlat.json
IP 104.16.149.64:0
File type JSON data\012- , ASCII text, with very long lines (10843)
Hash 5521c152bc1efa1baa93129bb8717e19
d89a1ebb0aa8417a5d0f27e172935bf743d8e42e
10e8c409d6b57eb0e5a7fa941b14b2a59b1437e37a16bb51f08adc3f65e807ba
GET /scripttemplates/6.27.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:08 GMT
content-type: application/json
content-length: 2950
content-encoding: gzip
content-md5: VSHBUrwe+huqkxKbuHF+GQ==
last-modified: Mon, 29 Nov 2021 20:30:50 GMT
etag: 0x8D9B3772216FA2F
x-ms-request-id: 247cd6ec-501e-004e-2dec-ec1d03000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 13024
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 753f69090b6e1c06-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg
34.120.237.76200 OK 45 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg
IP 34.120.237.76:0
Hash d87735c4ee2caf54a1568a77affbe939
053c3a1ec350d8d3cda8e34302252558845bb127
4fd83cbbe6bc4a2f25f45ca42281039d24b8eae7dece81c60c9675cd00921c47
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7314
x-amzn-requestid: ba9e3b47-d9dd-49c1-9645-bac582351957
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpnGqOoAMFUTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-0604dff004a5f6364f0fe11c;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YIlHaBRTk6SiYb8HYfirSHj_stXgWp455OC-J5mRoKH0r42pn9mNeQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:36 GMT
etag: "e06bd8868eff8c42f5d2e2deec9a361170c8d3ea"
content-type: image/jpeg
age: 73172
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.27.0/assets/otCommonStyles.css
104.16.149.64200 OK 102 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.27.0/assets/otCommonStyles.css
IP 104.16.149.64:0
Size 102 kB (102015 bytes)
Hash bcdbdb74ea6cdb13f821d729baf1ba15
67f577af594b07e00a9becd7cc4b43bcc60bad6a
337f892abfee25c6b46bde3f094fb82e1c6ffee0d4cbcd43d5556247c0abb51b
GET /scripttemplates/6.27.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:08 GMT
content-type: text/css
content-md5: Ye6OeZcNyuFoWog7CYs00A==
last-modified: Mon, 29 Nov 2021 20:31:07 GMT
x-ms-request-id: 45454291-e01e-00fd-65ec-ece784000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 13024
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 753f69091b861c06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.acsbapp.com/cache/app/etoro.com/config.json
147.185.239.229200 OK 158 B URL HTTP/2 cdn.acsbapp.com/cache/app/etoro.com/config.json
IP 147.185.239.229:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 03c7f22af7ac71a827fe9bf8a1dd9204
b75d2696931103c61fa3f97386898a4dcfb2424f
e1bb776a7b22ee6d15fa10f3811cfb7611c43d4716ce0522bdb2a228ef45d874
GET /cache/app/etoro.com/config.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Mon, 03 Oct 2022 18:13:08 GMT
content-type: application/json
last-modified: Sun, 02 Oct 2022 18:11:13 GMT
etag: "9e-6339d441-acd3c10382f0fdfd;;;"
accept-ranges: bytes
content-length: 158
date: Sun, 02 Oct 2022 18:13:08 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
18.165.196.18200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.18:0
Hash 55357a586bee6e1df8493f5b4a47cd96
4809fff87e91133ab9c2d95cd0c3b3cc6386ddd8
056e3d2a4dd8c1155b4f6e3c62df0a5ee0b5c10c57f46258d3685d83966ed3b9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 18:13:08 GMT
Last-Modified: Sun, 02 Oct 2022 16:31:49 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 096e5ecae9d1cd03edf8411ad106b092.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: QECouqh3mz3KiDidWMphteiGqKMufZV5_roi3CH5ev4RVn4tsvyl_A==
Age: 6079
marketing.etorostatic.com/others/general/js/seo.js
23.38.201.117200 OK 2.2 kB URL HTTP/2 marketing.etorostatic.com/others/general/js/seo.js
IP 23.38.201.117:0
File type C source, ASCII text, with very long lines (366), with CRLF line terminators
Hash f22c155ea9a463fee325cc2f52cb2c5b
67913d0b1cdaa875752a36f5c22fc21884cd6b22
115d84510217e73948fabbc05aa6041071564a86dee31d7abb282d764ff4f7a7
GET /others/general/js/seo.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: IbCrnl2jHtt3ARkbdDtJdY1t/iT+eA6L1pkPIeISKQrHurrfYzN0CE54ZOlbBo/E9qrm76WQ/M0=
x-amz-request-id: 69QVGW75ZMC6VK3N
x-amz-replication-status: COMPLETED
last-modified: Tue, 10 Jan 2017 14:31:16 GMT
etag: "bb01557076c5f1cc6976325a60a0be7c"
x-amz-meta-s3b-last-modified: 20170110T142820Z
x-amz-version-id: SSqunX8tv_w4z_1vK9cbzCWNqGZTmd8y
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sun, 02 Oct 2022 18:18:08 GMT
date: Sun, 02 Oct 2022 18:13:08 GMT
content-length: 2209
X-Firefox-Spdy: h2
zero.pointlessplay.com/i/3c2d8da22b7aa416fab4696fbd547cc9.js
18.172.153.14200 OK 29 kB URL HTTP/2 zero.pointlessplay.com/i/3c2d8da22b7aa416fab4696fbd547cc9.js
IP 18.172.153.14:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 9ff95f5238c81576a696a583448c583e
46c640c88c05eff94436e5ec39d6339481623354
30d534c9148cf242f10ad4f5f6cf99fb9555f5b696acbf1970f986d490671f3f
GET /i/3c2d8da22b7aa416fab4696fbd547cc9.js HTTP/1.1
Host: zero.pointlessplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 29069
content-encoding: gzip
server: Caddy
date: Sun, 02 Oct 2022 14:58:23 GMT
cache-control: max-age=43200
expires: Mon, 03 Oct 2022 02:58:23 GMT
etag: "136c1-cNu5okS1rHZvqcM/9a5nqzsiX18"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0d83778457fb41198419fd5b267a3308.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P5
x-amz-cf-id: 9uL92HkRZHF38m3z00iidBbxBwAW4IzqMNWB0zZK_D8pzWaerasDkQ==
age: 11685
X-Firefox-Spdy: h2
cdn.acsbapp.com/cache/app/en.build.json
147.185.239.229200 OK 26 kB URL HTTP/2 cdn.acsbapp.com/cache/app/en.build.json
IP 147.185.239.229:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65461), with no line terminators
Hash 3fd4a300c5e05a5c55bff681930b51d1
15ad8f0aa487d1734f2d52cbc9311ee3f0e37d32
e3bc5841169ed4a15261e089ff2d32e154bb0f945fc8ca11622752a49f036ccf
GET /cache/app/en.build.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Mon, 03 Oct 2022 18:13:08 GMT
content-type: application/json
last-modified: Sat, 01 Oct 2022 13:27:03 GMT
etag: "3b844-63384027-ee5032fcf45b1bda;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 25896
date: Sun, 02 Oct 2022 18:13:08 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 965a43dfae645e95ef92ec6fa232661e
f4032a0c7ab75037730d8b8865e50788f353e971
8b456c52e93958769d377cc84748653ecc99726d5a9a5cf282c02133384f28bb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:13:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.adsrvr.org/up_loader.1.1.0.js
18.164.70.179200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 18.164.70.179:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8dc722d27824e60548fd25752623cd07
33d66ad1a4a162e2d6c9ed732d6c9af79635fc4d
14ce9119fe06fb2d363ba3c824e9f5b3f212f1f39dfab38c836fa13a20daec1b
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 02 Oct 2022 05:47:51 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 3b9738a5b7451fe82218bb5133021350.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: ZoXUO-xW-y1B6nsDO4Ghmvmaa4Sah8KT-JxZnZJDEzpB0y0mUR6o5w==
Age: 44718
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 965a43dfae645e95ef92ec6fa232661e
f4032a0c7ab75037730d8b8865e50788f353e971
8b456c52e93958769d377cc84748653ecc99726d5a9a5cf282c02133384f28bb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:13:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sc-static.net/scevent.min.js
216.137.34.250200 OK 8.8 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 216.137.34.250:0
File type ASCII text, with very long lines (25316), with no line terminators
Hash 5d4285ddd0c228077c66505f012548a8
0fe70aec9189f6bc39397cfe6b627cfe1d8b0e97
9360b9744aeecff2d3b3c2b72ff985e8ba92192cc98ebea2b48886619529f23f
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 8757
server: CloudFront
date: Sun, 02 Oct 2022 18:13:09 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Mon, 03 Oct 2022 17:47:26 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 cbacf5aa8c3f4eb54c61c0a348347df4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: acd3oKY-jr5x1SigiOJc3EvvBtW_Pvcb_zGvHQTejeRb3vxreM_0Pg==
X-Firefox-Spdy: h2
9944765.fls.doubleclick.net/activityi;src=9944765;type=visit0;cat=visit0;ord=1;num=3692194539431;gtm=2wg9s0;auiddc=217394137.1664734389;u8=undefined;u1=undefined;~oref=https%3A%2F%2Fwww.etoro.com%2F%3Fdl%3D30001923%26utm_medium%3DNetworks%26utm_source%3D89099%26utm_content%3D0%26utm_serial%3D166473438610000TNOTV415326358024Vcf%26utm_campaign%3D166473438610000TNOTV415326358024Vcf%26utm_term%3D%26from_lp%3DwhiteLP?
142.250.74.70200 OK 472 B URL HTTP/2 9944765.fls.doubleclick.net/activityi;src=9944765;type=visit0;cat=visit0;ord=1;num=3692194539431;gtm=2wg9s0;auiddc=217394137.1664734389;u8=undefined;u1=undefined;~oref=https%3A%2F%2Fwww.etoro.com%2F%3Fdl%3D30001923%26utm_medium%3DNetworks%26utm_source%3D89099%26utm_content%3D0%26utm_serial%3D166473438610000TNOTV415326358024Vcf%26utm_campaign%3D166473438610000TNOTV415326358024Vcf%26utm_term%3D%26from_lp%3DwhiteLP?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (692), with no line terminators
Hash 190b9794aaf1c287458548650b22ca6c
29073cdc0e31bb094a382feeb3bc73cecefe69f6
7ae9be35d12bcadfb0453906bba905eaf5688ede33305fa1b93b3f33a17c9083
GET /activityi;src=9944765;type=visit0;cat=visit0;ord=1;num=3692194539431;gtm=2wg9s0;auiddc=217394137.1664734389;u8=undefined;u1=undefined;~oref=https%3A%2F%2Fwww.etoro.com%2F%3Fdl%3D30001923%26utm_medium%3DNetworks%26utm_source%3D89099%26utm_content%3D0%26utm_serial%3D166473438610000TNOTV415326358024Vcf%26utm_campaign%3D166473438610000TNOTV415326358024Vcf%26utm_term%3D%26from_lp%3DwhiteLP? HTTP/1.1
Host: 9944765.fls.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 18:13:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 472
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-Oct-2022 18:28:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 222d8568f1824607fac65808c363f6e8
7cdce7edc8a696b9902335973accc3fd9a1eb968
cbb7fcaec39ac0a0d9ade5c05069c8bd62d5c3fe3e09d62100ebcc713498d4eb
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4711
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:13:09 GMT
Last-Modified: Sun, 02 Oct 2022 16:54:38 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
pages.etoro.com/social-connect/superlink_English.php?utm_medium=Networks&utm_source=89099&utm_content=0&utm_serial=166473438610000TNOTV415326358024Vcf&utm_campaign=166473438610000TNOTV415326358024Vcf&utm_term=
172.64.152.107302 Found 398 B URL HTTP/2 pages.etoro.com/social-connect/superlink_English.php?utm_medium=Networks&utm_source=89099&utm_content=0&utm_serial=166473438610000TNOTV415326358024Vcf&utm_campaign=166473438610000TNOTV415326358024Vcf&utm_term=
IP 172.64.152.107:0
File type gzip compressed data, max compression\012- data
Hash 5a9998dc3732f15d817b24017d169287
825636fb778c372628fbf3f119c26cd8002631db
d5c63dc0ce384f7306f7e3fc43f893fd13e2a71fcfebdc6af26a039e976dc810
GET /social-connect/superlink_English.php?utm_medium=Networks&utm_source=89099&utm_content=0&utm_serial=166473438610000TNOTV415326358024Vcf&utm_campaign=166473438610000TNOTV415326358024Vcf&utm_term= HTTP/1.1
Host: pages.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166473438610000TNOTV415326358024Vcf&Custom=&ClickDateTime=2022-10-02T18:13:07.1102403Z&UserUniqueIdentifier=; RequestURL=URL=http://med.etoro.com/aw.aspx?b=15344&a=89099&task=click&subaffiliateid=166473438610000tnotv415326358024vcf
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 02 Oct 2022 18:13:07 GMT
content-type: text/html
location: https://pages.etoro.com/lp/welcome/?dl=30001923&utm_medium=Networks&utm_source=89099&utm_content=0&utm_serial=166473438610000TNOTV415326358024Vcf&utm_campaign=166473438610000TNOTV415326358024Vcf&utm_term=
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
set-cookie: __cf_bm=IX2Ha6Uum_fjr5RJRGQvtTzaFG4ucK8IzPErhPR6BJU-1664734387-0-AQztiUVKBkzoD8AlKvwP9b8orRuaghjrZazyroabsKCmBPvEUMD0YpUgnKKues8bqMmdCSIIOGUfYS56cNrteWjImwXDMv6EwxCh7hNUJdY9; path=/; expires=Sun, 02-Oct-22 18:43:07 GMT; domain=.etoro.com; HttpOnly; Secure; SameSite=None
__cfruid=ebe434ea81ab25f6f33b364388d4ac581ac3bdc3-1664734387; path=/; domain=.etoro.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 753f68ffffbcb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 02b6db128321bff030b71b4a7aec97c8
3fa28f98c33eee6147a0ed4b521034369ad58887
ed279a4cf51d626fbd1d6ed7bf55f8f3b47a277fc1ac51eabf2777cbd09ce699
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:13:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.adalyser.com/adalyser.js?cid=etoro
108.128.154.23200 OK 12 kB URL HTTP/2 c0.adalyser.com/adalyser.js?cid=etoro
IP 108.128.154.23:0
File type ASCII text, with very long lines (31834)
Hash 5301983312500f1fa818e866832a8ede
96c054b07049abe3b764dbcf0f8189055de98e78
24f6c7d7b8467781e61deda43741ad359abebb7efd8b41add68e4bb359cc0867
GET /adalyser.js?cid=etoro HTTP/1.1
Host: c0.adalyser.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:09 GMT
content-type: application/javascript
content-length: 12183
x-powered-by: Express
access-control-allow-headers: origin, content-type, accept
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="ADMa OUR IND DSP NON COR"
etag: "60b9cf4ef4ac6dab5294025f3c443ba3cca92451"
cache-control: public, max-age=21600
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4e61657ea4f7cb4c57b73e49a28ffb80
c482498cb458ff6dda1b3efa6432efdbebb6beb2
b24645e4ad97c96f4f08449d28eafb6923ab6556ba8c7757761a9f3fba927a15
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5132
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:13:09 GMT
Last-Modified: Sun, 02 Oct 2022 16:47:37 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4e61657ea4f7cb4c57b73e49a28ffb80
c482498cb458ff6dda1b3efa6432efdbebb6beb2
b24645e4ad97c96f4f08449d28eafb6923ab6556ba8c7757761a9f3fba927a15
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5132
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:13:09 GMT
Last-Modified: Sun, 02 Oct 2022 16:47:37 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
web1.acsbapp.com/apps/app/dist/media/logomono.svg
138.128.247.123200 OK 1.2 kB URL HTTP/2 web1.acsbapp.com/apps/app/dist/media/logomono.svg
IP 138.128.247.123:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 5a1c5c803738f6acbab0a79379c92c10
9f4639325d9e8e69ccc2bfc30d0f83d7dd11cd79
04009697f389893748179c149cad7b1e399d23a2284637350fe07ad94ffa5350
GET /apps/app/dist/media/logomono.svg HTTP/1.1
Host: web1.acsbapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Mon, 02 Oct 2023 18:13:09 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Sep 2022 21:02:04 GMT
etag: "1034-6332134c-7705bf7dfc5e498d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1210
date: Sun, 02 Oct 2022 18:13:09 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2
tr.snapchat.com/p
35.190.43.134200 OK 68 B IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
POST /p HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------235654972137130650962831963869
Content-Length: 2556
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:09 GMT
access-control-allow-origin: https://www.etoro.com
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIQgEsIlIMBwHjKPoT8Hw336P3eFXdvgRmLakV8hRpC6wNm1mkQiDZY3+EP5SHDIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 5
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4e61657ea4f7cb4c57b73e49a28ffb80
c482498cb458ff6dda1b3efa6432efdbebb6beb2
b24645e4ad97c96f4f08449d28eafb6923ab6556ba8c7757761a9f3fba927a15
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5132
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:13:09 GMT
Last-Modified: Sun, 02 Oct 2022 16:47:37 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
c0.adalyser.com/tracking/track/v3/p?stm=1664734389027&e=lce1&url=https%3A%2F%2Fwww.etoro.com%2F%3Fdl%3D30001923%26utm_medium%3DNetworks%26utm_source%3D89099%26utm_content%3D0%26utm_serial%3D166473438610000TNOTV415326358024Vcf%26utm_campaign%3D166473438610000TNOTV415326358024Vcf%26utm_term%3D%26from_lp%3DwhiteLP&cid=etoro&p=%7B%22et%22%3A1664734389025%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Unknown%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%2289099%22%2C%22me%22%3A%22Networks%22%2C%22ca%22%3A%22166473438610000TNOTV415326358024Vcf%22%2C%22co%22%3A%220%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A2%2C%22sid%22%3A%2223bd9854-d149-482a-b0be-f6970a633c1b%22%2C%22duid%22%3A%222e9f5a37-3914-4fcd-9f70-7087beb422ca%22%2C%22cw%22%3A1664734389025%7D&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&domain=www.etoro.com
108.128.154.23200 OK 43 B URL HTTP/2 c0.adalyser.com/tracking/track/v3/p?stm=1664734389027&e=lce1&url=https%3A%2F%2Fwww.etoro.com%2F%3Fdl%3D30001923%26utm_medium%3DNetworks%26utm_source%3D89099%26utm_content%3D0%26utm_serial%3D166473438610000TNOTV415326358024Vcf%26utm_campaign%3D166473438610000TNOTV415326358024Vcf%26utm_term%3D%26from_lp%3DwhiteLP&cid=etoro&p=%7B%22et%22%3A1664734389025%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Unknown%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%2289099%22%2C%22me%22%3A%22Networks%22%2C%22ca%22%3A%22166473438610000TNOTV415326358024Vcf%22%2C%22co%22%3A%220%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A2%2C%22sid%22%3A%2223bd9854-d149-482a-b0be-f6970a633c1b%22%2C%22duid%22%3A%222e9f5a37-3914-4fcd-9f70-7087beb422ca%22%2C%22cw%22%3A1664734389025%7D&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&domain=www.etoro.com
IP 108.128.154.23:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /tracking/track/v3/p?stm=1664734389027&e=lce1&url=https%3A%2F%2Fwww.etoro.com%2F%3Fdl%3D30001923%26utm_medium%3DNetworks%26utm_source%3D89099%26utm_content%3D0%26utm_serial%3D166473438610000TNOTV415326358024Vcf%26utm_campaign%3D166473438610000TNOTV415326358024Vcf%26utm_term%3D%26from_lp%3DwhiteLP&cid=etoro&p=%7B%22et%22%3A1664734389025%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Unknown%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%2289099%22%2C%22me%22%3A%22Networks%22%2C%22ca%22%3A%22166473438610000TNOTV415326358024Vcf%22%2C%22co%22%3A%220%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A2%2C%22sid%22%3A%2223bd9854-d149-482a-b0be-f6970a633c1b%22%2C%22duid%22%3A%222e9f5a37-3914-4fcd-9f70-7087beb422ca%22%2C%22cw%22%3A1664734389025%7D&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&domain=www.etoro.com HTTP/1.1
Host: c0.adalyser.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:09 GMT
content-type: image/gif
content-length: 43
x-powered-by: Express
access-control-allow-headers: origin, content-type, accept
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="ADMa OUR IND DSP NON COR"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
etag: W/"2b-B//0C13UlayirE4cP7xgqg"
X-Firefox-Spdy: h2
tr.snapchat.com/cm/i?pid=2b300842-74be-4e72-8ed5-3bab9449a996&u_scsid=7ee5c42f-2043-4ca9-bf75-997f5abd7c7d&u_sclid=8af53f08-df13-429e-a7dc-359ba62d9e61
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=2b300842-74be-4e72-8ed5-3bab9449a996&u_scsid=7ee5c42f-2043-4ca9-bf75-997f5abd7c7d&u_sclid=8af53f08-df13-429e-a7dc-359ba62d9e61
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=2b300842-74be-4e72-8ed5-3bab9449a996&u_scsid=7ee5c42f-2043-4ca9-bf75-997f5abd7c7d&u_sclid=8af53f08-df13-429e-a7dc-359ba62d9e61 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIQgEsIlIMBwHjKPoT8Hw336P3eFXdvgRmLakV8hRpC6wNm1mkQiDZY3+EP5SHDIAAAA=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:09 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ab779588f01243aca896d41395f8bd90
b8ef2d7cdc6366c283db0d608766a126dce37164
5531deca73d8380883740395d82457f4d39761134404876881242e2135b1546a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:13:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8c665d81a8995febfec300bd9f554c90
aa3599f282cff5e07d5681ec4854b70a82590f6d
57cd30b987eb23f54208b51c04daefd3657fdd84325f4035817b32e4ad5b5461
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:13:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
insight.adsrvr.org/track/up?adv=ucnwrwt&ref=https%3A%2F%2Fwww.etoro.com%2F%3Fdl%3D30001923%26utm_medium%3DNetworks%26utm_source%3D89099%26utm_content%3D0%26utm_serial%3D166473438610000TNOTV415326358024Vcf%26utm_campaign%3D166473438610000TNOTV415326358024Vcf%26utm_term%3D%26from_lp%3DwhiteLP&upid=jxpewqr&upv=1.1.0&td1=visit
15.197.193.217302 Found 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=ucnwrwt&ref=https%3A%2F%2Fwww.etoro.com%2F%3Fdl%3D30001923%26utm_medium%3DNetworks%26utm_source%3D89099%26utm_content%3D0%26utm_serial%3D166473438610000TNOTV415326358024Vcf%26utm_campaign%3D166473438610000TNOTV415326358024Vcf%26utm_term%3D%26from_lp%3DwhiteLP&upid=jxpewqr&upv=1.1.0&td1=visit
IP 15.197.193.217:0
GET /track/up?adv=ucnwrwt&ref=https%3A%2F%2Fwww.etoro.com%2F%3Fdl%3D30001923%26utm_medium%3DNetworks%26utm_source%3D89099%26utm_content%3D0%26utm_serial%3D166473438610000TNOTV415326358024Vcf%26utm_campaign%3D166473438610000TNOTV415326358024Vcf%26utm_term%3D%26from_lp%3DwhiteLP&upid=jxpewqr&upv=1.1.0&td1=visit HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 02 Oct 2022 18:13:09 GMT
content-type: text/html; charset=utf-8
location: https://match.adsrvr.org/track/upb/?adv=ucnwrwt&ref=https%3A%2F%2Fwww.etoro.com%2F%3Fdl%3D30001923%26utm_medium%3DNetworks%26utm_source%3D89099%26utm_content%3D0%26utm_serial%3D166473438610000TNOTV415326358024Vcf%26utm_campaign%3D166473438610000TNOTV415326358024Vcf%26utm_term%3D%26from_lp%3DwhiteLP&upid=jxpewqr&upv=1.1.0&td1=visit
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=a42f7e27-445d-42e4-9b71-cb16d98a8a6e; domain=.adsrvr.org; expires=Mon, 02-Oct-2023 18:13:09 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
popmyads.com/serve/52264/48075/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxLmNvbQ==
104.21.54.194200 OK 0 B URL HTTP/2 popmyads.com/serve/52264/48075/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxLmNvbQ==
IP 104.21.54.194:0
GET /serve/52264/48075/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxLmNvbQ== HTTP/1.1
Host: popmyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:05 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7TDktzSYm%2FWGc1YctA4y8EkWqOaZ49n29QQlIevEl21nysApSMQSWnx5sa5H8iRn4hlBozxK1ses56IK2%2F7s0D4YhnzEksAOIAnul9BYXXZL7D678%2BqIAJRb2otMe8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 753f68f75f8eb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tr.snapchat.com/init?pids=2b300842-74be-4e72-8ed5-3bab9449a996
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/init?pids=2b300842-74be-4e72-8ed5-3bab9449a996
IP 35.190.43.134:0
GET /init?pids=2b300842-74be-4e72-8ed5-3bab9449a996 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:09 GMT
access-control-allow-origin: https://www.etoro.com
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
104.18.41.98200 OK 0 B URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP 104.18.41.98:0
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:07 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 753f690389fab51e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
acsbapp.com/apps/app/dist/js/app.js
138.128.247.123200 OK 0 B URL HTTP/2 acsbapp.com/apps/app/dist/js/app.js
IP 138.128.247.123:0
GET /apps/app/dist/js/app.js HTTP/1.1
Host: acsbapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Mon, 03 Oct 2022 18:13:07 GMT
content-type: application/x-javascript
last-modified: Sat, 01 Oct 2022 13:25:58 GMT
etag: "6ab01-63383fe6-af3ebb833015feec;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 142423
date: Sun, 02 Oct 2022 18:13:07 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/1871831/visit-data?sv=6
63.34.182.251200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/1871831/visit-data?sv=6
IP 63.34.182.251:0
POST /api/v2/client/sites/1871831/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 148
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:08 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
goosebomb.com/gogate/etoro/30/index.html?action=166473438610000TNOTV415326358024Vcf
104.21.71.116200 OK 0 B URL HTTP/2 goosebomb.com/gogate/etoro/30/index.html?action=166473438610000TNOTV415326358024Vcf
IP 104.21.71.116:0
GET /gogate/etoro/30/index.html?action=166473438610000TNOTV415326358024Vcf HTTP/1.1
Host: goosebomb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:06 GMT
content-type: text/html
x-guploader-uploadid: ADPycdsiXVqCNxQQxeqh4haeqim64M2jGxtfdSjtnWSHFEZviNPpzoTG5QHIBWRzVaLDe_n-hyUlgEtK0ltlA8Zub3eFD2VljY90
expires: Sun, 02 Oct 2022 19:13:06 GMT
cache-control: public, max-age=3600
last-modified: Tue, 09 Mar 2021 12:58:00 GMT
x-goog-generation: 1615294680212970
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1290
x-goog-meta-goog-reserved-file-mtime: 1614945425
content-language: en
x-goog-hash: crc32c=UoRtCQ==, md5=3Wwo7SVOo9a6wHpjc59h4w==
x-goog-storage-class: STANDARD
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSMS5TWM0UzATdFv3J6uGj%2FX0D%2FCgG0tTvl6yPtImsFm6PQSwAXrf6RAnKjMXvz584N5%2B9M0JoBPyepzepE5SfPdKz3941wQ7wmhx%2B5jzF5LK2tLPfSMxx22QDOWhsxy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 753f68fbfc50b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tr.snapchat.com/collector/is_enabled?pids=2b300842-74be-4e72-8ed5-3bab9449a996&tld=com
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/collector/is_enabled?pids=2b300842-74be-4e72-8ed5-3bab9449a996&tld=com
IP 35.190.43.134:0
GET /collector/is_enabled?pids=2b300842-74be-4e72-8ed5-3bab9449a996&tld=com HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:13:09 GMT
access-control-allow-origin: https://www.etoro.com
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2