anonymfile.com/qrE7/amongusv2202changename.bat?PageSpeed=noscript
138.201.48.112301 Moved Permanently 162 B URL HTTP/1.1 anonymfile.com/qrE7/amongusv2202changename.bat?PageSpeed=noscript
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /qrE7/amongusv2202changename.bat?PageSpeed=noscript HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 27 Sep 2022 18:38:56 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://anonymfile.com/qrE7/amongusv2202changename.bat?PageSpeed=noscript
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 18:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LmzBe8ku4Zpb9S4noZlH-qCy__rd0Oz8NI7hCN1Km9CB89CC9Vvenw==
Age: 1406
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5637
Expires: Tue, 27 Sep 2022 20:12:54 GMT
Date: Tue, 27 Sep 2022 18:38:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bIJDrm6xo84LiENC83_8hoWB4aqAJiSf-I7FroiylVm927ECZILayw==
age: 33284
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 18:38:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash db517f5670cbf60f6c8300126977bf8c
532461aadb1e4d1bff81f685768d76f77ccf1f70
7ce278844f4b49970498f2e8ccb133f03fdaeabe3abecabec38eeb7ec7a66a92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5604
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 18:38:57 GMT
Last-Modified: Tue, 27 Sep 2022 17:05:33 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash db517f5670cbf60f6c8300126977bf8c
532461aadb1e4d1bff81f685768d76f77ccf1f70
7ce278844f4b49970498f2e8ccb133f03fdaeabe3abecabec38eeb7ec7a66a92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5604
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 18:38:57 GMT
Last-Modified: Tue, 27 Sep 2022 17:05:33 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash db517f5670cbf60f6c8300126977bf8c
532461aadb1e4d1bff81f685768d76f77ccf1f70
7ce278844f4b49970498f2e8ccb133f03fdaeabe3abecabec38eeb7ec7a66a92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4895
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 18:38:57 GMT
Last-Modified: Tue, 27 Sep 2022 17:17:22 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash db517f5670cbf60f6c8300126977bf8c
532461aadb1e4d1bff81f685768d76f77ccf1f70
7ce278844f4b49970498f2e8ccb133f03fdaeabe3abecabec38eeb7ec7a66a92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5604
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 18:38:57 GMT
Last-Modified: Tue, 27 Sep 2022 17:05:33 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash db517f5670cbf60f6c8300126977bf8c
532461aadb1e4d1bff81f685768d76f77ccf1f70
7ce278844f4b49970498f2e8ccb133f03fdaeabe3abecabec38eeb7ec7a66a92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6217
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 18:38:57 GMT
Last-Modified: Tue, 27 Sep 2022 16:55:20 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js
104.17.24.14200 OK 15 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (58940)
Hash 28dbaeb9aa2638e0c4e6d9ffd3d14e9d
3208ed3741e60986bbed3fd759cdfd3b4fa7cf06
ababbb021f57966e125b8e296f9515f38d906b462697f7835e6914465dd0d362
GET /ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 18:38:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 14584
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6161dfe3-38f8"
last-modified: Sat, 09 Oct 2021 18:30:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 4746883
expires: Sun, 17 Sep 2023 18:38:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8wxX5MvCHDcv1c5x5p7IDklC%2Fcdm%2F2IwlF1g9eoySxEVq7BKiGKNMyj9jQOS4wjfHXh3%2BKybBTyXjdbnA6%2BQzl4PKIuRkKe8vZV5hqI4I2Bfna%2B8lVZlNFRpRH0wEqOFUD0a6Cq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75165bf99be90b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js
104.17.24.14200 OK 30 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65370)
Hash d18c98bb03dac8dd996130d56f3d8e8c
cc1777baef75c9438534927036a21f22e91e5578
89a5585efd3c48a3870d383705937d51bb2a3a776eb01805a2629dd7a28e3c2e
GET /ajax/libs/filepond/4.30.3/filepond.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 18:38:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 29707
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "615c7e96-740b"
last-modified: Tue, 05 Oct 2021 16:34:30 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5347825
expires: Sun, 17 Sep 2023 18:38:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2vR98r%2BaCfYWbBipncPvpCvQiIEr7jtxfLJ%2Fouh%2B%2F%2BBRvMP6DjwCcXUU8dHtOGPrgNZG1UChzxFuk%2F1DB9hr98Ne0BHQ2or%2FNhfeJ7G4i%2BRXibGEyZ%2B5UvVxMIBhwDsn3HJC4Bv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75165bf99be60b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js
104.17.24.14200 OK 3.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (10584)
Hash e34a4db0b42ca907e0b7a56cd4b145ec
2dc36a7dcdfc42d122b23ef91483d27865c4285f
4b2a908e8d2c23d19da5e9ef4c6c77e7c6e8823b7aeb93233723f366ff6d217a
GET /ajax/libs/clipboard.js/2.0.8/clipboard.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 18:38:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 3000
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6049431e-29b4"
last-modified: Wed, 10 Mar 2021 22:07:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 692885
expires: Sun, 17 Sep 2023 18:38:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MmR5%2FgVfJnwjEoLozlxXRBg81YhRajJ0ZZDMguGT2ul%2BxcGnKA9tzIbJW9ZOW5VLUAKWoFn6gK%2B9flUHYIZP%2F0CH4eHC%2BSzKGcKsDc9vi9fnnRWFsQJuAdJP%2FGyMslJEGNDDcOL%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75165bf99bee0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65447)
Hash d900ca08873ee57d40616d39a44cc0aa
7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 18:38:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5349158
expires: Sun, 17 Sep 2023 18:38:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GCkTBUr6jDX4ttcXUJcGWwgsUsG6v9Laoj9iecS37IsHHfdhUtM%2BTDg7phhWRIAkMJGGroRzJAvBHXoX3QOqw6lOeMzRus7kJ1rMQUi7LKxeCJ%2FppnzqMTJtmtqyYt7fSr975NO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75165bf99bec0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js
104.17.24.14200 OK 6.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (18706)
Hash 3773d4bd82b03cdfd02c9fd691f80d78
c4d89a2de179c90944835571b45877048f3c1424
5d05303e3777fd4f588b7167d0a22cd5ca499c238f78ec0cecbb3a8786de332d
GET /ajax/libs/popper.js/2.10.2/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 18:38:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 6037
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6155af49-1795"
last-modified: Thu, 30 Sep 2021 12:36:25 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7346746
expires: Sun, 17 Sep 2023 18:38:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlmuPQuiqlNQOeSpRzOIgPefYvH7zqlgoeOouvtQRyjn1nar%2FKeh8T8Qo%2B4LFYAmM1sVmEHHUsZUuX5ekdf77zThmSv1ISsHRiVag24sDX608RcxuXuE731dZNnfzg4QeDYghk%2FI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75165bf99bfc0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/sweetalert2@11
151.101.85.229200 OK 19 kB URL HTTP/2 cdn.jsdelivr.net/npm/sweetalert2@11
IP 151.101.85.229:0
File type Unicode text, UTF-8 text, with very long lines (44107)
Hash 9e240a77f41a5e64270b9a70bc6fcdc2
c3ba2a8b76dce82a277975be84d16e31841f2735
ea61181bbe0a43b420bf412b69089d8d7f8a3291065e363bd74bb4d8064a868d
GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.4.34
x-jsd-version-type: version
etag: W/"110e4-pdwMPOTWAMiF52GtK0COlg85mRU"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 18:38:57 GMT
age: 33748
x-served-by: cache-fra19174-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19184
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash db517f5670cbf60f6c8300126977bf8c
532461aadb1e4d1bff81f685768d76f77ccf1f70
7ce278844f4b49970498f2e8ccb133f03fdaeabe3abecabec38eeb7ec7a66a92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5604
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 18:38:57 GMT
Last-Modified: Tue, 27 Sep 2022 17:05:33 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
anonymfile.com/js/site.js
138.201.48.112200 OK 2.0 kB URL HTTP/2 anonymfile.com/js/site.js
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (5640)
Hash a779d1605363c034784168e0553fee12
203adaeac5eec419f7bdf4ba6840c9378c9692e5
0ac5db7b1ae244540526d4c971799e4c8ba3f5921dda88b94d10d2cb6a730bc6
GET /js/site.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/qrE7/amongusv2202changename.bat?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6IjBIcUtFU2lKT3U4eWtESWpjTUlQUHc9PSIsInZhbHVlIjoiYjE0TTRGR1BrRnZxb1h6NDZHOUNETE1DNnVIc0lIM3ptL0RhLzFuL2Jham9FRW5HdlRRRjdGZlFjbWpYT2VLZ2JFcmtSU2JSTjQ0UXE5WUltMnViWWF6djJXbmVtVkRKZjlzK1ZjUkxRQkdVaHNCa0RzVEt2czdlQXJKRGpmWEQiLCJtYWMiOiIxOGMwNTE2NDBiODI1MjEzMGVmOWEzZmVkMjljYmViODRhZTNkMTFkMWU5NDVhYTlkZGE4MjAzMjM3OTVmM2MxIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik1id2lvaVRLK1BWeEFhV0xSQ0RpaHc9PSIsInZhbHVlIjoiWE03ZkFWUW82SUF0Z0ZPaTZUanNEOWhDZUhVMXVGdmVpaWNnTjVzeEtzQWxnQ0lDUFNIZkQ4RVpNSmdFMURSdXh2THg1R0J1RG5rVEx2OHJNUVo2dVBSVE4reHgva0xwV3lNUGsvVGJ5S1hucUhZWnpKclhYZ3VqdUY2SEdyYkIiLCJtYWMiOiJlNTlhOWVmM2RkMDA3MTY3Zjk0NWIyNzg2MGEzZDg4NzdhNDcxNzBkZmQ2ODgzZDUxZDMxMWNkNWE3YjdjZjFlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-original-content-length: 9351
vary: Accept-Encoding
content-encoding: gzip
content-length: 1993
etag: W/"PSA-aj-ZD_qAZjk-5"
date: Tue, 27 Sep 2022 18:38:57 GMT
expires: Tue, 27 Sep 2022 18:43:16 GMT
cache-control: max-age=258
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash a1f25e5cb13bb8f84edc6b71cb02f393
025c90eae95f549c80097adab84e1f8e675f31f6
eb7aff72066168cb62bbb5a90a5b93c8445aa38fda36763589ad4f96a7bcd0f2
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 18:38:57 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "456E6E4E1C80B1FDAF788BE256634D4CFD33B6A3"
Expires: Wed, 28 Sep 2022 05:00:00 GMT
Last-Modified: Tue, 27 Sep 2022 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2381
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75165bfa2b870b69-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 18:10:46 GMT
Expires: Tue, 27 Sep 2022 19:04:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: H_zxmbDuN7KUhDtxWCG3u81c2cBqEp5ZrKSEDjD8r5p7q0uet_leWQ==
Age: 1691
anonymfile.com/img/main/footer.webp
138.201.48.112200 OK 178 kB URL HTTP/2 anonymfile.com/img/main/footer.webp
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image\012- data
Size 178 kB (178070 bytes)
Hash 79ccb3a1b78412a1a530284f45ea7056
626d0494e1bd871e67ecffad44d04ac2343fb7e5
3d4e83b59664d7a779fa777d4ee0e17a1bc09302f9b9cde60815a3142256d8b8
GET /img/main/footer.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/qrE7/amongusv2202changename.bat?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6IjBIcUtFU2lKT3U4eWtESWpjTUlQUHc9PSIsInZhbHVlIjoiYjE0TTRGR1BrRnZxb1h6NDZHOUNETE1DNnVIc0lIM3ptL0RhLzFuL2Jham9FRW5HdlRRRjdGZlFjbWpYT2VLZ2JFcmtSU2JSTjQ0UXE5WUltMnViWWF6djJXbmVtVkRKZjlzK1ZjUkxRQkdVaHNCa0RzVEt2czdlQXJKRGpmWEQiLCJtYWMiOiIxOGMwNTE2NDBiODI1MjEzMGVmOWEzZmVkMjljYmViODRhZTNkMTFkMWU5NDVhYTlkZGE4MjAzMjM3OTVmM2MxIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik1id2lvaVRLK1BWeEFhV0xSQ0RpaHc9PSIsInZhbHVlIjoiWE03ZkFWUW82SUF0Z0ZPaTZUanNEOWhDZUhVMXVGdmVpaWNnTjVzeEtzQWxnQ0lDUFNIZkQ4RVpNSmdFMURSdXh2THg1R0J1RG5rVEx2OHJNUVo2dVBSVE4reHgva0xwV3lNUGsvVGJ5S1hucUhZWnpKclhYZ3VqdUY2SEdyYkIiLCJtYWMiOiJlNTlhOWVmM2RkMDA3MTY3Zjk0NWIyNzg2MGEzZDg4NzdhNDcxNzBkZmQ2ODgzZDUxZDMxMWNkNWE3YjdjZjFlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
content-length: 178070
etag: "62f35b9c-2b796"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Tue, 27 Sep 2022 18:38:16 GMT
expires: Tue, 27 Sep 2022 18:43:16 GMT
cache-control: s-maxage=10
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1081
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 18:38:57 GMT
Last-Modified: Tue, 27 Sep 2022 18:20:56 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
anonymfile.com/img/logo-anon-warning.png
138.201.48.112200 OK 22 kB URL HTTP/2 anonymfile.com/img/logo-anon-warning.png
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced\012- data
Hash 4332367bd6f2c12da86e4ab20157daef
027b329b8b50972ee035b4e4f3cb9a3c080aba31
a7a91652e8153a80b1270b5fdb1d1e1e880ad9580e298040df1ed1b024699eb4
GET /img/logo-anon-warning.png HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/qrE7/amongusv2202changename.bat?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6IjBIcUtFU2lKT3U4eWtESWpjTUlQUHc9PSIsInZhbHVlIjoiYjE0TTRGR1BrRnZxb1h6NDZHOUNETE1DNnVIc0lIM3ptL0RhLzFuL2Jham9FRW5HdlRRRjdGZlFjbWpYT2VLZ2JFcmtSU2JSTjQ0UXE5WUltMnViWWF6djJXbmVtVkRKZjlzK1ZjUkxRQkdVaHNCa0RzVEt2czdlQXJKRGpmWEQiLCJtYWMiOiIxOGMwNTE2NDBiODI1MjEzMGVmOWEzZmVkMjljYmViODRhZTNkMTFkMWU5NDVhYTlkZGE4MjAzMjM3OTVmM2MxIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik1id2lvaVRLK1BWeEFhV0xSQ0RpaHc9PSIsInZhbHVlIjoiWE03ZkFWUW82SUF0Z0ZPaTZUanNEOWhDZUhVMXVGdmVpaWNnTjVzeEtzQWxnQ0lDUFNIZkQ4RVpNSmdFMURSdXh2THg1R0J1RG5rVEx2OHJNUVo2dVBSVE4reHgva0xwV3lNUGsvVGJ5S1hucUhZWnpKclhYZ3VqdUY2SEdyYkIiLCJtYWMiOiJlNTlhOWVmM2RkMDA3MTY3Zjk0NWIyNzg2MGEzZDg4NzdhNDcxNzBkZmQ2ODgzZDUxZDMxMWNkNWE3YjdjZjFlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 21479
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-original-content-length: 40729
etag: W/"PSA-aj-QzI2e9bywS"
date: Tue, 27 Sep 2022 18:38:57 GMT
expires: Tue, 27 Sep 2022 18:42:39 GMT
cache-control: max-age=221
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 348b8e9ff9789e9d04b35565f1f4a16e
a389fe1e390d2177191f58967c5291e9fcf8fea9
42393bbebc5bda5422c410adb413ddebf976d70fea8ca3ae50bd8dfddee645df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "42393BBEBC5BDA5422C410ADB413DDEBF976D70FEA8CA3AE50BD8DFDDEE645DF"
Last-Modified: Sun, 25 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4593
Expires: Tue, 27 Sep 2022 19:55:31 GMT
Date: Tue, 27 Sep 2022 18:38:58 GMT
Connection: keep-alive
push.services.mozilla.com/
52.41.246.187101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.246.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: p+w0auGo1NZ0OICQhWNDsg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8BlmSauFbyoqE3CjFcMszl9dU/4=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b02c0c94200033af34cda15ebbbb1d52
52e6a79df678c5d1a8288fb63fd6ac86107b30b9
52b73249d787244356d8fadc4ee2c73acfaa25ec2586b3cd5f00dba23148f94b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52B73249D787244356D8FADC4EE2C73ACFAA25EC2586B3CD5F00DBA23148F94B"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18294
Expires: Tue, 27 Sep 2022 23:43:52 GMT
Date: Tue, 27 Sep 2022 18:38:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 443e5e20577c62eca8d2f78b07b9ebf0
b01aea00b91987ada595a45daaf1ac0d0e665b6a
eab28ed0dcb51bf3ee024b4ccaa3cf1f2770e0fa191e45fc8465a4f3e9e4de09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EAB28ED0DCB51BF3EE024B4CCAA3CF1F2770E0FA191E45FC8465A4F3E9E4DE09"
Last-Modified: Sun, 25 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6250
Expires: Tue, 27 Sep 2022 20:23:08 GMT
Date: Tue, 27 Sep 2022 18:38:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 27e98fe1cd3e7042342c4107565b2176
d643a703ff771e88cedf6626d4d6537c3951d8bd
fb817eeb13578a3daa360dc6769fbac02ae3dc903449efee995f7570ab76465b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB817EEB13578A3DAA360DC6769FBAC02AE3DC903449EFEE995F7570AB76465B"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3664
Expires: Tue, 27 Sep 2022 19:40:02 GMT
Date: Tue, 27 Sep 2022 18:38:58 GMT
Connection: keep-alive
pseepsie.com/zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3=
139.45.197.250200 OK 664 B URL HTTP/2 pseepsie.com/zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (663)
Hash 924f83d583902548517c3327ff8e4493
7d5ea76f95d862b44558e6428f0a0d2bb20e2b0c
92e16e70459ff85e5803ded19d1f535cb6197a2b1eda7b254cb663b81908147c
GET /zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3= HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 18:38:58 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: f7e1b882f7e557c29171bd20905bacfe
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
tovanillitechan.com/1?z=5307589
139.45.197.239200 OK 4.0 kB URL HTTP/2 tovanillitechan.com/1?z=5307589
IP 139.45.197.239:0
Hash 4a8196ff131568321d28d8f91e1c3100
0ba8da13fcaac5cc681ba657e7f6ab222dc57ee3
dfc8b86740060ca2af6c10c2331d770e0fbd9fb818e12857d3fdfe44c0a1039d
GET /1?z=5307589 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 18:38:58 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 90cfa69836e253b27ab179c3864d2eee
access-control-expose-headers: X-Sc
x-sc: Q7erS8XHQ7Kr8aSzu1tpbKLVGbBsDqUDpbVqyJTDP6DCk_1mi3-c825M3cTj9pNmafCvHV89V8--XTvj_ONCdPTSC1k=
set-cookie: scm=1; expires=Wed, 27 Sep 2023 18:38:58 GMT; secure; SameSite=None
OAID=89c83c727ea5460fa8aa7dfbfb9e6017; expires=Wed, 27 Sep 2023 18:38:58 GMT; secure; SameSite=None
oaidts=1664303938; expires=Wed, 27 Sep 2023 18:38:58 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
tovanillitechan.com/42/38?z=5307589
139.45.197.239200 OK 0 B URL HTTP/2 tovanillitechan.com/42/38?z=5307589
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /42/38?z=5307589 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=89c83c727ea5460fa8aa7dfbfb9e6017; oaidts=1664303938
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 18:38:58 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 6f2cfc4b0bb3b4682ffa1d19a7f7082d
access-control-expose-headers: X-Sc
set-cookie: OAID=89c83c727ea5460fa8aa7dfbfb9e6017; expires=Wed, 27 Sep 2023 18:38:58 GMT; secure; SameSite=None
oaidts=1664303938; expires=Wed, 27 Sep 2023 18:38:58 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.253200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonymfile.com
Content-Length: 1553
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 27 Sep 2022 18:38:58 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://anonymfile.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 0869109d63ef5270595fb34384023a90
f2ec69fdaca2a0327cd3599ac05d0051df3dee41
c4a67afda7094519228049f837e2e0c1674148bd2e564ae2dccc3458bbdb9ed4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 18:38:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=473779,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75165bfe5d26b4f4-OSL
my.rtmark.net/gid.js?userId=d75739741e554c08b0ca0d6aaf0a604f
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=d75739741e554c08b0ca0d6aaf0a604f
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 17c7455f8228958d276b67268994d70e
cdf4eb5f3b63bb68231408cfc1f1fa98fe269dd1
578f285846e367bd48da7bb647f18d4bf6d93f65a2d3a4c3abc3040900aeeef6
GET /gid.js?userId=d75739741e554c08b0ca0d6aaf0a604f HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 18:38:58 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d75739741e554c08b0ca0d6aaf0a604f; expires=Wed, 27 Sep 2023 18:38:58 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
tovanillitechan.com/27/b7bd02994a2771796f8a835cfb750d4b
139.45.197.239200 OK 132 kB URL HTTP/2 tovanillitechan.com/27/b7bd02994a2771796f8a835cfb750d4b
IP 139.45.197.239:0
Size 132 kB (131748 bytes)
Hash b3a00440607ddc4692cb42402aebfc97
9c12fa443396ac48449874759acd7555cc27d87f
9106ad7ae72f8606f9cb69dce2768c365855843726569d70b90bb0dbcbd6cdc7
GET /27/b7bd02994a2771796f8a835cfb750d4b HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=89c83c727ea5460fa8aa7dfbfb9e6017; oaidts=1664303938
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 18:38:58 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 22 Sep 2022 08:42:06 GMT
expires: Thu, 22 Oct 2082 08:42:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
tovanillitechan.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FqrE7%2Famongusv2202changename.bat%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=d75739741e554c08b0ca0d6aaf0a604f
139.45.197.239204 No Content 0 B URL HTTP/2 tovanillitechan.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FqrE7%2Famongusv2202changename.bat%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=d75739741e554c08b0ca0d6aaf0a604f
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FqrE7%2Famongusv2202changename.bat%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=d75739741e554c08b0ca0d6aaf0a604f HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 18:38:58 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
pseepsie.com/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
OPTIONS /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 18:38:58 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
pseepsie.com/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
OPTIONS /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 18:38:58 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
pseepsie.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Malware
POST /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 415
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 18:38:58 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 3156d5ec750ae35feb828fcc05194757
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
pseepsie.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Malware
POST /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 799
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 18:38:58 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 269785d09bb4246e6b4246c74f0b2c54
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
onmarshtompor.com/?rb=O-Lce1IRFPblS1_qgc7a4zTJ_WGDtUQ1nQkxeMbMM_C5TP8v--xO1zDr_Zv4vr4TqiILFh_7TY2xOMcNK5gCX24mYhG9ap8sFFjop9KlpuafTYkkiBlHEmVreYDHgNl94sJv4Qe-yrWJaY00DeTmCg5UzM7jVF7Itpz4p8pNQ8TLwiGOX1opS4DPRJNjPhg7WqLl1M7_HXOZgrf8SqryFhuYZcY%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FqrE7%2Famongusv2202changename.bat%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=0972e9b0-c22d-4c93-9e18-6601f5dd5b1b&userId=d75739741e554c08b0ca0d6aaf0a604f&m=link
139.45.197.243200 OK 4.9 kB URL HTTP/2 onmarshtompor.com/?rb=O-Lce1IRFPblS1_qgc7a4zTJ_WGDtUQ1nQkxeMbMM_C5TP8v--xO1zDr_Zv4vr4TqiILFh_7TY2xOMcNK5gCX24mYhG9ap8sFFjop9KlpuafTYkkiBlHEmVreYDHgNl94sJv4Qe-yrWJaY00DeTmCg5UzM7jVF7Itpz4p8pNQ8TLwiGOX1opS4DPRJNjPhg7WqLl1M7_HXOZgrf8SqryFhuYZcY%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FqrE7%2Famongusv2202changename.bat%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=0972e9b0-c22d-4c93-9e18-6601f5dd5b1b&userId=d75739741e554c08b0ca0d6aaf0a604f&m=link
IP 139.45.197.243:0
File type JSON data\012- , ASCII text, with very long lines (9998), with no line terminators
Hash 88b47f189f3fb04f9caf73800fb7c11b
85922e869dd4a2ae4229f7f5cb6b469dba2d61a7
49e113ff0f77cec2bd1816089187012e4954433725c09454225a40ff86812507
GET /?rb=O-Lce1IRFPblS1_qgc7a4zTJ_WGDtUQ1nQkxeMbMM_C5TP8v--xO1zDr_Zv4vr4TqiILFh_7TY2xOMcNK5gCX24mYhG9ap8sFFjop9KlpuafTYkkiBlHEmVreYDHgNl94sJv4Qe-yrWJaY00DeTmCg5UzM7jVF7Itpz4p8pNQ8TLwiGOX1opS4DPRJNjPhg7WqLl1M7_HXOZgrf8SqryFhuYZcY%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FqrE7%2Famongusv2202changename.bat%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=0972e9b0-c22d-4c93-9e18-6601f5dd5b1b&userId=d75739741e554c08b0ca0d6aaf0a604f&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 18:38:58 GMT
content-type: application/json
x-trace-id: ca884f017df74c8ee69d553de912980e
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=d75739741e554c08b0ca0d6aaf0a604f; expires=Wed, 27 Sep 2023 18:38:58 GMT; path=/; secure; SameSite=None
oaidts=1664303938; expires=Wed, 27 Sep 2023 18:38:58 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 04 Oct 2022 18:38:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
tovanillitechan.com/121?rnd=3737602821&z=5307589&b=14993070&c=6131524&var=&d=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3D%7Badformat%7D%26banner%3D14993070%26os%3D%7Bos%7D%26country%3D%7Bcountry%7D%26zoneid%3D5307589%26zone_type%3D%7Bzone_type%7D%26cost%3D%7Bcost%7D%26campaignid%3D6131524%26clickid%3D598696717669380096%26device%3D%7Bdevice%7D%26browser%3D%7Bbrowser%7D%26connection.type%3D%7Bconnection.type%7D%26browserversion%3D%7Bbrowserversion%7D%26carrier%3D%7Bcarrier%7D%26countryname%3D%7Bcountryname%7D%26osversion%3D%7Bosversion%7D%26region%3D%7Bregion%7D%26useragent%3D%7Buseragent%7D%26language%3D%7Blanguage%7D&cln={CELL_NUMBER}&btp=7&rb=eGkg3cPXa3bDe4WB06VOxRjlaS5bqyEsnVdbkeILQC-26JqXe8rgq4sQ3SiTt56jzjBNGjb5EeADmQUDtjOfH99fNiFjHVajWmr3mcOFWAFD9Bj98BdXGZogwSRBprhW3zg_UdnHJAO9f8Qtxl_1yU3RBgOc47n0U-YmDv58ZBGQ_srGRVz58dvakvRe5Y5Q-gdG67u62rfdEjb57ttouZ8TgCNsT6XrwF7EBnZlEj83DIe5-InAVpNEbW9BSzgUq4Zw76bqoTv8tOueLn66ctjWrCfcg-Kmkm34wCWfGjGNZABTpdy0tZjZTyyCPO3SGFqYmIDtUZ1aSmjnpzpne-ft6wTeYIrb6IURAUr4FxBe-eJIE_NBIxPFmwsbkGCAtZre5z-TMvnAAzIZ6D_VvoAsJ93PhEygyIl4MEA62JyoZUQ--hBr96c1aOSi0O-aXPm-zQSDSIfI82vAWbDviEczURvTXVTXmHYLBK05S-xCOs4EOuMbyyX7W0An3DRzOEWXROhS9QgPeGr-JaS5odRG_p4A0mGL8EXxv6E87DTUIPdHcOaRv-9yHzpGZ_rher6xh6k8D6gMCcklKU6CSY9v7m5PgQu5Xw9aCwmU2Ym5RUKJ6auXZBlsxik04eF555YGNckrnxbr4ZegLBK3ymftQTVQOAkSn5DtzK4Gtl9UEfSv8X3Tm_aTR5aLDlHE_5BLEpcg3PU=&bag=2VAWl1jjUaLMzcNtH1rdvtrwCH5Rwwvg&ruid=6661859f-5202-4c26-9505-9fed4bf97dac&subid=598696717669380096
139.45.197.239302 Found 0 B URL HTTP/2 tovanillitechan.com/121?rnd=3737602821&z=5307589&b=14993070&c=6131524&var=&d=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3D%7Badformat%7D%26banner%3D14993070%26os%3D%7Bos%7D%26country%3D%7Bcountry%7D%26zoneid%3D5307589%26zone_type%3D%7Bzone_type%7D%26cost%3D%7Bcost%7D%26campaignid%3D6131524%26clickid%3D598696717669380096%26device%3D%7Bdevice%7D%26browser%3D%7Bbrowser%7D%26connection.type%3D%7Bconnection.type%7D%26browserversion%3D%7Bbrowserversion%7D%26carrier%3D%7Bcarrier%7D%26countryname%3D%7Bcountryname%7D%26osversion%3D%7Bosversion%7D%26region%3D%7Bregion%7D%26useragent%3D%7Buseragent%7D%26language%3D%7Blanguage%7D&cln={CELL_NUMBER}&btp=7&rb=eGkg3cPXa3bDe4WB06VOxRjlaS5bqyEsnVdbkeILQC-26JqXe8rgq4sQ3SiTt56jzjBNGjb5EeADmQUDtjOfH99fNiFjHVajWmr3mcOFWAFD9Bj98BdXGZogwSRBprhW3zg_UdnHJAO9f8Qtxl_1yU3RBgOc47n0U-YmDv58ZBGQ_srGRVz58dvakvRe5Y5Q-gdG67u62rfdEjb57ttouZ8TgCNsT6XrwF7EBnZlEj83DIe5-InAVpNEbW9BSzgUq4Zw76bqoTv8tOueLn66ctjWrCfcg-Kmkm34wCWfGjGNZABTpdy0tZjZTyyCPO3SGFqYmIDtUZ1aSmjnpzpne-ft6wTeYIrb6IURAUr4FxBe-eJIE_NBIxPFmwsbkGCAtZre5z-TMvnAAzIZ6D_VvoAsJ93PhEygyIl4MEA62JyoZUQ--hBr96c1aOSi0O-aXPm-zQSDSIfI82vAWbDviEczURvTXVTXmHYLBK05S-xCOs4EOuMbyyX7W0An3DRzOEWXROhS9QgPeGr-JaS5odRG_p4A0mGL8EXxv6E87DTUIPdHcOaRv-9yHzpGZ_rher6xh6k8D6gMCcklKU6CSY9v7m5PgQu5Xw9aCwmU2Ym5RUKJ6auXZBlsxik04eF555YGNckrnxbr4ZegLBK3ymftQTVQOAkSn5DtzK4Gtl9UEfSv8X3Tm_aTR5aLDlHE_5BLEpcg3PU=&bag=2VAWl1jjUaLMzcNtH1rdvtrwCH5Rwwvg&ruid=6661859f-5202-4c26-9505-9fed4bf97dac&subid=598696717669380096
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /121?rnd=3737602821&z=5307589&b=14993070&c=6131524&var=&d=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3D%7Badformat%7D%26banner%3D14993070%26os%3D%7Bos%7D%26country%3D%7Bcountry%7D%26zoneid%3D5307589%26zone_type%3D%7Bzone_type%7D%26cost%3D%7Bcost%7D%26campaignid%3D6131524%26clickid%3D598696717669380096%26device%3D%7Bdevice%7D%26browser%3D%7Bbrowser%7D%26connection.type%3D%7Bconnection.type%7D%26browserversion%3D%7Bbrowserversion%7D%26carrier%3D%7Bcarrier%7D%26countryname%3D%7Bcountryname%7D%26osversion%3D%7Bosversion%7D%26region%3D%7Bregion%7D%26useragent%3D%7Buseragent%7D%26language%3D%7Blanguage%7D&cln={CELL_NUMBER}&btp=7&rb=eGkg3cPXa3bDe4WB06VOxRjlaS5bqyEsnVdbkeILQC-26JqXe8rgq4sQ3SiTt56jzjBNGjb5EeADmQUDtjOfH99fNiFjHVajWmr3mcOFWAFD9Bj98BdXGZogwSRBprhW3zg_UdnHJAO9f8Qtxl_1yU3RBgOc47n0U-YmDv58ZBGQ_srGRVz58dvakvRe5Y5Q-gdG67u62rfdEjb57ttouZ8TgCNsT6XrwF7EBnZlEj83DIe5-InAVpNEbW9BSzgUq4Zw76bqoTv8tOueLn66ctjWrCfcg-Kmkm34wCWfGjGNZABTpdy0tZjZTyyCPO3SGFqYmIDtUZ1aSmjnpzpne-ft6wTeYIrb6IURAUr4FxBe-eJIE_NBIxPFmwsbkGCAtZre5z-TMvnAAzIZ6D_VvoAsJ93PhEygyIl4MEA62JyoZUQ--hBr96c1aOSi0O-aXPm-zQSDSIfI82vAWbDviEczURvTXVTXmHYLBK05S-xCOs4EOuMbyyX7W0An3DRzOEWXROhS9QgPeGr-JaS5odRG_p4A0mGL8EXxv6E87DTUIPdHcOaRv-9yHzpGZ_rher6xh6k8D6gMCcklKU6CSY9v7m5PgQu5Xw9aCwmU2Ym5RUKJ6auXZBlsxik04eF555YGNckrnxbr4ZegLBK3ymftQTVQOAkSn5DtzK4Gtl9UEfSv8X3Tm_aTR5aLDlHE_5BLEpcg3PU=&bag=2VAWl1jjUaLMzcNtH1rdvtrwCH5Rwwvg&ruid=6661859f-5202-4c26-9505-9fed4bf97dac&subid=598696717669380096 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: scm=1; OAID=d75739741e554c08b0ca0d6aaf0a604f; oaidts=1664303938
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 27 Sep 2022 18:38:58 GMT
content-length: 0
location: https://www.roifxtrader.com/?adformat=interstitial&banner=14993070&os=linux&country=NO&zoneid=5307589&zone_type={zone_type}&cost=&campaignid=6131524&clickid=598696717669380096&device={device}&browser=firefox&connection.type={connection.type}&browserversion={browserversion}&carrier={carrier}&countryname={countryname}&osversion=other®ion={region}&useragent={useragent}&language={language}
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 8c6b54b28544cb7c3581c649c7656425
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 42e7670c6fcf7981c5906cf7df21b755
0211960d9f8321ebe0d4003664ef7f3cc749ee81
c6fc6e7b958fdeedc023d6598098ab514df823876bb65b75ac9440c68c83a2d9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "C6FC6E7B958FDEEDC023D6598098AB514DF823876BB65B75AC9440C68C83A2D9"
Last-Modified: Mon, 26 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17239
Expires: Tue, 27 Sep 2022 23:26:17 GMT
Date: Tue, 27 Sep 2022 18:38:58 GMT
Connection: keep-alive
dozubatan.com/500/5307588?excludes=&oaid=d75739741e554c08b0ca0d6aaf0a604f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FqrE7%2Famongusv2202changename.bat%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 dozubatan.com/500/5307588?excludes=&oaid=d75739741e554c08b0ca0d6aaf0a604f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FqrE7%2Famongusv2202changename.bat%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5307588?excludes=&oaid=d75739741e554c08b0ca0d6aaf0a604f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FqrE7%2Famongusv2202changename.bat%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 18:38:58 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 42e7670c6fcf7981c5906cf7df21b755
0211960d9f8321ebe0d4003664ef7f3cc749ee81
c6fc6e7b958fdeedc023d6598098ab514df823876bb65b75ac9440c68c83a2d9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "C6FC6E7B958FDEEDC023D6598098AB514DF823876BB65B75AC9440C68C83A2D9"
Last-Modified: Mon, 26 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17239
Expires: Tue, 27 Sep 2022 23:26:17 GMT
Date: Tue, 27 Sep 2022 18:38:58 GMT
Connection: keep-alive
offerimage.com/www/images/a563edd673308b2cd8cc1ec9c0543417.png
172.67.22.216200 OK 76 kB URL HTTP/2 offerimage.com/www/images/a563edd673308b2cd8cc1ec9c0543417.png
IP 172.67.22.216:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash a563edd673308b2cd8cc1ec9c0543417
bff09cb9d8c3dadb244db8d24b6f58b8dfab6469
bbd22caad95af25c9ccf019fe7499c74743b7ef4eaceeffe0781c3f64f054b0c
GET /www/images/a563edd673308b2cd8cc1ec9c0543417.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 18:38:59 GMT
content-type: image/png
content-length: 76281
last-modified: Tue, 07 Jun 2022 21:58:32 GMT
etag: "629fca08-129f9"
expires: Wed, 28 Sep 2022 00:05:28 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 66811
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75165c032d870b39-OSL
X-Firefox-Spdy: h2
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.101200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.101:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Tue, 27 Sep 2022 05:35:19 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W0h5xntLP8irgskW7LidztasCFnDu39Osl8m0cgH2s8IMUBhCNQmTA==
age: 47021
X-Firefox-Spdy: h2
s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
54.230.111.32200 OK 11 kB URL HTTP/2 s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
IP 54.230.111.32:0
File type ASCII text, with very long lines (3066)
Hash ec810cf189244421fbba88a8fb7661b4
71ddd06a5ea0b748663403dbb2ef53e553b0297c
bb51d1e5236e0daeb078e0df8e945e5a0afc06e83e0ed54281d9af4877f58df0
GET /external-embedding/embed-widget-ticker-tape.js HTTP/1.1
Host: s3.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 10745
date: Tue, 27 Sep 2022 10:11:20 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 27 Sep 2022 10:11:06 GMT
etag: "ec810cf189244421fbba88a8fb7661b4"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FlAgv4rvQ2YF6_VgS2XWKqOqNqsf4dDjbCznlHljSiBPegmSa1mgzw==
age: 30460
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 2.2 kB IP 142.250.74.3:0
Hash 3ff2f5cc0ff2234464aa86dab612a4a1
7d7a919eea4d1d1e2828a260cca6a58ecd5e14c1
7daba76e80a56477944c4db189f5dd4cb77b10e158300f405f0e9050f76978c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 18:38:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 76 kB IP 142.250.74.3:0
Hash e951befb18528b09221399e8641a9421
8cee0c7b4ac80d96498e2220c78833f044d27119
45c35107894abe66beb161f9f0d8dc68372ed43a7f70aa1f6cfcbf265e9e4af6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 18:38:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
flagicons.lipis.dev/flags/4x3/it.svg
185.199.108.153200 OK 208 B URL HTTP/2 flagicons.lipis.dev/flags/4x3/it.svg
IP 185.199.108.153:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash c08a2da07f2c5a52da29268db93d165b
f87a1da0d5fe1524463fb90a7dafd2588bb75043
d012f6255909efae4049381abf5aea7890f8c5f3f9d12cc4a8bb41ce67309997
GET /flags/4x3/it.svg HTTP/1.1
Host: flagicons.lipis.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Sun, 11 Sep 2022 10:36:31 GMT
access-control-allow-origin: *
etag: W/"631dba2f-121"
expires: Tue, 27 Sep 2022 03:37:51 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: A78A:111B:6A732E:6DCA27:63326E03
accept-ranges: bytes
date: Tue, 27 Sep 2022 18:38:59 GMT
via: 1.1 varnish
age: 368
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 6
x-timer: S1664303939.410018,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: f00db9b9d01987075ef00f30e2fd1de4fb7fc9ab
content-length: 208
X-Firefox-Spdy: h2
flagicons.lipis.dev/flags/4x3/gb.svg
185.199.108.153200 OK 331 B URL HTTP/2 flagicons.lipis.dev/flags/4x3/gb.svg
IP 185.199.108.153:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash e6143f617b44e68d423bed136fce8949
c7154e49ce9d9e64f4c1daab47373e0c5f92b7ad
b17b64bb7a109117a3492996551dbbab45fd8f44521b00295a6ca7717871d4ad
GET /flags/4x3/gb.svg HTTP/1.1
Host: flagicons.lipis.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Sun, 11 Sep 2022 10:36:31 GMT
access-control-allow-origin: *
etag: W/"631dba2f-217"
expires: Sun, 25 Sep 2022 01:52:37 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 3A74:1967:138144E:1BE579D:632FB20D
accept-ranges: bytes
date: Tue, 27 Sep 2022 18:38:59 GMT
via: 1.1 varnish
age: 531
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 8
x-timer: S1664303939.410014,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: e9fcc894fdb22e8eb8d4b2f79ab65e97eaca8039
content-length: 331
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-1CZCP7MM89
142.250.74.72200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-1CZCP7MM89
IP 142.250.74.72:0
File type ASCII text, with very long lines (20189)
Hash 2b3203b9b969ea8b46b5950e74e280a3
26d5e2e43327259e53356473b44af7faffb1a314
30cfb3b88a3428aacd4d469032fcfdb6fe19c034da0ff09cfd6e9ceb8aad815e
GET /gtag/js?id=G-1CZCP7MM89 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 18:38:59 GMT
expires: Tue, 27 Sep 2022 18:38:59 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75333
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 1.5 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a745e5bf72f76ea348d8e0ad835a70ba
54dd4e5252b3dfd4a721f3f5ff524d432b2043b8
bcf8130ff658c6dca1f8838faeb3bfe3555bb780533a58ffc71bd85879a6f204
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12656
Expires: Tue, 27 Sep 2022 22:09:55 GMT
Date: Tue, 27 Sep 2022 18:38:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 2.2 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7bb79db91fa8035557d84eb90817877a
3e70ccaf0f141717832c9965bfa2957298973b8f
835b84dc76b09160a195cf508ed4b30a770f9f8eb584601ee53e15edc5fdc22c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12656
Expires: Tue, 27 Sep 2022 22:09:55 GMT
Date: Tue, 27 Sep 2022 18:38:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12656
Expires: Tue, 27 Sep 2022 22:09:55 GMT
Date: Tue, 27 Sep 2022 18:38:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12656
Expires: Tue, 27 Sep 2022 22:09:55 GMT
Date: Tue, 27 Sep 2022 18:38:59 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Jost%3A600%2C400%2C700&display=swap&ver=6.0.2
142.250.74.10200 OK 917 B URL HTTP/2 fonts.googleapis.com/css?family=Jost%3A600%2C400%2C700&display=swap&ver=6.0.2
IP 142.250.74.10:0
Hash 33f06759460700bdaee9b5116856477d
16733f64603a81e9573ff72a146f388858c98fe7
e422df69662b44100e80ef1e1369399443833804e89e7d0bb34faada77c9f554
GET /css?family=Jost%3A600%2C400%2C700&display=swap&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 18:38:59 GMT
date: Tue, 27 Sep 2022 18:38:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP 34.120.237.76:0
Hash 2beecae6a9da9ad9665f4dd39904f32e
d28a14c06e0a0d2d25c53067f386f409f188fb21
fcc67978cefbb76342bda5e62c747071fb6f9d6bd2ece5f643dde2820990557d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vx-yM_jeJvOaa1UizK5OoDJFkvKnajg2ezLF2l2qnN_OhdTE6I4taQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
age: 63184
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
Hash 860a17050cd324706bb265201e9d7b32
8790fe411d971844b3095de0c3271c17f13021f6
d0405524f3ac457a23f28a8c1ba526284dcb0b21ca09b8fb9744d910aab29536
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 75372
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MMrek5LO9ukZjB6VV-5McuE_maDzwTOihucz0kwxuaTJMNOpTchoJA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:52:00 GMT
age: 74819
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 74981
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 18:38:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP 34.120.237.76:0
Hash 71af5ae9c6098dd17ca82cd4f3b5ea25
a1f420400e3a348c69e846092cb8b46c1c7131dd
5ea3fe6b8175703bcc3131bd8643902f43ebb1ad7f09ae5959ebae51a4268194
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:25:52 GMT
age: 61987
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg
IP 34.120.237.76:0
Hash 62b711845a527b8d8fd8bfa3e3fe4944
99648b2696ddfdd10de5bbd60657fa3def116bfd
8a3a89dc40841f7ed0a82083e06e1390464546990e08676674f72b8526b9ab7c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5319
x-amzn-requestid: d4c13fa8-eb03-4abf-9516-b74eac712b87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreHL5IAMFcOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-487923453bd27d6a744b5a31;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gGfaq_dx7NIHH43-iNn0Ah61HRLT8H3NxPGVoDvkKgBgy8zJWYwRuw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 74981
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 18:38:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s3.tradingview.com/external-embedding/embed-widget-market-quotes.js
54.230.111.32304 Not Modified 0 B URL HTTP/2 s3.tradingview.com/external-embedding/embed-widget-market-quotes.js
IP 54.230.111.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /external-embedding/embed-widget-market-quotes.js HTTP/1.1
Host: s3.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 27 Sep 2022 10:11:03 GMT
If-None-Match: "3da96dfe346bd193547af675cb8b60ca"
TE: trailers
HTTP/2 304 Not Modified
date: Tue, 27 Sep 2022 10:11:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 27 Sep 2022 10:11:03 GMT
etag: "3da96dfe346bd193547af675cb8b60ca"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OjgzuemsWUM9ldpN4Xw5JkbjerCuFdOVDhsKkAtxhgFw_7WFw6hj6A==
age: 30461
X-Firefox-Spdy: h2
s3.tradingview.com/external-embedding/embed-widget-market-quotes.js
54.230.111.32304 Not Modified 0 B URL HTTP/2 s3.tradingview.com/external-embedding/embed-widget-market-quotes.js
IP 54.230.111.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /external-embedding/embed-widget-market-quotes.js HTTP/1.1
Host: s3.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 27 Sep 2022 10:11:03 GMT
If-None-Match: "3da96dfe346bd193547af675cb8b60ca"
TE: trailers
HTTP/2 304 Not Modified
date: Tue, 27 Sep 2022 10:11:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 27 Sep 2022 10:11:03 GMT
etag: "3da96dfe346bd193547af675cb8b60ca"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hhWgzUu6C_IlWbbBAzcOHftfHUTNyqgDxGgmzrSRbBxcdyLZscP3LQ==
age: 30461
X-Firefox-Spdy: h2
s3.tradingview.com/external-embedding/embed-widget-market-quotes.js
54.230.111.32304 Not Modified 0 B URL HTTP/2 s3.tradingview.com/external-embedding/embed-widget-market-quotes.js
IP 54.230.111.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /external-embedding/embed-widget-market-quotes.js HTTP/1.1
Host: s3.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 27 Sep 2022 10:11:03 GMT
If-None-Match: "3da96dfe346bd193547af675cb8b60ca"
TE: trailers
HTTP/2 304 Not Modified
date: Tue, 27 Sep 2022 10:11:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 27 Sep 2022 10:11:03 GMT
etag: "3da96dfe346bd193547af675cb8b60ca"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pOUYGtj5WU92OmxMDWIp-x9_HxrKt3AoOsQ0ZJrqy0_SrAwrolSWrA==
age: 30461
X-Firefox-Spdy: h2
engingrepare.com/d/.js?oref=&ourl=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D5307589%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598696717669380096%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&opt=ROIFX%20Trader%20%E2%80%93%20Trading%20in%20Forex%2C%20Cryptocurrencies%20and%20Stocks&vtm=1664303937300
3.123.187.149400 Bad Request 152 B URL HTTP/2 engingrepare.com/d/.js?oref=&ourl=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D5307589%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598696717669380096%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&opt=ROIFX%20Trader%20%E2%80%93%20Trading%20in%20Forex%2C%20Cryptocurrencies%20and%20Stocks&vtm=1664303937300
IP 3.123.187.149:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash d9bacc468aa23334526933389545e120
e26288b4bada404ce340ca72989f9f1193dc649c
0605685efb44dd3decd77517436c575731b61f807247587de67080c579ffa2d4
GET /d/.js?oref=&ourl=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D5307589%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598696717669380096%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&opt=ROIFX%20Trader%20%E2%80%93%20Trading%20in%20Forex%2C%20Cryptocurrencies%20and%20Stocks&vtm=1664303937300 HTTP/1.1
Host: engingrepare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
server: nginx
date: Tue, 27 Sep 2022 18:38:59 GMT
content-type: text/html
content-length: 152
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
s.tradingview.com/embed-widget/market-quotes/?locale=en
54.230.111.73200 OK 8.9 kB URL HTTP/2 s.tradingview.com/embed-widget/market-quotes/?locale=en
IP 54.230.111.73:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6390)
Hash a2d6973f01eb33b84cf4f479cd77ac05
0ee8d5fbfd20776acdd25cf5c757e29598f43bf4
aa968bb1df986c39f3949bb614c02928ee1d713f1e2ed89d28c4e0f9991945bd
GET /embed-widget/market-quotes/?locale=en HTTP/1.1
Host: s.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Tue, 27 Sep 2022 18:37:18 GMT
expires: Tue, 27 Sep 2022 18:39:18 GMT
cache-control: max-age=120
content-security-policy: object-src 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-wcJcfazxvs9BFnI6fjH/ZA=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; base-uri 'none'
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OP-KDb693za8khhDclfbGwi0D4aid3ZRf3eiTB1rwXHcopKk-JMihg==
age: 101
X-Firefox-Spdy: h2
s.tradingview.com/embed-widget/market-quotes/?locale=en
54.230.111.73200 OK 191 kB URL HTTP/2 s.tradingview.com/embed-widget/market-quotes/?locale=en
IP 54.230.111.73:0
Size 191 kB (191213 bytes)
Hash b127f73dc8d061037883b5b6de12f3d1
41518414d414aede9ce2021bff7dea5460d1f6c0
d7a5cb69588b0c4fccb2dc4e840502c20ebb63dc7e2c2501a9e274146489beb3
GET /embed-widget/market-quotes/?locale=en HTTP/1.1
Host: s.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Tue, 27 Sep 2022 18:37:18 GMT
expires: Tue, 27 Sep 2022 18:39:18 GMT
cache-control: max-age=120
content-security-policy: object-src 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-wcJcfazxvs9BFnI6fjH/ZA=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; base-uri 'none'
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iiz92-ZJ1jDwKXpdlL-6k-ACghtsJDcDQvbqrVdBSoVYyMke_tuwgw==
age: 101
X-Firefox-Spdy: h2
s.tradingview.com/embed-widget/market-quotes/?locale=en
54.230.111.73200 OK 7.5 kB URL HTTP/2 s.tradingview.com/embed-widget/market-quotes/?locale=en
IP 54.230.111.73:0
Hash 9ca1f32f1cab73c7d253b2492dbbc6e3
af5dca4fa6a217ed8c67ddfd70ff9e7c0b40f945
4717972dda7c15ba9ceb4a2a67f48fdb07707cafb7ee9946fdae67dfc72aaf5f
GET /embed-widget/market-quotes/?locale=en HTTP/1.1
Host: s.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Tue, 27 Sep 2022 18:37:18 GMT
expires: Tue, 27 Sep 2022 18:39:18 GMT
cache-control: max-age=120
content-security-policy: object-src 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-wcJcfazxvs9BFnI6fjH/ZA=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; base-uri 'none'
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 08BYE0KrWUBYYQJzqoJ_Af0Gg7WYYM8-vn4UzGbwtpgzZxuydS_i-A==
age: 101
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/3086.0d1fcc5f4fdd633672c7.css
54.230.111.106200 OK 275 B URL HTTP/2 static.tradingview.com/static/bundles/embed/3086.0d1fcc5f4fdd633672c7.css
IP 54.230.111.106:0
File type ASCII text, with very long lines (948), with no line terminators
Hash fed499f0b2313d63adf3417b0bae8e27
a8541f56b888a27d47cbd2f298bd0ba024831be9
ea584321e666a290e526cb885982143175d4324dc21947a9c53b58dc60b56f1e
GET /static/bundles/embed/3086.0d1fcc5f4fdd633672c7.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 275
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:37 GMT
etag: "62fdfac9-113"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OmRtiKlvb4suAHrm-TChOCYZahqv1mcNS0LtESihDZGxmnAHvnpvcg==
age: 3486052
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/72369.9291747e1fab1074d523.js
54.230.111.106200 OK 33 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/72369.9291747e1fab1074d523.js
IP 54.230.111.106:0
File type Unicode text, UTF-8 text, with very long lines (3072)
Hash 9c9774810a51f9f1b3a727876d3583f3
3901e2ff90220d4364bd0a65037f0bd219115069
ba0aa991398b2bcd70e58c5706503f3735dbee5750a63bfcfa2903271a0820c0
GET /static/bundles/embed/72369.9291747e1fab1074d523.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 33014
date: Tue, 30 Aug 2022 10:48:07 GMT
last-modified: Tue, 30 Aug 2022 10:04:53 GMT
etag: "630de0c5-80f6"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WrhIT8IklKZeSkc7To1DISONUnzg5aSaEVLGuWpilUSaoVV4vxtrSQ==
age: 2447452
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/95170.8c229ea611144b3d939d.js
54.230.111.106200 OK 16 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/95170.8c229ea611144b3d939d.js
IP 54.230.111.106:0
Hash 175b584cd1256dbe0b57c7d149e6b4a0
93c843e0c7b0f376ccf0d33ec1945cd1c8a247f2
3765ff852c9c348d5f489bab914c7a5f2580e5f26e9d4fc762fdd0aff05dc5de
GET /static/bundles/embed/95170.8c229ea611144b3d939d.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 8938
date: Sat, 30 Jul 2022 06:28:07 GMT
last-modified: Fri, 29 Jul 2022 13:14:57 GMT
etag: "62e3dd51-22ea"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XJva01FpbFEOe3sAEVJHMFby5bVFvzVptJz-leLSSrjhf1HadcmLAA==
age: 5141452
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/59349.06c5af95e99eb360e0d3.js
54.230.111.106200 OK 4.5 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/59349.06c5af95e99eb360e0d3.js
IP 54.230.111.106:0
File type ASCII text, with very long lines (3036)
Hash 222668586f47e46b73c5c28e18e2f785
9613ae8405a964b43dfa22e4bd8ffb835981970a
7cadd0fb593df958580a40f6e191e5b5b007a50a731ed48f384605748f01d53a
GET /static/bundles/embed/59349.06c5af95e99eb360e0d3.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 4541
date: Wed, 07 Sep 2022 10:11:06 GMT
last-modified: Wed, 07 Sep 2022 08:33:52 GMT
etag: "63185770-11bd"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VQK-yppuufHMHVWnSoVP9nYI-3Hdj2XURIm0ZU05Yn0zm1fTGWEtiQ==
age: 1758473
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/6373.cbf79a416472d97ee266.js
54.230.111.106200 OK 8.9 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/6373.cbf79a416472d97ee266.js
IP 54.230.111.106:0
File type Unicode text, UTF-8 text, with very long lines (3071)
Hash 2bb2f6ec14e1b7033a1efb7bfd636f22
36218963433e51d8c95ecf68abdbf37fff1c7b24
71ea00c5c9d3ce9cbe2faede0ca2dfef8c741de04257d8a9b2ab1c14518621e6
GET /static/bundles/embed/6373.cbf79a416472d97ee266.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 8861
date: Wed, 21 Sep 2022 10:20:06 GMT
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
etag: "632ace12-229d"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BcyC-MBmvmGboa0TjPNQZVHsH9cfGGJSKM1TDZGnatkWeAYGm9HibA==
age: 548332
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/47872.b614638f482af661b1f9.js
54.230.111.106200 OK 27 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/47872.b614638f482af661b1f9.js
IP 54.230.111.106:0
File type ASCII text, with very long lines (1630), with CRLF line terminators
Hash c0fa6b00e99343faf6c9c0345cb26a7e
42a5f943abddc35c44a4b27d9344343b990f39f3
02b68818877ab19d81aad1c00ce9fdfa920662d1cd70957226d2750a271bd8ef
GET /static/bundles/embed/47872.b614638f482af661b1f9.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 18927
date: Wed, 21 Sep 2022 10:20:06 GMT
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
etag: "632ace12-49ef"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8v6Nt3FshWIZTqnNt7XVhZv4Vehe0uUzjBf1umLeO9RBIMy3E_cthw==
age: 548333
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/73405.ec4e187e7b7b30688202.js
54.230.111.106200 OK 8.9 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/73405.ec4e187e7b7b30688202.js
IP 54.230.111.106:0
File type Unicode text, UTF-8 text, with very long lines (3071)
Hash 35e9a1aab50fc43bf798e14f714880f4
f92d18ce30cc0261c61cc1c1aabc5244c754d795
4dcbebe0670254b28e3ef288c44e20593057af380036f5a20bb94d62fbd1306d
GET /static/bundles/embed/73405.ec4e187e7b7b30688202.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 8869
date: Tue, 27 Sep 2022 10:13:06 GMT
last-modified: Tue, 27 Sep 2022 08:34:04 GMT
etag: "6332b57c-22a5"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: o7l3JV2OsGcGGRozOElEvnblgl1SQgDkAqy35Ihb6fgEFwSUT47c4Q==
age: 30353
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/61165.669f518fb3ca12a08781.js
54.230.111.106200 OK 9.6 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/61165.669f518fb3ca12a08781.js
IP 54.230.111.106:0
File type ASCII text, with very long lines (3071)
Hash 5d9570cd52c8c73b9e1a2e9865429c3e
eb47e79aebf1eb741a9018b31d22c7c10de0e7fd
4729a1722a0cc609a32e59ee76174287c4711b72cde258d0441014f43991b4ee
GET /static/bundles/embed/61165.669f518fb3ca12a08781.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 9641
date: Tue, 30 Aug 2022 10:48:07 GMT
last-modified: Tue, 30 Aug 2022 10:04:54 GMT
etag: "630de0c6-25a9"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rWeCuA7vlJ7AEs15H55ITCGt4UbNM7-hEqrtwbBCVNhCSziBtic2zQ==
age: 2447452
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/9594.68f7335652cbfdf7e67c.js
54.230.111.106200 OK 7.2 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/9594.68f7335652cbfdf7e67c.js
IP 54.230.111.106:0
File type ASCII text, with very long lines (5750)
Hash 6d25a025eb6edd164ef789ea89e7c814
d9df16238f5e4ef4619b5eeb2f391af629df9ce2
a6aeb8f1eec4623d7f42086e7f76a241b24a43d044c377a0663dff3b23ba2fc6
GET /static/bundles/embed/9594.68f7335652cbfdf7e67c.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 7197
date: Wed, 21 Sep 2022 10:20:26 GMT
last-modified: Wed, 21 Sep 2022 08:40:49 GMT
etag: "632ace11-1c1d"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: M_ShJLUApx_mR6PJHO0ss-Zx65MAFsdeqg_93a-HtUX8vobUPJ5S2g==
age: 548313
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/embed_market_quotes_widget.075f77fa1afd167026d2.js
54.230.111.106200 OK 12 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/embed_market_quotes_widget.075f77fa1afd167026d2.js
IP 54.230.111.106:0
File type Unicode text, UTF-8 text, with very long lines (15650)
Hash 80b4d79fd5b0d5b2227c5e37244d6e1b
13cb4488a6aab85b9ccfa5a3e35c408bd6911eca
a11c6f63b551ddcaf446d1ddb38f7d496afcfe9d98d91b44cb9a878c471bc6e0
GET /static/bundles/embed/embed_market_quotes_widget.075f77fa1afd167026d2.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 12044
date: Wed, 21 Sep 2022 10:20:26 GMT
last-modified: Wed, 21 Sep 2022 08:40:49 GMT
etag: "632ace11-2f0c"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nDO2fqwpsNUy-NYo-X-GTzZ62twaddLnyCbReElf2EdKwCZ4fuI4gw==
age: 548313
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/runtime.55d8483e42e5d6ab1a14.js
54.230.111.106200 OK 21 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/runtime.55d8483e42e5d6ab1a14.js
IP 54.230.111.106:0
File type Unicode text, UTF-8 text, with very long lines (3068)
Hash bab5f0aedda3fe5131ba839215bc3920
8fa9ad34bd3ad302d8e1ee7ef82af47e8201c7e3
8b0991464a7082fb25dbc7c97529a3a0b391e1fc9b209390e2615793bca6b790
GET /static/bundles/embed/runtime.55d8483e42e5d6ab1a14.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 20735
date: Tue, 27 Sep 2022 10:13:06 GMT
last-modified: Tue, 27 Sep 2022 08:34:04 GMT
etag: "6332b57c-50ff"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rhl7wQkX6Sfv1IlN467fkpoysYCJr-elx09beoIWIK0YaEdQbgzH_Q==
age: 30353
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/69952.06b0e333ddc07ff1bde0.js
54.230.111.106200 OK 4.1 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/69952.06b0e333ddc07ff1bde0.js
IP 54.230.111.106:0
File type ASCII text, with very long lines (11868)
Hash 82c0166d07dafbc60c0256135ff70c1d
2640a815ffbed854738cf29d2ab876d55f8c60dc
5a880fd727f2a0141993963276994f900261db54dc1e62577c23d0f1dc03192a
GET /static/bundles/embed/69952.06b0e333ddc07ff1bde0.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 4128
date: Wed, 21 Sep 2022 10:20:06 GMT
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
etag: "632ace12-1020"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2HLEO9DUzZdAV8st-IthTC0mH1HOdXr6D101Jvw65BHTYvKM_bYNQg==
age: 548332
X-Firefox-Spdy: h2
s.tradingview.com/embed-widget/market-quotes/?locale=en
54.230.111.73200 OK 20 kB URL HTTP/2 s.tradingview.com/embed-widget/market-quotes/?locale=en
IP 54.230.111.73:0
Hash 9680943d0b4f844bbb64404e6a77a588
b6543a3529faed4f94752654995f9b11318a5925
d27bf432f5176654b5d6a41edbd930c0881071763461b07ea458f9ea06cdc314
GET /embed-widget/market-quotes/?locale=en HTTP/1.1
Host: s.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Tue, 27 Sep 2022 18:37:18 GMT
expires: Tue, 27 Sep 2022 18:39:18 GMT
cache-control: max-age=120
content-security-policy: object-src 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-wcJcfazxvs9BFnI6fjH/ZA=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; base-uri 'none'
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IicYFHamG2UWVNQ5hCoFGKRsV8i7zV3VPVzDpnhhYqOq2asdLayf4w==
age: 101
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/93419.83330e98cd0f13f52e0f.css
54.230.111.106200 OK 1.3 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/93419.83330e98cd0f13f52e0f.css
IP 54.230.111.106:0
File type ASCII text, with very long lines (9662), with no line terminators
Hash 1590890d2b95e5dd26b6619078fc3716
7f099065b77017303b41d575174d0506404c2422
0f2d89b30ed40c9645acec4a6708531eb2489aff5aca6f0639d92e6de208c97b
GET /static/bundles/embed/93419.83330e98cd0f13f52e0f.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 1254
date: Tue, 06 Sep 2022 10:02:46 GMT
last-modified: Tue, 06 Sep 2022 09:02:07 GMT
etag: "63170c8f-4e6"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SviGtpnSfpButojtsw9wt5T9b6ebCiU3QJBzKrpLJ2qYa07PJd-zlQ==
age: 1845373
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/4704.721cbfb1a5d6784e3109.css
54.230.111.106200 OK 482 B URL HTTP/2 static.tradingview.com/static/bundles/embed/4704.721cbfb1a5d6784e3109.css
IP 54.230.111.106:0
File type ASCII text, with very long lines (2185), with no line terminators
Hash 58cbe331cf45c85a52eb02587adc9fef
13f08c64e54a3f211e26f97b80af35abd49b670b
53adcb676377768d48af24466b08fb38f141ede6a9e84b20d72ed3c209aaf647
GET /static/bundles/embed/4704.721cbfb1a5d6784e3109.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 482
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
etag: "62fdfacb-1e2"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XMqN5WgRHY19LtQ0VABvKyptL3vA2KLZdNBE69ogPQXQ-hkRABI92g==
age: 3486053
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/5735.c773d84ae2dfa00f5f7e.css
54.230.111.106200 OK 458 B URL HTTP/2 static.tradingview.com/static/bundles/embed/5735.c773d84ae2dfa00f5f7e.css
IP 54.230.111.106:0
File type ASCII text, with very long lines (1649), with no line terminators
Hash 7497343e286bffb0f77343a72c52c807
a0b16b6844fec13e7e4f05c5ec1dff354a843128
f775ccacb10b864665283b42df806044d4c07d2b103c4a3d15fc6fa967890a87
GET /static/bundles/embed/5735.c773d84ae2dfa00f5f7e.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 458
date: Tue, 06 Sep 2022 10:02:17 GMT
last-modified: Tue, 06 Sep 2022 09:02:06 GMT
etag: "63170c8e-1ca"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gmUoM1kCvr-OLVne0KecmoYbQKJzs5fAbI1zaKJeaFJEWHfEPnKosA==
age: 1845402
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/22641.c7183a76dc0599de9f42.css
54.230.111.106200 OK 566 B URL HTTP/2 static.tradingview.com/static/bundles/embed/22641.c7183a76dc0599de9f42.css
IP 54.230.111.106:0
File type ASCII text, with very long lines (3872), with no line terminators
Hash 6e6b52d09836b19a082054796f9fbadf
47f855654aca16bb3d22b0a261028c07bfbf3ac1
b66836dc4dcb259fd7f709598dc05417bc69fe1c7f6382e3be864e124f711186
GET /static/bundles/embed/22641.c7183a76dc0599de9f42.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 566
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
etag: "62fdfacb-236"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3CFg5C1LBNcT-jU8M20Ea2p74BbGH_Jiv8Jimd6DOOuQXiNCGM33kQ==
age: 3486053
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/49859.57ed1f0e14de0ce7dcbb.css
54.230.111.106200 OK 275 B URL HTTP/2 static.tradingview.com/static/bundles/embed/49859.57ed1f0e14de0ce7dcbb.css
IP 54.230.111.106:0
File type ASCII text, with very long lines (868), with no line terminators
Hash baa8242f859530e38f8b32a9c0615593
c883ab6d475cbd4fea077661f25bbca065950a08
c7b10129b6beba6afdd65d4b6079e7952447d0a79c094ee6a850c7a583fb7406
GET /static/bundles/embed/49859.57ed1f0e14de0ce7dcbb.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 275
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
etag: "62fdfacb-113"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3vOlvl4appH_HLQEw926EMQXCo5YJ0THsDKSgyL3D1oQcraJUHGtLg==
age: 3486053
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/97029.aec87eec8d0ca240b268.css
54.230.111.106200 OK 1.1 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/97029.aec87eec8d0ca240b268.css
IP 54.230.111.106:0
File type ASCII text, with very long lines (6181), with no line terminators
Hash 36c5de656ee5ac6c3687030dae4ac897
c4cdf0cf6f8996a6bb2bb3d275c19113ed350953
e3a85219b604b7535c69f1ae7ef8d9d4df795997954b6174ef8344d1ec0023c7
GET /static/bundles/embed/97029.aec87eec8d0ca240b268.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 1080
date: Thu, 18 Aug 2022 10:18:24 GMT
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
etag: "62fdfacb-438"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 66zNCiOZDCcYsb-s9JKjUqtW6xEJ0PwbihLjANC4fdNpl_ogYxVoKQ==
age: 3486035
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/21629.59ea3f34e1413a77f290.js
54.230.111.106200 OK 11 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/21629.59ea3f34e1413a77f290.js
IP 54.230.111.106:0
File type Unicode text, UTF-8 text, with very long lines (15650)
Hash b3a404cb516ade1695c0705696d97ad1
e63067338645699570f486a7a13f126f16944156
30eddd13db49b8c00d8e64e7bb79266f0ff8b1f76e7699842e60a05ed317fdb4
GET /static/bundles/embed/21629.59ea3f34e1413a77f290.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 11131
date: Thu, 15 Sep 2022 10:58:07 GMT
last-modified: Thu, 15 Sep 2022 08:58:09 GMT
etag: "6322e921-2b7b"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TIdKa1r1GhnkRBzQ9Tjj4rTkEAqkAeSzxckxDjj-DYP-Boj4RTqE3Q==
age: 1064453
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/41848.a819f80182db62e2c3b6.css
54.230.111.106200 OK 1.1 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/41848.a819f80182db62e2c3b6.css
IP 54.230.111.106:0
File type ASCII text, with very long lines (6539), with no line terminators
Hash 314a88cb707c312d3d20310eb6e16b27
06a733bacfaa9706a6b3fff13a8aa9325f464ca9
92824d9ce9a58e064ff1b14673fc316221dea9f55122b027e58ea4470e9b3233
GET /static/bundles/embed/41848.a819f80182db62e2c3b6.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 1102
date: Tue, 06 Sep 2022 10:02:30 GMT
last-modified: Tue, 06 Sep 2022 09:02:09 GMT
etag: "63170c91-44e"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: f4HLUtVSfv9TkME3ds49H9LSTBSBeOkDfLLKEtDdxxJGmlm4UJ4hIA==
age: 1845389
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/28055.7fe079f819bb507d3dec.js
54.230.111.106200 OK 20 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/28055.7fe079f819bb507d3dec.js
IP 54.230.111.106:0
File type Unicode text, UTF-8 text, with very long lines (60923)
Hash 09bec4ad913931e71e1a6fef6b444002
05731597e1b1d7344237eb70910e8ef2ff0edcf4
9b13087cbe454a4074eb4a6b0a8fdb20c23c474ad1f5231c0a62b9516c971065
GET /static/bundles/embed/28055.7fe079f819bb507d3dec.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 21 Sep 2022 10:20:18 GMT
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
etag: W/"632ace12-85a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 28Gy-OEa0YLocMoZIdMhaaOnfV0whzCUwHq6V5DgCaBjra9ExU-GXQ==
age: 548322
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/28903.415109541489380d12f6.css
54.230.111.106200 OK 219 B URL HTTP/2 static.tradingview.com/static/bundles/embed/28903.415109541489380d12f6.css
IP 54.230.111.106:0
File type ASCII text, with very long lines (801), with no line terminators
Hash 97f7a20e8f5b5aab89e7323c3f952f93
0a86a43d70147185f1f356ac3061d461f498a0af
51e40ba29ca9c9b7f89f255331a616a93beb9fb033c029e058a6a45483c0209c
GET /static/bundles/embed/28903.415109541489380d12f6.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 219
date: Tue, 06 Sep 2022 10:02:46 GMT
last-modified: Tue, 06 Sep 2022 09:02:06 GMT
etag: "63170c8e-db"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RgifM35ultfzsWE4n9Hl9Uu9a-mxzj3PFRx-Frj8vCK3JZLSm_n32w==
age: 1845374
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.8fddca2ccd8456d34a10.js
54.230.111.106200 OK 2.1 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.8fddca2ccd8456d34a10.js
IP 54.230.111.106:0
File type ASCII text, with very long lines (3332)
Hash e6796590284ab6cfb534e922a2ebca47
a18fcd51aab7f7a2510583126f25f33f94bf1626
fa3c19b48ad254a9cd1bc6753b098c4db439979efae0b12705e89087a1541da9
GET /static/bundles/embed/tradingview-copyright-data-impl.8fddca2ccd8456d34a10.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 2082
date: Tue, 06 Sep 2022 10:03:06 GMT
last-modified: Tue, 06 Sep 2022 09:02:07 GMT
etag: "63170c8f-822"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lsq7DyRRb5qohjFdtTwjMOloIrHHejJzA_whX70uPf8z6ptlmNeNLg==
age: 1845354
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30
92.223.127.177101 Switching Protocols 0 B URL HTTP/1.1 widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30
IP 92.223.127.177:0
ASN #199524 G-Core Labs S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30 HTTP/1.1
Host: widgetdata.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tmhuAplQq5wS15jHFWXOJw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 27 Sep 2022 18:39:00 GMT
Connection: upgrade
sec-websocket-accept: WQXDrUhoEBMKnMZX4i/jXWoI3Ag=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv
widget.trustpilot.com/trustbox-data/5419b6a8b0d04a076446a9ad?businessUnitId=62bc0c115fe9507ba430b5ef&locale=en-US
143.204.55.101200 OK 551 B URL HTTP/2 widget.trustpilot.com/trustbox-data/5419b6a8b0d04a076446a9ad?businessUnitId=62bc0c115fe9507ba430b5ef&locale=en-US
IP 143.204.55.101:0
File type JSON data\012- , ASCII text, with very long lines (1254), with no line terminators
Hash a51ed573e7c6c0a4c5e03f7e0d8cc8a8
44448fe032f89ff8393a4021e18bd9cdcb435606
b2f7287a06ef9819cfe52d42e7aa6bb58e319dbec79b598caba5cd5fb256f1f2
GET /trustbox-data/5419b6a8b0d04a076446a9ad?businessUnitId=62bc0c115fe9507ba430b5ef&locale=en-US HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=62bc0c115fe9507ba430b5ef
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 551
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fallback-status: BYPASS
x-skip-cache-cookie: 0
x-xss-protection: 1; mode=block
date: Tue, 27 Sep 2022 18:18:58 GMT
cache-control: public,max-age=1800
etag: "1d433381a8f48779b81ab6baa94087ca"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: P9sCfJdi88rUN3IZXbLHBH-8VXYxvM4XQKiray7oedNk4fCq-iCF7A==
age: 1210
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.tradingview.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 16:41:09 GMT
expires: Tue, 27 Sep 2022 18:41:09 GMT
cache-control: public, max-age=7200
age: 7072
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=light&minReviewCount=10&withoutReviewsPreferredStringId=1&url=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D5307589%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598696717669380096%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=62bc0c115fe9507ba430b5ef&widgetId=5419b6a8b0d04a076446a9ad
143.204.55.101204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=light&minReviewCount=10&withoutReviewsPreferredStringId=1&url=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D5307589%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598696717669380096%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=62bc0c115fe9507ba430b5ef&widgetId=5419b6a8b0d04a076446a9ad
IP 143.204.55.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=light&minReviewCount=10&withoutReviewsPreferredStringId=1&url=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D5307589%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598696717669380096%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=62bc0c115fe9507ba430b5ef&widgetId=5419b6a8b0d04a076446a9ad HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=62bc0c115fe9507ba430b5ef
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Tue, 27 Sep 2022 18:39:00 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2iLY4LtUD8eKJxS-1NSzxIRmb8CrY14VWBAG6PSNOHqQeQ4_oWGMPA==
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=light&minReviewCount=10&withoutReviewsPreferredStringId=1&url=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D5307589%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598696717669380096%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=62bc0c115fe9507ba430b5ef&widgetId=5419b6a8b0d04a076446a9ad
143.204.55.101204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=light&minReviewCount=10&withoutReviewsPreferredStringId=1&url=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D5307589%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598696717669380096%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=62bc0c115fe9507ba430b5ef&widgetId=5419b6a8b0d04a076446a9ad
IP 143.204.55.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxView?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=light&minReviewCount=10&withoutReviewsPreferredStringId=1&url=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D5307589%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598696717669380096%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=62bc0c115fe9507ba430b5ef&widgetId=5419b6a8b0d04a076446a9ad HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=62bc0c115fe9507ba430b5ef
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Tue, 27 Sep 2022 18:39:00 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JvCVTGemyAK9R_xjk5tvgA_ZUlQOwmoqkUuub5euSS5-L5uZt888tQ==
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-vendor.js
104.22.24.131200 OK 28 kB URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-vendor.js
IP 104.22.24.131:0
File type ASCII text, with very long lines (65472)
Hash c13bec1ecff3fb9757fa3c4d1219c94d
36ee94f21bc8e6c16ade6c14094f582e76f15c3c
9174c82608a4383cc7ff9aaa097411cde1cf29415f6c81e491a821c693f8dbc5
GET /_s/v4/app/63258f417d7/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 18:39:01 GMT
content-type: application/javascript
age: 177871
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75165c107a510afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fticker-tape%2F&date=2022_09_27-11_30
92.223.127.177101 Switching Protocols 0 B URL HTTP/1.1 widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fticker-tape%2F&date=2022_09_27-11_30
IP 92.223.127.177:0
ASN #199524 G-Core Labs S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/websocket?from=embed-widget%2Fticker-tape%2F&date=2022_09_27-11_30 HTTP/1.1
Host: widgetdata.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: r9sIJ3F9sgMsUd/z2E6urw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 27 Sep 2022 18:39:01 GMT
Connection: upgrade
sec-websocket-accept: xgZqgwxlhDDS5yMfISZa5DdGPdo=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
104.22.24.131200 OK 1.4 kB URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
IP 104.22.24.131:0
File type ASCII text, with very long lines (2306), with no line terminators
Hash 97993493c7c350b175934ab7543bef4a
f01e894ea4bf30d74869a567b66c872c43b7f863
675a8e5647bba57d3092dd9273af492c27b442a4d9eff95b8e48611b0ad31fe7
GET /_s/v4/app/63258f417d7/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 18:39:01 GMT
content-type: application/javascript
age: 177871
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"31ca85b2b61bb42db4e40c2e9429f7dc"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75165c107a580afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/country/EU.svg
143.204.55.3200 OK 870 B URL HTTP/2 s3-symbol-logo.tradingview.com/country/EU.svg
IP 143.204.55.3:0
File type exported SGML document, ASCII text, with very long lines (870), with no line terminators
Hash e9173ef4613c3da43c45885ea39c4b96
218b28ec16584e3f2326b778d3cca1d5c6a682d1
b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03
GET /country/EU.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 870
last-modified: Wed, 08 Sep 2021 09:01:40 GMT
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 17:46:55 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "e9173ef4613c3da43c45885ea39c4b96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: c8erwbl2tET7IvWAS32C3i5QqGPDo7VKUhWBHP752qNdyKVyMPOVrA==
age: 3127
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/country/JP.svg
143.204.55.3200 OK 215 B URL HTTP/2 s3-symbol-logo.tradingview.com/country/JP.svg
IP 143.204.55.3:0
File type exported SGML document, ASCII text, with no line terminators
Hash dd1bc2f51b952d5c3421a69d6febe6ce
b501eef8705cc2c8e9d8b9a9ce431d70e1ef0f71
147aa1297638071607ef5cf0d722c1953c6716e61ef32f58e3fb7fd132ce84ee
GET /country/JP.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 215
last-modified: Wed, 08 Sep 2021 09:00:59 GMT
x-amz-meta-hash: dd1bc2f51b952d5c3421a69d6febe6ce
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 17:43:31 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "dd1bc2f51b952d5c3421a69d6febe6ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _aT3Sqtm494yRojQevbia900szM8yIT9CcZOld1co0nZKzsE7400KA==
age: 3331
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/country/AU.svg
143.204.55.3200 OK 937 B URL HTTP/2 s3-symbol-logo.tradingview.com/country/AU.svg
IP 143.204.55.3:0
File type exported SGML document, ASCII text, with very long lines (937), with no line terminators
Hash ffaa89557725b51eb58753956db0a148
af4c43200c5a85ad2d525412bf83e55e90138bd3
27c815d48181359be416f858593d35e363b546bf3f237e0458cccf01fefbdf30
GET /country/AU.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 937
last-modified: Wed, 08 Sep 2021 09:02:00 GMT
x-amz-meta-hash: ffaa89557725b51eb58753956db0a148
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 18:04:37 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "ffaa89557725b51eb58753956db0a148"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _s_ixHMu3EJ_kVdS1zkyxThX1gYT6DQV_xLE65C4_FprEaTCWb3EAQ==
age: 2065
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/country/GB.svg
143.204.55.3200 OK 468 B URL HTTP/2 s3-symbol-logo.tradingview.com/country/GB.svg
IP 143.204.55.3:0
File type exported SGML document, ASCII text, with very long lines (468), with no line terminators
Hash 09bfac5408302ee8c52fa2ed008c4f13
ec2b53eba8ec1a31fc6745cd9c4fc09518db1c2f
b3e463d925abc879f5b76428144c0da44bc02fae2188f71bc9e7aa7ab6f46037
GET /country/GB.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 468
last-modified: Wed, 08 Sep 2021 09:01:59 GMT
x-amz-meta-hash: 09bfac5408302ee8c52fa2ed008c4f13
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 17:44:37 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "09bfac5408302ee8c52fa2ed008c4f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wL1GMTtxEC6LaZt9ux0mqmofqBUVc_g8gnzUpqOIHXn6XExO2dzdSA==
age: 3269
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/country/CH.svg
143.204.55.3200 OK 236 B URL HTTP/2 s3-symbol-logo.tradingview.com/country/CH.svg
IP 143.204.55.3:0
File type exported SGML document, ASCII text, with no line terminators
Hash 2390cb6eb08128c8300b6a29c41f2842
de96debc38e1b541ef81692120f1099d1f1e9d20
3b66ebe14df724fa1f4efc29bf7b8658975e89be92202238d75fad8badc68d36
GET /country/CH.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 236
last-modified: Wed, 08 Sep 2021 09:01:10 GMT
x-amz-meta-hash: 2390cb6eb08128c8300b6a29c41f2842
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 18:10:47 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "2390cb6eb08128c8300b6a29c41f2842"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mJnPTXIisBM9_6c5RLOt_I0AVjXP2m3N8xSARR_UX6CNiUWK72Sj0Q==
age: 1695
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
143.204.55.3200 OK 523 B URL HTTP/2 s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
IP 143.204.55.3:0
File type exported SGML document, ASCII text, with very long lines (523), with no line terminators
Hash 4542d4ecd73f04c73affa787a4522596
6e7129a5417dac4d4547b375e8b23d5a7dc5b714
955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774
GET /crypto/XTVCETH.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 523
last-modified: Wed, 08 Sep 2021 09:05:18 GMT
x-amz-meta-hash: 4542d4ecd73f04c73affa787a4522596
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 18:36:58 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "4542d4ecd73f04c73affa787a4522596"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1Da8xZWeMkP0XcWDj-wCFv-Yev3-dyXVi66GXsrV49R4jCkLox7DOQ==
age: 124
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/country/US.svg
143.204.55.3200 OK 13 kB URL HTTP/2 s3-symbol-logo.tradingview.com/country/US.svg
IP 143.204.55.3:0
Hash 22f0177c156ad34bf47c7488dcbb4032
631c210906da1f4a15f5b4233ed4e9214d8577ba
09afe351c9718347950f3706df65d532c50bdb879db5f7272a6e4e6da5d288e9
GET /country/US.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 08 Sep 2021 09:01:07 GMT
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
server: AmazonS3
content-encoding: gzip
date: Tue, 27 Sep 2022 18:10:45 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fq6hus4X7uu9AnRvcj81jYjkKgAuY814NYAdsQBH0gCf0SOdoLiIPA==
age: 1697
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/indices/nasdaq-100.svg
143.204.55.3200 OK 777 B URL HTTP/2 s3-symbol-logo.tradingview.com/indices/nasdaq-100.svg
IP 143.204.55.3:0
File type exported SGML document, ASCII text, with very long lines (777), with no line terminators
Hash fe60c6206a39b7984b1ebb2b8234c5ab
ec9c1ff626f97b55d2196a86ccb44fce9bdadbd2
425b69d42c6b0731fb094a37cbe1600ea1bfd57d2020094ecd0478e4d5720fa4
GET /indices/nasdaq-100.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 777
last-modified: Thu, 26 May 2022 07:17:23 GMT
x-amz-meta-hash: fe60c6206a39b7984b1ebb2b8234c5ab
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 18:07:13 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "fe60c6206a39b7984b1ebb2b8234c5ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sffc8cEEDCIaCyOjl0ljGejaKk41HvzXkB8u_rPAcJCvZ9_Iq1JqjQ==
age: 1910
X-Firefox-Spdy: h2
widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30
92.223.127.177101 Switching Protocols 0 B URL HTTP/1.1 widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30
IP 92.223.127.177:0
ASN #199524 G-Core Labs S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30 HTTP/1.1
Host: widgetdata.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: a81iY1mxY38mfyrUlNsvhQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 27 Sep 2022 18:39:01 GMT
Connection: upgrade
sec-websocket-accept: ecMvctKacMZdbrcZvJ03G4Jdw4M=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv
s3-symbol-logo.tradingview.com/microsoft.svg
143.204.55.3200 OK 304 B URL HTTP/2 s3-symbol-logo.tradingview.com/microsoft.svg
IP 143.204.55.3:0
File type exported SGML document, ASCII text, with very long lines (304), with no line terminators
Hash 074d127e2f9fd8c2e79c01a5f002979c
a180afde05902cdc100a83180fa387201f992401
6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85
GET /microsoft.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 304
last-modified: Wed, 08 Sep 2021 09:00:12 GMT
x-amz-meta-hash: 074d127e2f9fd8c2e79c01a5f002979c
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 17:57:57 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "074d127e2f9fd8c2e79c01a5f002979c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PII_ltZnmsG0j4rvHx9DgxIA944OHPhV9Jc7FRLuwUOwkBICZrQRhQ==
age: 2467
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/advanced-micro-devices.svg
143.204.55.3200 OK 449 B URL HTTP/2 s3-symbol-logo.tradingview.com/advanced-micro-devices.svg
IP 143.204.55.3:0
File type exported SGML document, ASCII text, with very long lines (449), with no line terminators
Hash bdbf1c6c85e6683de21dc199c4419970
928f52baf0174fd424ca7063b819988f6b8520d5
123c77aac45e4969387665181747fc253c5698a99e6508766b26129818d59c6a
GET /advanced-micro-devices.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 449
last-modified: Wed, 08 Sep 2021 08:53:21 GMT
x-amz-meta-hash: bdbf1c6c85e6683de21dc199c4419970
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 18:04:15 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "bdbf1c6c85e6683de21dc199c4419970"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: axZQCRS8AhN7lR1ZTJT3_XpNNKA7wCzZmlrEOwjEnCNsAIWmL1T3Uw==
age: 2095
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/tesla.svg
143.204.55.3200 OK 508 B URL HTTP/2 s3-symbol-logo.tradingview.com/tesla.svg
IP 143.204.55.3:0
File type exported SGML document, ASCII text, with very long lines (508), with no line terminators
Hash 3b7c34c4a74ed2a5415d26d40df1b84a
e069a067efe5513c212569aaeeb30338b69cdd1c
338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d
GET /tesla.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 508
last-modified: Wed, 08 Sep 2021 09:01:16 GMT
x-amz-meta-hash: 3b7c34c4a74ed2a5415d26d40df1b84a
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 17:39:45 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "3b7c34c4a74ed2a5415d26d40df1b84a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4tTTKMqfN8reVfJ_PQ3afd2BoIVXQ0T33pLN9CBuJDSoqN-X6j8G0w==
age: 3561
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/netflix.svg
143.204.55.3200 OK 453 B URL HTTP/2 s3-symbol-logo.tradingview.com/netflix.svg
IP 143.204.55.3:0
File type exported SGML document, ASCII text, with very long lines (453), with no line terminators
Hash 088f20cd1f479350f02d9aada3709050
114bd591e902fc05d93e966453b74b252b88dd58
c5f5b9304726376ee2b8f6b47ad85c5c7509c14e10fca4c4b1ebda33e76983e6
GET /netflix.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 453
last-modified: Wed, 08 Sep 2021 08:53:57 GMT
x-amz-meta-hash: 088f20cd1f479350f02d9aada3709050
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 17:52:24 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "088f20cd1f479350f02d9aada3709050"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NQ6hs2krStnVh1Bwmi-nZ786G98baGhMWN1UJL1g8iHBBQp4feyRTg==
age: 2801
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
104.22.24.131200 OK 42 kB URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
IP 104.22.24.131:0
File type ASCII text, with very long lines (65466)
Hash 56fa96d4644a5923c7a766a6d7d772c6
4896b1e3e5eb3c1b7ea7e589512198db0d259e80
8d007f2a28a010fb0ecf13d3ea3937a5af9915b60f508b7125655b4914fcd336
GET /_s/v4/app/63258f417d7/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 18:39:01 GMT
content-type: application/javascript
age: 177871
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"c262969ff89da8a8b3994883a0f57085"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75165c107a570afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/spdr-sandp500-etf-tr.svg
143.204.55.3200 OK 548 B URL HTTP/2 s3-symbol-logo.tradingview.com/spdr-sandp500-etf-tr.svg
IP 143.204.55.3:0
File type exported SGML document, ASCII text, with very long lines (548), with no line terminators
Hash 739b8a1d4950ef3e563a4527ba38d111
5bb4b592092552384154d47e64a8c65216969b7b
cad088efc0978bf886800020a056e4eb07359385addebd54ad4422991689b844
GET /spdr-sandp500-etf-tr.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 548
last-modified: Wed, 15 Jun 2022 10:23:36 GMT
x-amz-meta-hash: 739b8a1d4950ef3e563a4527ba38d111
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 18:23:56 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "739b8a1d4950ef3e563a4527ba38d111"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XnaxqKPLQBZ3ZIQpRmqHIQz4n9Bc4V8N9QXVoBE3BphEwVArWQ5xeA==
age: 912
X-Firefox-Spdy: h2
widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30
92.223.127.177101 Switching Protocols 0 B URL HTTP/1.1 widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30
IP 92.223.127.177:0
ASN #199524 G-Core Labs S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30 HTTP/1.1
Host: widgetdata.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rUY20StmOXqQxYJ6JIxsWw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 27 Sep 2022 18:39:02 GMT
Connection: upgrade
sec-websocket-accept: 4uegUMpPue0FZB0axMmvuZhi2xo=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv
s3-symbol-logo.tradingview.com/crypto/XTVCXRP.svg
143.204.55.3200 OK 661 B URL HTTP/2 s3-symbol-logo.tradingview.com/crypto/XTVCXRP.svg
IP 143.204.55.3:0
File type exported SGML document, ASCII text, with very long lines (661), with no line terminators
Hash 4cc138d1e09d2133eeca65966f3894f0
cf40ee7fc2a18c2f6ae3c7522b6234ca45743623
b2296bde0cbe8bc2cd069e06dcc26ebcd6cd3203dea044abf5a2fed0dc4ffbf6
GET /crypto/XTVCXRP.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 661
last-modified: Wed, 08 Sep 2021 09:01:05 GMT
x-amz-meta-hash: 4cc138d1e09d2133eeca65966f3894f0
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 17:57:14 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "4cc138d1e09d2133eeca65966f3894f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dCifQamIK-IjrLlfymsVlVEjaZtnjoRN4RKcq7MPGHIs8c9RUXLRrg==
age: 2535
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/crypto/XTVCDOGE.svg
143.204.55.3200 OK 331 B URL HTTP/2 s3-symbol-logo.tradingview.com/crypto/XTVCDOGE.svg
IP 143.204.55.3:0
File type exported SGML document, ASCII text, with very long lines (331), with no line terminators
Hash 114568fe43536657e04e23ccd32ae693
696713666a958223b810fdd07fa4747172407528
c16d3b0a51ef2399f2af907fb7a4f677794629008d995a766b189efab37d7d40
GET /crypto/XTVCDOGE.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 331
last-modified: Wed, 08 Sep 2021 09:04:51 GMT
x-amz-meta-hash: 114568fe43536657e04e23ccd32ae693
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 18:23:57 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "114568fe43536657e04e23ccd32ae693"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ff4n7tLqBmWYvzMMD4mOJ2F7yTyM3VojnJIAsewEgRgtuLCZw-SLpA==
age: 908
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/crypto/XTVCBCH.svg
143.204.55.3200 OK 842 B URL HTTP/2 s3-symbol-logo.tradingview.com/crypto/XTVCBCH.svg
IP 143.204.55.3:0
File type exported SGML document, ASCII text, with very long lines (842), with no line terminators
Hash c5f06f764bdbb9d55002d1c5c5a8262d
ed9d4206f408cc820c5d66994f738c25cce352c5
d1262dc8f7898b06b5e3b89d3fe98b91669670cb63e2256c43aa20c6cea58799
GET /crypto/XTVCBCH.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 842
last-modified: Tue, 10 May 2022 08:43:42 GMT
x-amz-meta-hash: c5f06f764bdbb9d55002d1c5c5a8262d
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 17:52:10 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "c5f06f764bdbb9d55002d1c5c5a8262d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: v1GTDnfCsw-5KGOQdLOED3hr3v6O_O6Fz1iQPEl1_OyzYd-Lil0ESg==
age: 2824
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/crypto/XTVCLTC.svg
143.204.55.3200 OK 291 B URL HTTP/2 s3-symbol-logo.tradingview.com/crypto/XTVCLTC.svg
IP 143.204.55.3:0
File type exported SGML document, ASCII text, with no line terminators
Hash 135fed0ba41e2cc6f0be38d91f6d4327
4cf7a4ad00909e8b92e5c9a428f71721481a78b0
fea85b7101beb79844d8b4396a6df981f4757c150cdf3f61bc59453dd2f440ba
GET /crypto/XTVCLTC.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 291
last-modified: Wed, 08 Sep 2021 09:03:49 GMT
x-amz-meta-hash: 135fed0ba41e2cc6f0be38d91f6d4327
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 17:50:20 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "135fed0ba41e2cc6f0be38d91f6d4327"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3xuRG-M7HfhLeIV-oC54dC1ye7dw9PwPLY0zntG7mShnomlBxc7kjA==
age: 2925
X-Firefox-Spdy: h2
widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30
92.223.127.177101 Switching Protocols 0 B URL HTTP/1.1 widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30
IP 92.223.127.177:0
ASN #199524 G-Core Labs S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30 HTTP/1.1
Host: widgetdata.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZywDVrVwLMLr9Ysy5SVvhw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 27 Sep 2022 18:39:02 GMT
Connection: upgrade
sec-websocket-accept: CT9BpVxChtOHYa5JoAz7eAY5sW8=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv
s3-symbol-logo.tradingview.com/crypto/XTVCEOS.svg
143.204.55.3200 OK 1.2 kB URL HTTP/2 s3-symbol-logo.tradingview.com/crypto/XTVCEOS.svg
IP 143.204.55.3:0
Hash 4522c6201203bdcaca37c5994350cf81
91e03029fcdab36ad1b2b9e282f890e5623f08f9
48274c09b27d79a9fa1256e663446976f6723882de8d28756cbdaae74c200623
GET /crypto/XTVCEOS.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 08 Sep 2021 09:04:44 GMT
x-amz-meta-hash: b5bb09f3f95c87ffa9a07fc8c225f1bd
server: AmazonS3
content-encoding: gzip
date: Tue, 27 Sep 2022 18:16:47 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: W/"b5bb09f3f95c87ffa9a07fc8c225f1bd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: USMORG_O_NU40nXtJq_GZuU4JTIhlC1eeqmREa2bz7aM9CNktMeIpg==
age: 1342
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/crude-oil.svg
143.204.55.3200 OK 443 B URL HTTP/2 s3-symbol-logo.tradingview.com/crude-oil.svg
IP 143.204.55.3:0
File type exported SGML document, ASCII text, with very long lines (443), with no line terminators
Hash 5e4e832aa47ec693a3c1de44c8b222b5
2d5947bfa54cf87422a3d02c46de823d55613400
106132134d99b813f417630a48b4ad75f75423f05cf1ecca333928d67e2e9aaa
GET /crude-oil.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 443
last-modified: Wed, 08 Sep 2021 08:59:22 GMT
x-amz-meta-hash: 5e4e832aa47ec693a3c1de44c8b222b5
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 17:40:18 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "5e4e832aa47ec693a3c1de44c8b222b5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MueqoYgN2dCSzK5Ivt7NezS98WOMFCNpFUKb4u0pwtgsl50Qj_lr1Q==
age: 3528
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/apple.svg
143.204.55.3200 OK 1.5 kB URL HTTP/2 s3-symbol-logo.tradingview.com/apple.svg
IP 143.204.55.3:0
Hash 5215c52bbd062e3ef00ac06a4c77794e
97f7fdf6ed993be6decf9ef132770301102911ca
fb21b7206babce997dd92e161a86713fe276f630a32660d65f60f65133e0e34a
GET /apple.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 08 Sep 2021 08:59:47 GMT
x-amz-meta-hash: 725d4f188fecc7d857c5a8e668ec4dac
server: AmazonS3
content-encoding: gzip
date: Tue, 27 Sep 2022 17:39:45 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: W/"725d4f188fecc7d857c5a8e668ec4dac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: joeU64TQebpVZLNstXmy1nAqvLqjXiFBA2IFDT-KEaKnqDM2aGiodw==
age: 3564
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/indices/s-and-p-500.svg
143.204.55.3200 OK 521 B URL HTTP/2 s3-symbol-logo.tradingview.com/indices/s-and-p-500.svg
IP 143.204.55.3:0
File type exported SGML document, ASCII text, with very long lines (1077), with no line terminators
Hash 10ea9f29cb28a0be8fe3530e0a676d8b
444854ad5d557f9d9f9e873f8f7f718d84e6320f
f8d4fed117c16496401f4b85d3a371404e5ae04bc66fd02e9ca8a930e49b8750
GET /indices/s-and-p-500.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 26 May 2022 07:17:22 GMT
x-amz-meta-hash: f120e635d6a57528861fe87233bc6c11
server: AmazonS3
content-encoding: gzip
date: Tue, 27 Sep 2022 18:12:30 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: W/"f120e635d6a57528861fe87233bc6c11"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: M-slNbe9sugMb9XMC2h0Y7l9l1spiIZy9mqZl52x78-gcv7od4_Jgw==
age: 1592
X-Firefox-Spdy: h2
offerimage.com/www/images/375d4eace3e9692bfe2fc21648f4c59a.jpeg
172.67.22.216200 OK 13 kB URL HTTP/2 offerimage.com/www/images/375d4eace3e9692bfe2fc21648f4c59a.jpeg
IP 172.67.22.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 375d4eace3e9692bfe2fc21648f4c59a
57ef9b8278b63d567eab92b8607b68cee29071b8
46005b3961515220591e6df79d2713774deb57a082dda8162c3d182bcad3aa1b
GET /www/images/375d4eace3e9692bfe2fc21648f4c59a.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 18:39:04 GMT
content-type: image/jpeg
content-length: 13449
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6231b193-3489"
expires: Wed, 28 Sep 2022 13:34:12 GMT
last-modified: Wed, 16 Mar 2022 09:44:51 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 18292
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75165c226de40b39-OSL
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=d7b7a9393cdc4422834ddb4ada114a84&zoneId=5307590&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=d7b7a9393cdc4422834ddb4ada114a84&zoneId=5307590&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 17c7455f8228958d276b67268994d70e
cdf4eb5f3b63bb68231408cfc1f1fa98fe269dd1
578f285846e367bd48da7bb647f18d4bf6d93f65a2d3a4c3abc3040900aeeef6
GET /gid.js?pub=0&userId=d7b7a9393cdc4422834ddb4ada114a84&zoneId=5307590&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Cookie: ID=d75739741e554c08b0ca0d6aaf0a604f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 18:39:05 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d75739741e554c08b0ca0d6aaf0a604f; expires=Wed, 27 Sep 2023 18:39:05 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
anonymfile.com/css/theme.min.css
138.201.48.112200 OK 0 B URL HTTP/2 anonymfile.com/css/theme.min.css
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /css/theme.min.css HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/qrE7/amongusv2202changename.bat?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6IjBIcUtFU2lKT3U4eWtESWpjTUlQUHc9PSIsInZhbHVlIjoiYjE0TTRGR1BrRnZxb1h6NDZHOUNETE1DNnVIc0lIM3ptL0RhLzFuL2Jham9FRW5HdlRRRjdGZlFjbWpYT2VLZ2JFcmtSU2JSTjQ0UXE5WUltMnViWWF6djJXbmVtVkRKZjlzK1ZjUkxRQkdVaHNCa0RzVEt2czdlQXJKRGpmWEQiLCJtYWMiOiIxOGMwNTE2NDBiODI1MjEzMGVmOWEzZmVkMjljYmViODRhZTNkMTFkMWU5NDVhYTlkZGE4MjAzMjM3OTVmM2MxIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik1id2lvaVRLK1BWeEFhV0xSQ0RpaHc9PSIsInZhbHVlIjoiWE03ZkFWUW82SUF0Z0ZPaTZUanNEOWhDZUhVMXVGdmVpaWNnTjVzeEtzQWxnQ0lDUFNIZkQ4RVpNSmdFMURSdXh2THg1R0J1RG5rVEx2OHJNUVo2dVBSVE4reHgva0xwV3lNUGsvVGJ5S1hucUhZWnpKclhYZ3VqdUY2SEdyYkIiLCJtYWMiOiJlNTlhOWVmM2RkMDA3MTY3Zjk0NWIyNzg2MGEzZDg4NzdhNDcxNzBkZmQ2ODgzZDUxZDMxMWNkNWE3YjdjZjFlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 18:38:57 GMT
content-type: text/css
last-modified: Fri, 22 Oct 2021 08:15:50 GMT
vary: Accept-Encoding
etag: W/"61727336-921fb"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
104.21.84.149200 OK 0 B IP 104.21.84.149:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 18:38:58 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2964
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnnwEUe6WjBjXZTBybbHMfXrYepEggdVd%2Bn9BJYgHJ8%2BOpnOdSqw%2B85gHgrV7RftTccoEHRG3w%2BywTFmG5MPeaG36n4v%2FugtwGBPQKlIhCAeCX3ytsbiO12OQAXVYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75165bfddb081c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.530a55e441c55d6c8446.js
54.230.111.106200 OK 0 B URL HTTP/2 static.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.530a55e441c55d6c8446.js
IP 54.230.111.106:0
GET /static/bundles/embed/embed_ticker_tape_widget.530a55e441c55d6c8446.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 21 Sep 2022 10:20:18 GMT
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
etag: W/"632ace12-1b8a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: F4JnivNs1oazBYhZk7lAnIkB9dp7fP1-0vGCBVquf67vtuTvu01Y5Q==
age: 548322
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-app.js
104.22.24.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-app.js
IP 104.22.24.131:0
GET /_s/v4/app/63258f417d7/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 18:39:01 GMT
content-type: application/javascript
age: 177871
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75165c107a5a0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js
104.16.125.175200 OK 0 B URL HTTP/2 unpkg.com/filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js
IP 104.16.125.175:0
GET /filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 18:38:57 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1a7f-Ufoq68yhVBjz3riH5wAGJXD40pU"
via: 1.1 fly.io
fly-request-id: 01G7558XE30T0T2M6RDRBFG7JV-fra
cf-cache-status: HIT
age: 7347181
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75165bfa3f5e0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
inklinkor.com/tag.min.js
172.67.211.29200 OK 0 B IP 172.67.211.29:0
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 18:38:57 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 97faf83ca78cffd097f2571e867c75ab
cache-control: max-age=86400
last-modified: Fri, 23 Sep 2022 16:04:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Wed, 28 Sep 2022 17:47:09 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 3108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ta5LucGAS4nnLe6vIWcise1%2B6XtUkOH57uJUwivvuci78LKNyJr7aS%2Fm5ZZSuozozPeunsmvEkmzK3xlRnpf%2B8LpPAOPWAi2a%2BOpk5O27u%2Bxq6M3O6%2BDVhgl0bm82%2FJv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75165bfc3a62b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pseepsie.com/pfe/current/tag.min.js?z=5307590
139.45.197.250200 OK 0 B URL HTTP/2 pseepsie.com/pfe/current/tag.min.js?z=5307590
IP 139.45.197.250:0
GET /pfe/current/tag.min.js?z=5307590 HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 18:38:58 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
dozubatan.com/500/5307588?excludes=&oaid=d75739741e554c08b0ca0d6aaf0a604f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FqrE7%2Famongusv2202changename.bat%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 dozubatan.com/500/5307588?excludes=&oaid=d75739741e554c08b0ca0d6aaf0a604f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FqrE7%2Famongusv2202changename.bat%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
GET /500/5307588?excludes=&oaid=d75739741e554c08b0ca0d6aaf0a604f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FqrE7%2Famongusv2202changename.bat%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=9dec1c363f724e459c092a7b6755c7a2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 18:38:59 GMT
content-type: application/javascript
x-trace-id: af484b0b86bfcf4936f35dd09fc427de
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=d75739741e554c08b0ca0d6aaf0a604f; expires=Wed, 27 Sep 2023 18:38:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
dozubatan.com/500/5307588?excludes=14745758&oaid=d75739741e554c08b0ca0d6aaf0a604f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FqrE7%2Famongusv2202changename.bat%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 dozubatan.com/500/5307588?excludes=14745758&oaid=d75739741e554c08b0ca0d6aaf0a604f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FqrE7%2Famongusv2202changename.bat%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
GET /500/5307588?excludes=14745758&oaid=d75739741e554c08b0ca0d6aaf0a604f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FqrE7%2Famongusv2202changename.bat%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=d75739741e554c08b0ca0d6aaf0a604f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 18:39:04 GMT
content-type: application/javascript
x-trace-id: bf6b511145e1d64b4ebc58716e4b2744
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=d75739741e554c08b0ca0d6aaf0a604f; expires=Wed, 27 Sep 2023 18:39:03 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
anonymfile.com/qrE7/amongusv2202changename.bat?PageSpeed=noscript
138.201.48.112200 OK 0 B URL HTTP/2 anonymfile.com/qrE7/amongusv2202changename.bat?PageSpeed=noscript
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /qrE7/amongusv2202changename.bat?PageSpeed=noscript HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: XSRF-TOKEN=eyJpdiI6IjBIcUtFU2lKT3U4eWtESWpjTUlQUHc9PSIsInZhbHVlIjoiYjE0TTRGR1BrRnZxb1h6NDZHOUNETE1DNnVIc0lIM3ptL0RhLzFuL2Jham9FRW5HdlRRRjdGZlFjbWpYT2VLZ2JFcmtSU2JSTjQ0UXE5WUltMnViWWF6djJXbmVtVkRKZjlzK1ZjUkxRQkdVaHNCa0RzVEt2czdlQXJKRGpmWEQiLCJtYWMiOiIxOGMwNTE2NDBiODI1MjEzMGVmOWEzZmVkMjljYmViODRhZTNkMTFkMWU5NDVhYTlkZGE4MjAzMjM3OTVmM2MxIiwidGFnIjoiIn0%3D; expires=Tue, 27-Sep-2022 20:38:57 GMT; Max-Age=7200; path=/; samesite=lax
anonymfile_session=eyJpdiI6Ik1id2lvaVRLK1BWeEFhV0xSQ0RpaHc9PSIsInZhbHVlIjoiWE03ZkFWUW82SUF0Z0ZPaTZUanNEOWhDZUhVMXVGdmVpaWNnTjVzeEtzQWxnQ0lDUFNIZkQ4RVpNSmdFMURSdXh2THg1R0J1RG5rVEx2OHJNUVo2dVBSVE4reHgva0xwV3lNUGsvVGJ5S1hucUhZWnpKclhYZ3VqdUY2SEdyYkIiLCJtYWMiOiJlNTlhOWVmM2RkMDA3MTY3Zjk0NWIyNzg2MGEzZDg4NzdhNDcxNzBkZmQ2ODgzZDUxZDMxMWNkNWE3YjdjZjFlIiwidGFnIjoiIn0%3D; expires=Tue, 27-Sep-2022 20:38:57 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Tue, 27 Sep 2022 18:38:57 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
anonymfile.com/sw.js
138.201.48.112404 Not Found 0 B IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/qrE7/amongusv2202changename.bat?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6IjBIcUtFU2lKT3U4eWtESWpjTUlQUHc9PSIsInZhbHVlIjoiYjE0TTRGR1BrRnZxb1h6NDZHOUNETE1DNnVIc0lIM3ptL0RhLzFuL2Jham9FRW5HdlRRRjdGZlFjbWpYT2VLZ2JFcmtSU2JSTjQ0UXE5WUltMnViWWF6djJXbmVtVkRKZjlzK1ZjUkxRQkdVaHNCa0RzVEt2czdlQXJKRGpmWEQiLCJtYWMiOiIxOGMwNTE2NDBiODI1MjEzMGVmOWEzZmVkMjljYmViODRhZTNkMTFkMWU5NDVhYTlkZGE4MjAzMjM3OTVmM2MxIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik1id2lvaVRLK1BWeEFhV0xSQ0RpaHc9PSIsInZhbHVlIjoiWE03ZkFWUW82SUF0Z0ZPaTZUanNEOWhDZUhVMXVGdmVpaWNnTjVzeEtzQWxnQ0lDUFNIZkQ4RVpNSmdFMURSdXh2THg1R0J1RG5rVEx2OHJNUVo2dVBSVE4reHgva0xwV3lNUGsvVGJ5S1hucUhZWnpKclhYZ3VqdUY2SEdyYkIiLCJtYWMiOiJlNTlhOWVmM2RkMDA3MTY3Zjk0NWIyNzg2MGEzZDg4NzdhNDcxNzBkZmQ2ODgzZDUxZDMxMWNkNWE3YjdjZjFlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Tue, 27 Sep 2022 18:38:57 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
anonymfile.com/sw.js
138.201.48.112404 Not Found 0 B IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/qrE7/amongusv2202changename.bat?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6IjBIcUtFU2lKT3U4eWtESWpjTUlQUHc9PSIsInZhbHVlIjoiYjE0TTRGR1BrRnZxb1h6NDZHOUNETE1DNnVIc0lIM3ptL0RhLzFuL2Jham9FRW5HdlRRRjdGZlFjbWpYT2VLZ2JFcmtSU2JSTjQ0UXE5WUltMnViWWF6djJXbmVtVkRKZjlzK1ZjUkxRQkdVaHNCa0RzVEt2czdlQXJKRGpmWEQiLCJtYWMiOiIxOGMwNTE2NDBiODI1MjEzMGVmOWEzZmVkMjljYmViODRhZTNkMTFkMWU5NDVhYTlkZGE4MjAzMjM3OTVmM2MxIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik1id2lvaVRLK1BWeEFhV0xSQ0RpaHc9PSIsInZhbHVlIjoiWE03ZkFWUW82SUF0Z0ZPaTZUanNEOWhDZUhVMXVGdmVpaWNnTjVzeEtzQWxnQ0lDUFNIZkQ4RVpNSmdFMURSdXh2THg1R0J1RG5rVEx2OHJNUVo2dVBSVE4reHgva0xwV3lNUGsvVGJ5S1hucUhZWnpKclhYZ3VqdUY2SEdyYkIiLCJtYWMiOiJlNTlhOWVmM2RkMDA3MTY3Zjk0NWIyNzg2MGEzZDg4NzdhNDcxNzBkZmQ2ODgzZDUxZDMxMWNkNWE3YjdjZjFlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Tue, 27 Sep 2022 18:38:57 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
pseepsie.com/pfe/current/universal.min.js?v=3.1.396
139.45.197.250200 OK 0 B URL HTTP/2 pseepsie.com/pfe/current/universal.min.js?v=3.1.396
IP 139.45.197.250:0
GET /pfe/current/universal.min.js?v=3.1.396 HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 18:38:58 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-1fafa"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
www.roifxtrader.com/?adformat=interstitial&banner=14993070&os=linux&country=NO&zoneid=5307589&zone_type={zone_type}&cost=&campaignid=6131524&clickid=598696717669380096&device={device}&browser=firefox&connection.type={connection.type}&browserversion={browserversion}&carrier={carrier}&countryname={countryname}&osversion=other®ion={region}&useragent={useragent}&language={language}
104.21.81.185301 Moved Permanently 0 B URL HTTP/2 www.roifxtrader.com/?adformat=interstitial&banner=14993070&os=linux&country=NO&zoneid=5307589&zone_type={zone_type}&cost=&campaignid=6131524&clickid=598696717669380096&device={device}&browser=firefox&connection.type={connection.type}&browserversion={browserversion}&carrier={carrier}&countryname={countryname}&osversion=other®ion={region}&useragent={useragent}&language={language}
IP 104.21.81.185:0
GET /?adformat=interstitial&banner=14993070&os=linux&country=NO&zoneid=5307589&zone_type={zone_type}&cost=&campaignid=6131524&clickid=598696717669380096&device={device}&browser=firefox&connection.type={connection.type}&browserversion={browserversion}&carrier={carrier}&countryname={countryname}&osversion=other®ion={region}&useragent={useragent}&language={language} HTTP/1.1
Host: www.roifxtrader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 27 Sep 2022 18:38:58 GMT
content-type: text/html; charset=UTF-8
location: https://www.roifxtrader.com/?adformat=interstitial&banner=14993070&os=linux&country=NO&zoneid=5307589&zone_type=%7Bzone_type%7D&cost&campaignid=6131524&clickid=598696717669380096&device=%7Bdevice%7D&browser=firefox&connection_type=%7Bconnection.type%7D&browserversion=%7Bbrowserversion%7D&carrier=%7Bcarrier%7D&countryname=%7Bcountryname%7D&osversion=other®ion=%7Bregion%7D&useragent=%7Buseragent%7D&language=%7Blanguage%7D
x-redirect-by: WordPress
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmkVQ5x7DCf51og42B7u6jrZo4DixdSH2HXVGhMnDdbHLDQXSixpJzzASio3bmScj2jd%2BfAMkx70E8m8az%2FBxhkdZSDwpFYRl3%2Bd9MQ61IivjzA2w7kXlL2xSUAExJfxFFAM5NnS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75165c01da02b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.roifxtrader.com/?adformat=interstitial&banner=14993070&os=linux&country=NO&zoneid=5307589&zone_type=%7Bzone_type%7D&cost&campaignid=6131524&clickid=598696717669380096&device=%7Bdevice%7D&browser=firefox&connection_type=%7Bconnection.type%7D&browserversion=%7Bbrowserversion%7D&carrier=%7Bcarrier%7D&countryname=%7Bcountryname%7D&osversion=other®ion=%7Bregion%7D&useragent=%7Buseragent%7D&language=%7Blanguage%7D
104.21.81.185200 OK 0 B URL HTTP/2 www.roifxtrader.com/?adformat=interstitial&banner=14993070&os=linux&country=NO&zoneid=5307589&zone_type=%7Bzone_type%7D&cost&campaignid=6131524&clickid=598696717669380096&device=%7Bdevice%7D&browser=firefox&connection_type=%7Bconnection.type%7D&browserversion=%7Bbrowserversion%7D&carrier=%7Bcarrier%7D&countryname=%7Bcountryname%7D&osversion=other®ion=%7Bregion%7D&useragent=%7Buseragent%7D&language=%7Blanguage%7D
IP 104.21.81.185:0
GET /?adformat=interstitial&banner=14993070&os=linux&country=NO&zoneid=5307589&zone_type=%7Bzone_type%7D&cost&campaignid=6131524&clickid=598696717669380096&device=%7Bdevice%7D&browser=firefox&connection_type=%7Bconnection.type%7D&browserversion=%7Bbrowserversion%7D&carrier=%7Bcarrier%7D&countryname=%7Bcountryname%7D&osversion=other®ion=%7Bregion%7D&useragent=%7Buseragent%7D&language=%7Blanguage%7D HTTP/1.1
Host: www.roifxtrader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 18:38:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://www.roifxtrader.com/wp-json/>; rel="https://api.w.org/", <https://www.roifxtrader.com/wp-json/wp/v2/pages/6635>; rel="alternate"; type="application/json", <https://www.roifxtrader.com/>; rel=shortlink
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYv7qyflkZlhMD%2FJg1QBdncF51%2Bozpa8ynEnb5L1bbIa%2BXYYv9ncFAvhs6ca4DsmFFUU5YxJo%2FaHyP6E4QbLsbbSV1oYyIIHQvY6gm736ZAoLunbGlYj7cTjt4hHbVyZdri7yoem"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75165c027aecb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/6281b6ff7b967b11798f7d77/1g35b5lj0
104.22.24.131200 OK 0 B URL HTTP/2 embed.tawk.to/6281b6ff7b967b11798f7d77/1g35b5lj0
IP 104.22.24.131:0
GET /6281b6ff7b967b11798f7d77/1g35b5lj0 HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 18:38:59 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-63258f417d7"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 4933
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75165c070ed20afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
104.16.125.175302 Found 0 B URL HTTP/2 unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
IP 104.16.125.175:0
GET /filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 27 Sep 2022 18:38:57 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GE03K6EJDMXYVBT94YF8FEWX-fra
cf-cache-status: HIT
age: 335
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75165bf9ae7b0b59-OSL
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
104.16.125.175302 Found 0 B URL HTTP/2 unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
IP 104.16.125.175:0
GET /filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 27 Sep 2022 18:38:57 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GE03RRTDZEMHAS27NYAVJ4BG-fra
cf-cache-status: HIT
age: 153
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75165bf9ae7f0b59-OSL
X-Firefox-Spdy: h2
bedrapiona.com/5/5307591/?oo=1&js_build=iclick-v1.430.0
139.45.197.234200 OK 0 B URL HTTP/2 bedrapiona.com/5/5307591/?oo=1&js_build=iclick-v1.430.0
IP 139.45.197.234:0
GET /5/5307591/?oo=1&js_build=iclick-v1.430.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 18:38:58 GMT
content-type: application/json
x-trace-id: 1f6c26a4cbd535e7ea5f319fd74124e6
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=d75739741e554c08b0ca0d6aaf0a604f; expires=Wed, 27 Sep 2023 18:38:58 GMT; path=/; secure; SameSite=None
oaidts=1664303938; expires=Wed, 27 Sep 2023 18:38:58 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-vendors.js
104.22.24.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-vendors.js
IP 104.22.24.131:0
GET /_s/v4/app/63258f417d7/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 18:39:01 GMT
content-type: application/javascript
age: 177871
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"81c2642aac0b88b6b237d279f5f8ce67"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75165c107a540afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.tradingview.com/embed-widget/ticker-tape/?locale=en
54.230.111.73200 OK 0 B URL HTTP/2 s.tradingview.com/embed-widget/ticker-tape/?locale=en
IP 54.230.111.73:0
GET /embed-widget/ticker-tape/?locale=en HTTP/1.1
Host: s.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Tue, 27 Sep 2022 18:38:52 GMT
expires: Tue, 27 Sep 2022 18:40:52 GMT
cache-control: max-age=120
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline'; object-src 'none'; base-uri 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-BSRyRmFJlPk4UhVd17FhNw=='
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Rt24hl9b0voQ77UPt2-z2xlGoFZdCxHP9vopVPlkUqllPxyOXgazxg==
age: 7
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/87461.aa126d16f4609615d7a4.js
54.230.111.106200 OK 0 B URL HTTP/2 static.tradingview.com/static/bundles/embed/87461.aa126d16f4609615d7a4.js
IP 54.230.111.106:0
GET /static/bundles/embed/87461.aa126d16f4609615d7a4.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Sep 2022 10:11:07 GMT
last-modified: Wed, 07 Sep 2022 08:33:53 GMT
etag: W/"63185771-1518"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Po2OlPVAZz0G31XzcGm8bBJtL0ZTeUJKURlaHZ5iFGn_bdOThuxgIw==
age: 1758473
X-Firefox-Spdy: h2