r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash adb43321efa5cd1662993b701ff25fa4
1299dcea7e9c59d9f22f39d69025484fe71098c1
2c25a6717245be3746f1412af9dd1c351e12dbb93e8e08c3ddcdacf35e419514
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C25A6717245BE3746F1412AF9DD1C351E12DBB93E8E08C3DDCDACF35E419514"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6572
Expires: Sun, 18 Sep 2022 18:56:59 GMT
Date: Sun, 18 Sep 2022 17:07:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 16:12:19 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VRBuUYQkgwg4xJXtwXrYY3nAc47Z12PxDuEYlb-TVWRhjbGowIDuJQ==
Age: 3308
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 03:30:43 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 26a2aoqqC0A65lRgQ5_vt-tkT6OsgJDFl9ujcv-b7_h_nmKRv7d9mA==
age: 49004
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 17:07:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
mkkuei4kdsz.com/8/752.html
64.225.91.73200 OK 329 B URL HTTP/1.1 mkkuei4kdsz.com/8/752.html
IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /8/752.html HTTP/1.1
Host: mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 18 Sep 2022 17:07:28 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 17:07:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8964552
expires: Fri, 08 Sep 2023 17:07:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Odjr4a%2Bo3ZCIbLfcvxDRxOjOMCj9HV08iDPX%2FzR9swkxRgpDgQ8Yztf0zAAZaLljOI8xuJ1S27nH48z%2BypQNdIXC%2BWg%2FAG4faYHNQGVBrlSY%2BWivcytwm6kXmdMEQlj4klFVDoK9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74cbad954ddeb4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b3fe41451a6a76c23d107fdb9e7fa30
e05f7a5b2a0d91462c92778ea83cabf628977b5a
f3e044a1fb80f8773ee0f7018384a9b0899ca5d5d57620514a8066754e9517b9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "F3E044A1FB80F8773EE0F7018384A9B0899CA5D5D57620514A8066754E9517B9"
Last-Modified: Sun, 18 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3311
Expires: Sun, 18 Sep 2022 18:02:39 GMT
Date: Sun, 18 Sep 2022 17:07:28 GMT
Connection: keep-alive
domaincntrol.com/?orighost=http://mkkuei4kdsz.com/8/752.html
104.26.11.61200 OK 28 B URL HTTP/2 domaincntrol.com/?orighost=http://mkkuei4kdsz.com/8/752.html
IP 104.26.11.61:0
File type ASCII text, with no line terminators
Hash 7aae16ed70d2e07943585bbb1cd02b55
3209123510c034e6e38ca45edf14307f1375a8f5
51bfb53a70df6adc48f0670be59a16a657ab5a2bafc176973a32d5c36a4fc5d3
GET /?orighost=http://mkkuei4kdsz.com/8/752.html HTTP/1.1
Host: domaincntrol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 17:07:28 GMT
content-type: text/javascript;charset=UTF-8
content-length: 28
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ruIf9NzwnoRn%2BbNWVPPpeVITz0ZoyKMtRpw801iaiFeZmEsF%2BXOwIkTztbihWXbO%2BQjeX0gtAoaxMQPn0i%2BMNvT6FYAonQS4ixh7vXy7kGPFzxY%2BxFYNLcGdjzY6Tsbcf0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cbad964f3eb4ee-OSL
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 18 Sep 2022 17:03:22 GMT
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 17:07:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1i0ZZ1_DnP8mAHgo82jbEYuX8Q9vJHWEt_hn1PgWiJ276CxjUBI9XA==
Age: 246
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4756
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:28 GMT
Last-Modified: Sun, 18 Sep 2022 15:48:12 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.27.12.161101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.27.12.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: o91EBMxIDTCOasO4pPaBfg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oB4L5vNmjR+uOgtz4jd3falsKGo=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3211
Expires: Sun, 18 Sep 2022 18:01:01 GMT
Date: Sun, 18 Sep 2022 17:07:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3211
Expires: Sun, 18 Sep 2022 18:01:01 GMT
Date: Sun, 18 Sep 2022 17:07:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3211
Expires: Sun, 18 Sep 2022 18:01:01 GMT
Date: Sun, 18 Sep 2022 17:07:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3211
Expires: Sun, 18 Sep 2022 18:01:01 GMT
Date: Sun, 18 Sep 2022 17:07:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9a9211e94d6aa2429e9663ef317707e
ac0d1af96508d026f9a1252d358660bd5671f9bd
36663b67119ae58b665e43d86b73045472cf23d73bf2c981754f479989690791
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5448
x-amzn-requestid: 3b63d209-af92-4d64-866a-d8f677aa62a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn659H9DIAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263ea5-30e7f8a32603ba70671addec;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:39:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JKenU-KwXFVEu-tZnc_yoDis5Lt-2tY0RcjH7ZT592hqp0tIUF25Lg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:01 GMT
etag: "ac0d1af96508d026f9a1252d358660bd5671f9bd"
content-type: image/jpeg
age: 69509
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f003d8b6e12692fb16dddd6827deead8
786c333cf08456aea446a55c547520572e1c2df9
d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QgOb-hraq20XpHk_0Cyz2UMxaIEjP8ilIXt2VuhiRJWJAOG5EuAb5A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 05:49:05 GMT
age: 40705
etag: "786c333cf08456aea446a55c547520572e1c2df9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04886f03-31f4-47c0-acd2-574924b72575.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04886f03-31f4-47c0-acd2-574924b72575.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 74d382fa046c33833751eb8753cc5576
90538e8f73cc087fc919ae12bfee36ab8093be82
2a4ff9c05299ddd6019bc88a1c4c1e59d3e561eb455335c71da2ddefd24907fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04886f03-31f4-47c0-acd2-574924b72575.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6290
x-amzn-requestid: b7d7b028-880e-43b8-bdb1-0e3def6d3b15
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6KnHdsoAMFrvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263d76-058b5c892bbf924416fba4fe;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: oICxyn_l7TpzNmv_4kAFS8imbfr5v9XEtMEBDQgvfU1hXtlF1Ke7QA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:54:29 GMT
age: 69181
etag: "90538e8f73cc087fc919ae12bfee36ab8093be82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7334a6bdb209350f41e4640960c9ce2a
0b00e1a594dc88c8fb05044a69cc0ba1eafc4946
bf946afeb52d95f27e2a271486accf87a0c169e5e78f6d57cace80564e2ed668
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10554
x-amzn-requestid: 07497447-33e7-4f60-a3ff-974f581c5704
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tlG_7IAMFaIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbd-1964dc6548cb5f7c09f65b78;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BLfMTudduK95E9WeV9h987RYPa2RjQTtcl6jkjAZxgSWmCfUTnxU4A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:43:11 GMT
age: 69859
etag: "0b00e1a594dc88c8fb05044a69cc0ba1eafc4946"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56ade9172e883c777dd974ca879bceba
b2aaf019e083443a6404c262206ee2e981d3165c
c8407ad191143d2d947464b357d8426efb334cb165c4fa5ca01573d8f7ca7b76
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5133
x-amzn-requestid: 01f39c0a-c86f-4057-a505-20200819203c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioKkFrFoAMFhMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420a9-5821f44144b61475180ec961;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: mDe4BYbMkqkO3wq6onH6c_YOfWn32Z4L9t-QW_5mwez4bcrVkrQBuw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:38:13 GMT
age: 34157
etag: "b2aaf019e083443a6404c262206ee2e981d3165c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29f4a52fb629dce4ef8038d4df7ea58a
4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0
32cee35b22110b83738f49f49edb6efcedb54fe793d5ccc900004e16e3fefda3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5827
x-amzn-requestid: a30d5a61-ccb2-4582-8298-1abb79830dda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7VSF21IAMFvGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63257288-5b79117f185617fb0f37a845;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:08:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2cYYmknnm5GHRMA69N-dqXXKHb1-tfN1PuRYB5xxtRJK5Gk3-PO0Bw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:16:15 GMT
age: 35475
etag: "4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ww2.mkkuei4kdsz.com/
64.190.63.136200 OK 1.2 kB IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (636)
Hash a69742e5c99f426eed95f4cd1ca5eaca
cc2a25520b30e980bce831b3c86949d764d253d9
09a31fddcd887884b69ff17e25e1791abc319268dd4b0abcc84d2b80700febed
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Sun, 18 Sep 2022 17:07:30 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_RlGSCujrTwIV09ewwdBk8PiCOXknsvjzonXp/BabLYsbM4wWv0k1teTkRJynKg7Y1QeTz1UsnxJZ/TvhfinDdA==
last-modified: Sun, 18 Sep 2022 17:07:28 GMT
x-cache-miss-from: parking-77d45f54b-snbl6
server: NginX
content-encoding: gzip
ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY2MzUyMDg1MGYyYjM4N2JiZGFhYmNlOGVjYTI2NDE5YjE4MGVlODUw&crc=a630c418044801b3876d3d23a3c196f2edfdbe21&cv=1
64.190.63.136200 OK 0 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY2MzUyMDg1MGYyYjM4N2JiZGFhYmNlOGVjYTI2NDE5YjE4MGVlODUw&crc=a630c418044801b3876d3d23a3c196f2edfdbe21&cv=1
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY2MzUyMDg1MGYyYjM4N2JiZGFhYmNlOGVjYTI2NDE5YjE4MGVlODUw&crc=a630c418044801b3876d3d23a3c196f2edfdbe21&cv=1 HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
HTTP/1.1 200 OK
date: Sun, 18 Sep 2022 17:07:30 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-cache-miss-from: parking-77d45f54b-f2llz
server: NginX
img.sedoparking.com/images/js_preloader.gif
205.234.175.175200 OK 4.3 kB URL HTTP/1.1 img.sedoparking.com/images/js_preloader.gif
IP 205.234.175.175:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 90c93102a88c2ab94bff1575b7a6e86e
56d71bf13de464534643db9d127629a0a3bf677a
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 17:07:30 GMT
Content-Type: image/gif
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Sun, 25 Sep 2022 17:07:30 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: H
CF4Age: 156700
x-cf-tsc: 1648179742
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: 2a0269c089f7118cb161d4106c35b676
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
ww2.mkkuei4kdsz.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D2MF77Uf1yIQ_0&v=MThjOGZjM2Y1MzViNDNlNmQyYTljMDlmZjRlNzM0OGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjMyNzUwNTBhNTU5MDMuMzczNzQ3NjAJd3cyLm1ra3VlaTRrZHN6LmNvbTYzMjc1MDUwYTU2M2QxLjE0MDczNTU3CTE2NjM1MjA4NTAJYWRfNjNfMA==&l=OAk2MjljNWVhM2RlZDkyNjNjNWYyNmI1MWM4Y2I5NzczMgkwCTM1CTAJNDU2OGE3NzZhNGRhMWRhYmNmMTI0MzE5OTg5MjFhZDEJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjM1MjA4NTAJMC4wMDA2OQlOCTAJMQk4MzAJMTIwNQkxOTQwNDMxNDIJOTEuOTAuNDIuMTU0CTA%3D
64.190.63.136302 Found 0 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D2MF77Uf1yIQ_0&v=MThjOGZjM2Y1MzViNDNlNmQyYTljMDlmZjRlNzM0OGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjMyNzUwNTBhNTU5MDMuMzczNzQ3NjAJd3cyLm1ra3VlaTRrZHN6LmNvbTYzMjc1MDUwYTU2M2QxLjE0MDczNTU3CTE2NjM1MjA4NTAJYWRfNjNfMA==&l=OAk2MjljNWVhM2RlZDkyNjNjNWYyNmI1MWM4Y2I5NzczMgkwCTM1CTAJNDU2OGE3NzZhNGRhMWRhYmNmMTI0MzE5OTg5MjFhZDEJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjM1MjA4NTAJMC4wMDA2OQlOCTAJMQk4MzAJMTIwNQkxOTQwNDMxNDIJOTEuOTAuNDIuMTU0CTA%3D
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D2MF77Uf1yIQ_0&v=MThjOGZjM2Y1MzViNDNlNmQyYTljMDlmZjRlNzM0OGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjMyNzUwNTBhNTU5MDMuMzczNzQ3NjAJd3cyLm1ra3VlaTRrZHN6LmNvbTYzMjc1MDUwYTU2M2QxLjE0MDczNTU3CTE2NjM1MjA4NTAJYWRfNjNfMA==&l=OAk2MjljNWVhM2RlZDkyNjNjNWYyNmI1MWM4Y2I5NzczMgkwCTM1CTAJNDU2OGE3NzZhNGRhMWRhYmNmMTI0MzE5OTg5MjFhZDEJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjM1MjA4NTAJMC4wMDA2OQlOCTAJMQk4MzAJMTIwNQkxOTQwNDMxNDIJOTEuOTAuNDIuMTU0CTA%3D HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Sun, 18 Sep 2022 17:07:30 GMT
content-type: text/html; charset=UTF-8
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Sun, 18 Sep 2022 17:07:30 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D2MF77Uf1yIQ_0&v=MThjOGZjM2Y1MzViNDNlNmQyYTljMDlmZjRlNzM0OGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjMyNzUwNTBhNTU5MDMuMzczNzQ3NjAJd3cyLm1ra3VlaTRrZHN6LmNvbTYzMjc1MDUwYTU2M2QxLjE0MDczNTU3CTE2NjM1MjA4NTAJYWRfNjNfMA==&l=OAk2MjljNWVhM2RlZDkyNjNjNWYyNmI1MWM4Y2I5NzczMgkwCTM1CTAJNDU2OGE3NzZhNGRhMWRhYmNmMTI0MzE5OTg5MjFhZDEJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjM1MjA4NTAJMC4wMDA2OQlOCTAJMQk4MzAJMTIwNQkxOTQwNDMxNDIJOTEuOTAuNDIuMTU0CTA%3D
x-cache-miss-from: parking-77d45f54b-2pbh6
server: NginX
ww2.mkkuei4kdsz.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D2MF77Uf1yIQ_0&v=MThjOGZjM2Y1MzViNDNlNmQyYTljMDlmZjRlNzM0OGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjMyNzUwNTBhNTU5MDMuMzczNzQ3NjAJd3cyLm1ra3VlaTRrZHN6LmNvbTYzMjc1MDUwYTU2M2QxLjE0MDczNTU3CTE2NjM1MjA4NTAJYWRfNjNfMA==&l=OAk2MjljNWVhM2RlZDkyNjNjNWYyNmI1MWM4Y2I5NzczMgkwCTM1CTAJNDU2OGE3NzZhNGRhMWRhYmNmMTI0MzE5OTg5MjFhZDEJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjM1MjA4NTAJMC4wMDA2OQlOCTAJMQk4MzAJMTIwNQkxOTQwNDMxNDIJOTEuOTAuNDIuMTU0CTA%3D
64.190.63.136302 Found 311 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D2MF77Uf1yIQ_0&v=MThjOGZjM2Y1MzViNDNlNmQyYTljMDlmZjRlNzM0OGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjMyNzUwNTBhNTU5MDMuMzczNzQ3NjAJd3cyLm1ra3VlaTRrZHN6LmNvbTYzMjc1MDUwYTU2M2QxLjE0MDczNTU3CTE2NjM1MjA4NTAJYWRfNjNfMA==&l=OAk2MjljNWVhM2RlZDkyNjNjNWYyNmI1MWM4Y2I5NzczMgkwCTM1CTAJNDU2OGE3NzZhNGRhMWRhYmNmMTI0MzE5OTg5MjFhZDEJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjM1MjA4NTAJMC4wMDA2OQlOCTAJMQk4MzAJMTIwNQkxOTQwNDMxNDIJOTEuOTAuNDIuMTU0CTA%3D
IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b012a61a6d565652f5e467fac36edf41
10ecb788a02bdb240736a4bcdec5f59a68ab495f
417e6e5046d71265fe60ff54985a0efcb9d9188b39e13870daa5fe80b2da6ee5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D2MF77Uf1yIQ_0&v=MThjOGZjM2Y1MzViNDNlNmQyYTljMDlmZjRlNzM0OGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjMyNzUwNTBhNTU5MDMuMzczNzQ3NjAJd3cyLm1ra3VlaTRrZHN6LmNvbTYzMjc1MDUwYTU2M2QxLjE0MDczNTU3CTE2NjM1MjA4NTAJYWRfNjNfMA==&l=OAk2MjljNWVhM2RlZDkyNjNjNWYyNmI1MWM4Y2I5NzczMgkwCTM1CTAJNDU2OGE3NzZhNGRhMWRhYmNmMTI0MzE5OTg5MjFhZDEJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjM1MjA4NTAJMC4wMDA2OQlOCTAJMQk4MzAJMTIwNQkxOTQwNDMxNDIJOTEuOTAuNDIuMTU0CTA%3D HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Sun, 18 Sep 2022 17:07:30 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Sun, 18 Sep 2022 17:07:30 GMT
location: http://xml.sedodna.com/click?i=2MF77Uf1yIQ_0
x-cache-miss-from: parking-77d45f54b-gxf2t
server: NginX
xml.sedodna.com/click?i=2MF77Uf1yIQ_0
173.239.53.32302 Found 0 B URL HTTP/1.1 xml.sedodna.com/click?i=2MF77Uf1yIQ_0
IP 173.239.53.32:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=2MF77Uf1yIQ_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: http://balor-ghn.com/zcvisitor/603b0c94-3774-11ed-b78d-1290f4154b55/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=617fa1d0-35c4-11ed-b69b-12beee04f19b
Pragma: no-cache
balor-ghn.com/zcvisitor/603b0c94-3774-11ed-b78d-1290f4154b55/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=617fa1d0-35c4-11ed-b69b-12beee04f19b
52.45.156.125200 996 B URL HTTP/1.1 balor-ghn.com/zcvisitor/603b0c94-3774-11ed-b78d-1290f4154b55/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=617fa1d0-35c4-11ed-b69b-12beee04f19b
IP 52.45.156.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 26633c3073e5f22e9784fc9049a7c992
20793a7b012b5832f23807c64378ac06d09bc543
d438ab07ca07aa958d61d8f972c5636d196d35f75e2df1d791495d0a78cc990d
GET /zcvisitor/603b0c94-3774-11ed-b78d-1290f4154b55/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=617fa1d0-35c4-11ed-b69b-12beee04f19b HTTP/1.1
Host: balor-ghn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 18 Sep 2022 17:07:31 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: pxgrlXwt
balor-ghn.com/zcredirect?visitid=603b0c94-3774-11ed-b78d-1290f4154b55&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
52.45.156.125200 692 B URL HTTP/1.1 balor-ghn.com/zcredirect?visitid=603b0c94-3774-11ed-b78d-1290f4154b55&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
IP 52.45.156.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (303)
Hash e046b71e4675ea2eeefb3da26f21aaeb
122dc0b3033775c0d8702322599cec6074ea240a
3c3c1eff1a16c333aef815e80caee495722fbdc69c382d5f1da7c226d60d43f8
GET /zcredirect?visitid=603b0c94-3774-11ed-b78d-1290f4154b55&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1
Host: balor-ghn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balor-ghn.com/zcvisitor/603b0c94-3774-11ed-b78d-1290f4154b55/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=617fa1d0-35c4-11ed-b69b-12beee04f19b
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 18 Sep 2022 17:07:31 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: wjzBmaWV
selymer-sperts.com/zp-redirect?target=https%3A%2F%2Fmed.etoro.com%2FB19861_A72681_TClick.aspx_click_id%3Dws4mrt8dbtq1np4j27jbtirs&caid=3988f3ac-795a-49cb-a476-2d8740511fc3&zpid=603b0c94-3774-11ed-b78d-1290f4154b55&cid=ws4mrt8dbtq1np4j27jbtirs&rt=R
18.193.146.82302 Found 0 B URL HTTP/2 selymer-sperts.com/zp-redirect?target=https%3A%2F%2Fmed.etoro.com%2FB19861_A72681_TClick.aspx_click_id%3Dws4mrt8dbtq1np4j27jbtirs&caid=3988f3ac-795a-49cb-a476-2d8740511fc3&zpid=603b0c94-3774-11ed-b78d-1290f4154b55&cid=ws4mrt8dbtq1np4j27jbtirs&rt=R
IP 18.193.146.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2Fmed.etoro.com%2FB19861_A72681_TClick.aspx_click_id%3Dws4mrt8dbtq1np4j27jbtirs&caid=3988f3ac-795a-49cb-a476-2d8740511fc3&zpid=603b0c94-3774-11ed-b78d-1290f4154b55&cid=ws4mrt8dbtq1np4j27jbtirs&rt=R HTTP/1.1
Host: selymer-sperts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balor-ghn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sun, 18 Sep 2022 17:07:31 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://med.etoro.com/B19861_A72681_TClick.aspx_click_id=ws4mrt8dbtq1np4j27jbtirs
pragma: no-cache
set-cookie: cc-v4=Dw6p2ifZ1zvwiYhpmBwjuT84rUPiay9Z1v%2BWebUPyo%2FX7guikyrv1k7FvfnOz%2BBH0%2FD%2FGSxhUKMgfRLz9Nb%2F6uIsbQjALVSPORAHvwzKOTbT0RuOMG8fXP716rNVkKCpVU7GHQHCTLkyUGsBpyTGfg%3D%3D; Max-Age=31536000; Expires=Mon, 18-Sep-2023 17:07:31 GMT; Domain=selymer-sperts.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
med.etoro.com/B19861_A72681_TClick.aspx_click_id=ws4mrt8dbtq1np4j27jbtirs
96.6.17.100301 Moved Permanently 186 B URL HTTP/1.1 med.etoro.com/B19861_A72681_TClick.aspx_click_id=ws4mrt8dbtq1np4j27jbtirs
IP 96.6.17.100:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash a8eaa011dfa979895c36f222947c3ffa
3877bc515251a752941a9ed6be3a8460359ec781
b15c8296acd9ad62e70d89474b618eb1d16d0a2dcc9a4ec5471b4b77fd30a06e
GET /B19861_A72681_TClick.aspx_click_id=ws4mrt8dbtq1np4j27jbtirs HTTP/1.1
Host: med.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://balor-ghn.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Content-Length: 186
Location: http://med.etoro.com/aw.aspx?B=19861&A=72681&Task=Click
X-Robots-Tag: noindex
Expires: Sun, 18 Sep 2022 17:07:31 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 18 Sep 2022 17:07:31 GMT
Connection: keep-alive
med.etoro.com/aw.aspx?B=19861&A=72681&Task=Click
96.6.17.100301 Moved Permanently 0 B URL HTTP/1.1 med.etoro.com/aw.aspx?B=19861&A=72681&Task=Click
IP 96.6.17.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aw.aspx?B=19861&A=72681&Task=Click HTTP/1.1
Host: med.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://balor-ghn.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://med.etoro.com/aw.aspx?B=19861&A=72681&Task=Click
Expires: Sun, 18 Sep 2022 17:07:31 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 18 Sep 2022 17:07:31 GMT
Connection: keep-alive
med.etoro.com/aw.aspx?B=19861&A=72681&Task=Click
96.6.17.100301 Moved Permanently 0 B URL HTTP/1.1 med.etoro.com/aw.aspx?B=19861&A=72681&Task=Click
IP 96.6.17.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aw.aspx?B=19861&A=72681&Task=Click HTTP/1.1
Host: med.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://balor-ghn.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Content-Type: text/plain
Content-Length: 0
Location: https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=19861&utm_serial=&utm_campaign=&utm_term=
P3P: CP=`NOI DSP COR NID ADMa OPTa OUR NOR`
X-Robots-Tag: noindex
Expires: Sun, 18 Sep 2022 17:07:31 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 18 Sep 2022 17:07:31 GMT
Connection: keep-alive
Set-Cookie: ASP.NET_SessionId=dvhmo10i2slfhm4plvnelv1t; path=/; HttpOnly
AffiliateWizAffiliateID=AffiliateID=72681&ClickBannerID=19861&SubAffiliateID=&Custom=&ClickDateTime=2022-09-18T17:07:31.7246197Z&UserUniqueIdentifier=cee5539c-dee9-4823-b1b7-1f12ae9256ea; domain=.etoro.com; expires=Thu, 17-Nov-2022 00:00:00 GMT; path=/
AffiliateWizAffiliateID=AffiliateID=72681&ClickBannerID=19861&SubAffiliateID=&Custom=&ClickDateTime=2022-09-18T17:07:31.7246197Z&UserUniqueIdentifier=cee5539c-dee9-4823-b1b7-1f12ae9256ea; domain=.etoro.com.cn; expires=Thu, 17-Nov-2022 00:00:00 GMT; path=/
AffiliateWizAffiliateID=AffiliateID=72681&ClickBannerID=19861&SubAffiliateID=&Custom=&ClickDateTime=2022-09-18T17:07:31.7246197Z&UserUniqueIdentifier=cee5539c-dee9-4823-b1b7-1f12ae9256ea; domain=.etorocn.com.cn; expires=Thu, 17-Nov-2022 00:00:00 GMT; path=/
AffiliateWizAffiliateID=AffiliateID=72681&ClickBannerID=19861&SubAffiliateID=&Custom=&ClickDateTime=2022-09-18T17:07:31.7246197Z&UserUniqueIdentifier=cee5539c-dee9-4823-b1b7-1f12ae9256ea; domain=.etoroasia-securities.com; expires=Thu, 17-Nov-2022 00:00:00 GMT; path=/
AffiliateWizAffiliateID=AffiliateID=72681&ClickBannerID=19861&SubAffiliateID=&Custom=&ClickDateTime=2022-09-18T17:07:31.7246197Z&UserUniqueIdentifier=cee5539c-dee9-4823-b1b7-1f12ae9256ea; domain=.etoroasia.cn; expires=Thu, 17-Nov-2022 00:00:00 GMT; path=/
AffiliateWizAffiliateID=AffiliateID=72681&ClickBannerID=19861&SubAffiliateID=&Custom=&ClickDateTime=2022-09-18T17:07:31.7246197Z&UserUniqueIdentifier=cee5539c-dee9-4823-b1b7-1f12ae9256ea; domain=.etoroasia.com; expires=Thu, 17-Nov-2022 00:00:00 GMT; path=/
AffiliateWizAffiliateID=AffiliateID=72681&ClickBannerID=19861&SubAffiliateID=&Custom=&ClickDateTime=2022-09-18T17:07:31.7246197Z&UserUniqueIdentifier=cee5539c-dee9-4823-b1b7-1f12ae9256ea; domain=.etoroasia.com.cn; expires=Thu, 17-Nov-2022 00:00:00 GMT; path=/
AffiliateWizAffiliateID=AffiliateID=72681&ClickBannerID=19861&SubAffiliateID=&Custom=&ClickDateTime=2022-09-18T17:07:31.7246197Z&UserUniqueIdentifier=cee5539c-dee9-4823-b1b7-1f12ae9256ea; domain=.etoroasia-Investing.com; expires=Thu, 17-Nov-2022 00:00:00 GMT; path=/
RequestURL=URL=http://med.etoro.com/aw.aspx?b=19861&a=72681&task=click; domain=.etoro.com; expires=Tue, 18-Oct-2022 00:00:00 GMT; path=/
go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=19861&utm_serial=&utm_campaign=&utm_term=
96.6.17.100200 OK 3.6 kB URL HTTP/2 go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=19861&utm_serial=&utm_campaign=&utm_term=
IP 96.6.17.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18095)
Hash 96cb6342726542d91f20eeae2f7ad78b
307c07658f6e4a1f9e68189865ef2863b7b6d200
86b075204e1e088131f371d80818b4e1c43fa653145cf893d15484d4031b2eca
GET /en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=19861&utm_serial=&utm_campaign=&utm_term= HTTP/1.1
Host: go.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://balor-ghn.com/
Connection: keep-alive
Cookie: AffiliateWizAffiliateID=AffiliateID=72681&ClickBannerID=19861&SubAffiliateID=&Custom=&ClickDateTime=2022-09-18T17:07:31.7246197Z&UserUniqueIdentifier=cee5539c-dee9-4823-b1b7-1f12ae9256ea; RequestURL=URL=http://med.etoro.com/aw.aspx?b=19861&a=72681&task=click
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
request-context: appId=cid-v1:35936646-66d4-4f8d-a033-e97456c4c9a7
x-powered-by: Express
etag: W/"5398-r7/5/dvsanYQRDdK52ARUprzxUc"
content-encoding: gzip
content-length: 3616
expires: Sun, 18 Sep 2022 17:07:31 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 18 Sep 2022 17:07:31 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
marketing.etorostatic.com/landingpages/runtime-es2015.e91f1448aa498fd48783.js
23.38.201.117200 OK 2.8 kB URL HTTP/2 marketing.etorostatic.com/landingpages/runtime-es2015.e91f1448aa498fd48783.js
IP 23.38.201.117:0
File type ASCII text, with very long lines (4884), with no line terminators
Hash 6f4a445f8038456385cf7893ac5634af
031760dec4bc748459b41f2bf3abfda06b9ab32d
46c7916d0557c325200443a54177036ae4d5ab4308de38cad99d48f18beb267b
GET /landingpages/runtime-es2015.e91f1448aa498fd48783.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.etoro.com
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RLYpCXoVVKMafYaeETqV6Wh09HViOdE95ABRL6jetwJmFlPeg64yV9VqNuKzV0AX0yWxllYU6gY=
x-amz-request-id: KMKJVVG56TVB9XGN
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 15 Sep 2022 12:14:54 GMT
etag: "0957d7cbbced5bfc5f0f38e8e4cac755"
x-amz-version-id: LxMZVzSU4EVuXquPMW0ci8S8Ztzzh8RA
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sun, 18 Sep 2022 17:12:31 GMT
date: Sun, 18 Sep 2022 17:07:31 GMT
content-length: 2808
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
marketing.etorostatic.com/landingpages/styles.2aac5caa0a8ef2398c0c.css
23.38.201.117200 OK 14 kB URL HTTP/2 marketing.etorostatic.com/landingpages/styles.2aac5caa0a8ef2398c0c.css
IP 23.38.201.117:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0d6bcb6f5632092c907c2652552eb813
92781b13149564fa0f1f772723107bda627a1069
b84b9451fb0a9ecc1c7634c473ca8b616bd88329c9f40ed42e3e30d87dfc3981
GET /landingpages/styles.2aac5caa0a8ef2398c0c.css HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: QMuDcMpwWWr3wq4/BmaFkKt8Uxm3hjCjNcYhJL/UaMAjSaMHIJVnrYyxaDNI+BKKOGzHEPr+eKY=
x-amz-request-id: GN3H6CHQBVB6AX5A
x-amz-replication-status: COMPLETED
last-modified: Wed, 31 Aug 2022 11:41:07 GMT
etag: "51cc4bb35d7b71648d309b483577a45c"
x-amz-version-id: 3SivAvJidJzFKUhFwaxm7CW1UrisT.lE
accept-ranges: bytes
content-type: text/css
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sun, 18 Sep 2022 17:12:31 GMT
date: Sun, 18 Sep 2022 17:07:31 GMT
content-length: 14397
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
marketing.etorostatic.com/landingpages/polyfills-es2015.47aba3707b207fbc83bd.js
23.38.201.117200 OK 32 kB URL HTTP/2 marketing.etorostatic.com/landingpages/polyfills-es2015.47aba3707b207fbc83bd.js
IP 23.38.201.117:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 024c72ecc84d31d5408541d7fe3b70eb
ac9e7a7053966f512207f1db88c1ea61d2c1da53
d9a81b339bdca692fcaabab75b769058a147072955bcb9393506d228adaaefa3
GET /landingpages/polyfills-es2015.47aba3707b207fbc83bd.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.etoro.com
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LdgtMenD+9GiSD3xLm3OiPtVF5i4dFyM0Hob8KOjbGDz7mgz27FrQmCv0OjPuhggV9zDWUwlTzA=
x-amz-request-id: W3FESZH27C2K1406
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Sun, 24 Jul 2022 19:16:09 GMT
etag: "991fedbb17e033347f541621a41c9358"
x-amz-version-id: OONrL6_CkQL4KtulVG5Y5lzfkIU2bKu9
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sun, 18 Sep 2022 17:12:31 GMT
date: Sun, 18 Sep 2022 17:07:31 GMT
content-length: 32283
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
etoro-cdn.etorostatic.com/studio/content/lp/cache_1/etoro-lps/slider/etoro_loader_cyc.png
23.38.201.117200 OK 1.2 kB URL HTTP/2 etoro-cdn.etorostatic.com/studio/content/lp/cache_1/etoro-lps/slider/etoro_loader_cyc.png
IP 23.38.201.117:0
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash dfe88860b37800e402465e2ba8fcda23
267e494006dcd2f90cde9b773c2edd73bd230f98
222a7f68e4b9ac4a8b7db1596bcc4c4ae259f7b5b35ed398acd2c3af8064de90
GET /studio/content/lp/cache_1/etoro-lps/slider/etoro_loader_cyc.png HTTP/1.1
Host: etoro-cdn.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: XztXF6j4BO9k/Dguby0SDZF1KGVhbc7s/sO8DgZypG035OXggqUJ2IWsok7bTIxZ3hKJcdq0M7g=
x-amz-request-id: SJ5X9YQT4YEN8WF9
x-amz-replication-status: COMPLETED
last-modified: Mon, 04 Jun 2018 04:50:25 GMT
etag: "dfe88860b37800e402465e2ba8fcda23"
x-amz-meta-s3b-last-modified: 20180411T105754Z
x-amz-version-id: QRygE2XwGUU0V_sJeR79ocSaxLTx2E9F
accept-ranges: bytes
content-type: image/png
content-length: 1243
server: AmazonS3
cache-control: max-age=604800
expires: Sun, 25 Sep 2022 17:07:31 GMT
date: Sun, 18 Sep 2022 17:07:31 GMT
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
etoro-cdn.etorostatic.com/studio/content/lp/cache_1/etoro-lps/general_images/logos/etoro-logo-new-green.svg
23.38.201.117200 OK 985 B URL HTTP/2 etoro-cdn.etorostatic.com/studio/content/lp/cache_1/etoro-lps/general_images/logos/etoro-logo-new-green.svg
IP 23.38.201.117:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2351), with no line terminators
Hash 9ea843b771a1377348645dddb7bdf7e3
e8a461139873746992776a63f4eb6c7116d9fb71
716be7311d45bac625c5a8fd43008f7730eacfba8eff3caf7c0182f10959b91d
GET /studio/content/lp/cache_1/etoro-lps/general_images/logos/etoro-logo-new-green.svg HTTP/1.1
Host: etoro-cdn.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: PwA+7IVlB+ByBhpxbxYWskL2olteVcBbqdRFv1m5NB+sRPs0wAHA1I7BM8O/kisMUs6Oqlyd328=
x-amz-request-id: MN2M7MMVSV3HJ5GY
x-amz-replication-status: COMPLETED
last-modified: Wed, 23 Feb 2022 08:30:20 GMT
etag: "2f81173921eb7c27be1f465a830404f0"
x-amz-meta-sha256: d326e618548d8ac6892a1e8c5ce11d39016d58264d4bae8a252730a0d130e5e8
x-amz-meta-s3b-last-modified: 20220223T082909Z
x-amz-version-id: OwOa4OVeQCkctL2IgpC4LODkH.61JBgU
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
expires: Sun, 25 Sep 2022 17:07:32 GMT
date: Sun, 18 Sep 2022 17:07:32 GMT
content-length: 985
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
etoro-cdn.etorostatic.com/web-client/fonts/opensans/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
23.38.201.117200 OK 16 kB URL HTTP/2 etoro-cdn.etorostatic.com/web-client/fonts/opensans/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
IP 23.38.201.117:0
File type Web Open Font Format (Version 2), TrueType, length 16212, version 1.6554\012- data
Hash aa21f9964cd88c7d6a03b32c11e6bf3e
14a380d9ddfdee7aecf38c241c450bfe813d94e5
30427ab021a9d28d0f9724a8565c2463ee5a3938417dd0750d58ab79ac07cf12
GET /web-client/fonts/opensans/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2 HTTP/1.1
Host: etoro-cdn.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.etoro.com
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: tk21VJGuue4wpX19OmEddxD0J//URAQorcuQUEX2bNHwngx5HA/1uNEq9FrO9Oy8U0fn+lMqTXI=
x-amz-request-id: GX1E2T5Q1DKXJ7M4
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 03 Jan 2017 13:10:06 GMT
etag: "aa21f9964cd88c7d6a03b32c11e6bf3e"
x-amz-meta-cb-modifiedtime: Tue, 03 Jan 2017 13:09:02 GMT
x-amz-version-id: MkWGLAQn6l9OArJd9xvShnWsj3x_Qdqn
accept-ranges: bytes
content-type: application/octet-stream
server: AmazonS3
content-length: 16212
cache-control: max-age=2592000
expires: Tue, 18 Oct 2022 17:07:32 GMT
date: Sun, 18 Sep 2022 17:07:32 GMT
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
etoro-cdn.etorostatic.com/studio/content/lp/cache_1/etoro-lps/practice-account/images/background/tiles-virtual-watchlist.jpg
23.38.201.117200 OK 379 kB URL HTTP/2 etoro-cdn.etorostatic.com/studio/content/lp/cache_1/etoro-lps/practice-account/images/background/tiles-virtual-watchlist.jpg
IP 23.38.201.117:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1912x975, components 3\012- data
Size 379 kB (379017 bytes)
Hash 444db7330e5f6c6174dd99517d426901
caa3955e521aeea7c64d4047aa79dc4e655f3612
6634917012d16e2ea2c3ef7377aea5d218ba44aec83ba0234190721867e788bd
GET /studio/content/lp/cache_1/etoro-lps/practice-account/images/background/tiles-virtual-watchlist.jpg HTTP/1.1
Host: etoro-cdn.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: zEIWYTEmf1PF+1dj/lU871tVPWmtVZRmjgXZDx+AYV3CIzWY2TsEVVl1GN4e+BZzJjVibHR8AYA=
x-amz-request-id: G36VTHATEVRBMG8H
x-amz-replication-status: COMPLETED
last-modified: Sun, 21 Apr 2019 08:43:33 GMT
etag: "444db7330e5f6c6174dd99517d426901"
x-amz-meta-s3b-last-modified: 20190417T112337Z
x-amz-version-id: wSGGDjjTkxo89gmM615DGwzx7J9Na0NG
accept-ranges: bytes
content-type: image/jpeg
server: AmazonS3
content-length: 379017
cache-control: max-age=604800
expires: Sun, 25 Sep 2022 17:07:31 GMT
date: Sun, 18 Sep 2022 17:07:31 GMT
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
etoro-cdn.etorostatic.com/web-client/fonts/opensans/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
23.38.201.117200 OK 16 kB URL HTTP/2 etoro-cdn.etorostatic.com/web-client/fonts/opensans/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
IP 23.38.201.117:0
File type Web Open Font Format (Version 2), TrueType, length 16080, version 1.6554\012- data
Hash f3515b8fcce21d4bbb0da28b297495ed
808769b38614943b5116b559ac7528386b7cb020
efdf47ca1d1eee9ad503d589c6931daf40228fcac1817eb13e6559750ef830b8
GET /web-client/fonts/opensans/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2 HTTP/1.1
Host: etoro-cdn.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.etoro.com
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: IyNgB46QF9lTndlq0U0nC+00SDIae1eyKMIbe5YFHksRDdpZsnBbft0xZK48a3FZitXfSnm7sL8=
x-amz-request-id: MW48XEZXQ2AR34H5
x-amz-replication-status: COMPLETED
last-modified: Tue, 03 Jan 2017 13:10:06 GMT
etag: "f3515b8fcce21d4bbb0da28b297495ed"
x-amz-meta-cb-modifiedtime: Tue, 03 Jan 2017 13:09:21 GMT
x-amz-version-id: otYh1Ncyl7G3ih0ct3Y9fsdhm4R1ysiw
accept-ranges: bytes
content-type: application/octet-stream
content-length: 16080
server: AmazonS3
cache-control: max-age=2592000
expires: Tue, 18 Oct 2022 17:07:32 GMT
date: Sun, 18 Sep 2022 17:07:32 GMT
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab87e1e4dc6abd919cf683dff901fe8
07cfbf03a72cb316844c48669a10484e63b7f887
d68b40168e5c06bd69b83e8529ea0b15996e7124d2c8b3c5b0be81c8946f04c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
marketing.etorostatic.com/landingpages/0-es2015.b4028b0b8d197354194e.js
23.38.201.117200 OK 10 kB URL HTTP/2 marketing.etorostatic.com/landingpages/0-es2015.b4028b0b8d197354194e.js
IP 23.38.201.117:0
File type HTML document, ASCII text, with very long lines (39164), with no line terminators
Hash 09331951c7f19878834aa2ac55c6b681
fef2cb4eefa3b9dbae49995f161281b9970ef7e2
31c5dfac30bd22f778846e1724027e2a36ca4dc43b658889cc36dc9d330962a8
GET /landingpages/0-es2015.b4028b0b8d197354194e.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: /9rCweWNuV6Em1n4vfyLJNsr4BVHiZD9c2pO70qtCa8aqJ7sz0ltwTZF++qV5wb2wUUFCE28sImxPLFEIHk8lQ==
x-amz-request-id: 1ZVJDEMQTS8302NP
x-amz-replication-status: COMPLETED
last-modified: Thu, 15 Sep 2022 12:14:52 GMT
etag: "5a2dbabcfa601c7b3e3811cee9d4c2e5"
x-amz-version-id: BcDE.3NyRsiCGINQ8NfnN54MOZh.B1Nh
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sun, 18 Sep 2022 17:12:32 GMT
date: Sun, 18 Sep 2022 17:07:32 GMT
content-length: 10468
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
marketing.etorostatic.com/landingpages/1-es2015.42bb491a1fb29763db90.js
23.38.201.117200 OK 3.2 kB URL HTTP/2 marketing.etorostatic.com/landingpages/1-es2015.42bb491a1fb29763db90.js
IP 23.38.201.117:0
File type ASCII text, with very long lines (9402), with no line terminators
Hash 096b85daf24610a2d87e696ca6523e77
809d6a51fffcb5418cc648c3440c64998d80a080
74122803c4b01501c031032821f07b2e3c47b96e2f9a4e0fdab56796e120fef8
GET /landingpages/1-es2015.42bb491a1fb29763db90.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Lcv75lJlQ5gb8K6NW/TF4t4VhhxNf8/vKidWje3adeVb8wzANSvLLj3iWWFTuiVpnn+bZgb0f54=
x-amz-request-id: G9T36TF7XCMHAA2P
x-amz-replication-status: COMPLETED
last-modified: Thu, 07 Apr 2022 13:15:47 GMT
etag: "6a3aab6fc18dcccf333d21422adcb4fd"
x-amz-version-id: jZ2FD6xKBuzO98ifc7RfAZFH0Nbw9y6Y
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sun, 18 Sep 2022 17:12:32 GMT
date: Sun, 18 Sep 2022 17:07:32 GMT
content-length: 3234
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
marketing.etorostatic.com/landingpages/3-es2015.f049c087aa6adeb6db19.js
23.38.201.117200 OK 4.6 kB URL HTTP/2 marketing.etorostatic.com/landingpages/3-es2015.f049c087aa6adeb6db19.js
IP 23.38.201.117:0
File type ASCII text, with very long lines (22124), with no line terminators
Hash ed16c095de325d6d888f9c60c5725da2
05323cfb7c9b2a860715028f03c34f01b7ffceee
4652647c06ddfbb59b2c7fab7ead098aa379e4c3795a1ff1238312b91304419c
GET /landingpages/3-es2015.f049c087aa6adeb6db19.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Gg8UE59Lyw/iD0jSl47nM/DKZ/gT53+Mg1ki5g6E8QhHVRinAi0WkVc/nK4CnkcxS/VKNhFsIe0=
x-amz-request-id: F36TXW5CNQ6SNVRM
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Aug 2022 10:16:33 GMT
etag: "7d332e3df86727b41175fdaa0c4f42d8"
x-amz-version-id: 1M8_zcRV1Yme1KLCuSfACEiwzcyejIRI
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sun, 18 Sep 2022 17:12:32 GMT
date: Sun, 18 Sep 2022 17:07:32 GMT
content-length: 4621
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15572, version 1.6554\012- data
Hash e64cab167bbdc04807429d10873901a0
afc44700053c9a28f9ab26f6aec4862ac1d0795d
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
GET /s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.etoro.com
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15572
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 11 Sep 2022 19:00:25 GMT
expires: Mon, 11 Sep 2023 19:00:25 GMT
cache-control: public, max-age=31536000
age: 598027
last-modified: Mon, 27 Apr 2015 23:46:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
marketing.etorostatic.com/landingpages/2-es2015.42e71d50a7f98ff34a38.js
23.38.201.117200 OK 22 kB URL HTTP/2 marketing.etorostatic.com/landingpages/2-es2015.42e71d50a7f98ff34a38.js
IP 23.38.201.117:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d5358435d19723d857c831c5d936398a
ca40fa03c21bd6771277130bd6ddf6fd6597bb4a
71f1f8d15db2915f6d7f6760f496878dead1e67ec7d6e903101ee5e1af4d1264
GET /landingpages/2-es2015.42e71d50a7f98ff34a38.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: fT02y2OpzJehxvZK2wmwD4jSr8PYK59VOClBWRVsC6xHMrTA6BqmS8qlnzjd11FYeNuiQzF4gw0=
x-amz-request-id: 803WQRANBV6GKTS5
x-amz-replication-status: COMPLETED
last-modified: Thu, 07 Apr 2022 06:15:35 GMT
etag: "25bf5f007190df82e87c0ed3907c59c6"
x-amz-version-id: NuktlzdnIzJ.kWjS9Yp3uVkUtwevNqjI
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sun, 18 Sep 2022 17:12:32 GMT
date: Sun, 18 Sep 2022 17:07:32 GMT
content-length: 21521
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v13/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v13/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 16276, version 1.6554\012- data
Hash 73437ad44345f889f45e27c428d618d8
578d7b5ff3816f7f666984e303364c81be0771d0
f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48
GET /s/opensans/v13/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.etoro.com
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 04:28:00 GMT
expires: Sun, 17 Sep 2023 04:28:00 GMT
cache-control: public, max-age=31536000
age: 131972
last-modified: Mon, 27 Apr 2015 23:45:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
go.etoro.com/favicon.ico
96.6.17.100200 OK 775 B IP 96.6.17.100:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash c51e8432d3ea1b9cfafbc7d535d49d3f
6bfdf34b6df4a8ab0c50e3f27d14f3a4bfaa2e7b
640ffaf99ccae6ec1b549047e5cab7c55b9b3eae0ef1911a9cdfa9582ead4f37
GET /favicon.ico HTTP/1.1
Host: go.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=19861&utm_serial=&utm_campaign=&utm_term=
Cookie: AffiliateWizAffiliateID=AffiliateID=72681&ClickBannerID=19861&SubAffiliateID=&Custom=&ClickDateTime=2022-09-18T17:07:31.7246197Z&UserUniqueIdentifier=cee5539c-dee9-4823-b1b7-1f12ae9256ea; RequestURL=URL=http://med.etoro.com/aw.aspx?b=19861&a=72681&task=click; ai_user=5KB4Y4qDz+gpn/XS4X9l3M|2022-09-18T17:07:13.598Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
request-context: appId=cid-v1:35936646-66d4-4f8d-a033-e97456c4c9a7
x-powered-by: Express
accept-ranges: bytes
last-modified: Thu, 15 Sep 2022 12:11:07 GMT
etag: W/"47e-183410f5378"
content-encoding: gzip
content-length: 775
expires: Sun, 18 Sep 2022 17:07:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 18 Sep 2022 17:07:32 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab87e1e4dc6abd919cf683dff901fe8
07cfbf03a72cb316844c48669a10484e63b7f887
d68b40168e5c06bd69b83e8529ea0b15996e7124d2c8b3c5b0be81c8946f04c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
go.etoro.com//assets/i18n/general/en-gb.json?disableClientId=true
96.6.17.100200 OK 24 kB URL HTTP/2 go.etoro.com//assets/i18n/general/en-gb.json?disableClientId=true
IP 96.6.17.100:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65282), with no line terminators
Hash 6c71b8f2581cd43c6f847697217f7c82
a5eaf5d077bcae13ce1d9641a04067757a133ba1
917aa4c448047dcfdcdbb1f3a534a3f0adc149f887271a314a592535366222c9
GET //assets/i18n/general/en-gb.json?disableClientId=true HTTP/1.1
Host: go.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Request-Id: |37e7e1a84a844b48b6ecfcfe17f2cbe6.b83818daed944f53
traceparent: 00-37e7e1a84a844b48b6ecfcfe17f2cbe6-b83818daed944f53-01
Connection: keep-alive
Referer: https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=19861&utm_serial=&utm_campaign=&utm_term=
Cookie: AffiliateWizAffiliateID=AffiliateID=72681&ClickBannerID=19861&SubAffiliateID=&Custom=&ClickDateTime=2022-09-18T17:07:31.7246197Z&UserUniqueIdentifier=cee5539c-dee9-4823-b1b7-1f12ae9256ea; RequestURL=URL=http://med.etoro.com/aw.aspx?b=19861&a=72681&task=click; ai_user=5KB4Y4qDz+gpn/XS4X9l3M|2022-09-18T17:07:13.598Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
request-context: appId=cid-v1:35936646-66d4-4f8d-a033-e97456c4c9a7
x-powered-by: Express
accept-ranges: bytes
last-modified: Thu, 15 Sep 2022 12:11:08 GMT
etag: W/"17cd9-183410f5760"
content-encoding: gzip
content-length: 24094
expires: Sun, 18 Sep 2022 17:07:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 18 Sep 2022 17:07:32 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
go.etoro.com//assets/i18n/practiceAccount/en-gb.json?disableClientId=true
96.6.17.100200 OK 161 B URL HTTP/2 go.etoro.com//assets/i18n/practiceAccount/en-gb.json?disableClientId=true
IP 96.6.17.100:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4d7b5343b18b66af32ad04df3af0f141
e48d9cf3fe26179965bb67651ce10681cbc5e4f0
a226c2d50f701f61dc7e94c18696e5b61ee5e54e4e6e45cf636676b143a46086
GET //assets/i18n/practiceAccount/en-gb.json?disableClientId=true HTTP/1.1
Host: go.etoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Request-Id: |37e7e1a84a844b48b6ecfcfe17f2cbe6.735a9cf03bc64dd1
traceparent: 00-37e7e1a84a844b48b6ecfcfe17f2cbe6-735a9cf03bc64dd1-01
Connection: keep-alive
Referer: https://go.etoro.com/en/practice-account?utm_medium=Networks&utm_source=72681&utm_content=19861&utm_serial=&utm_campaign=&utm_term=
Cookie: AffiliateWizAffiliateID=AffiliateID=72681&ClickBannerID=19861&SubAffiliateID=&Custom=&ClickDateTime=2022-09-18T17:07:31.7246197Z&UserUniqueIdentifier=cee5539c-dee9-4823-b1b7-1f12ae9256ea; RequestURL=URL=http://med.etoro.com/aw.aspx?b=19861&a=72681&task=click; ai_user=5KB4Y4qDz+gpn/XS4X9l3M|2022-09-18T17:07:13.598Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
content-length: 161
request-context: appId=cid-v1:35936646-66d4-4f8d-a033-e97456c4c9a7
x-powered-by: Express
accept-ranges: bytes
last-modified: Thu, 15 Sep 2022 12:11:08 GMT
etag: W/"a1-183410f5760"
expires: Sun, 18 Sep 2022 17:07:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 18 Sep 2022 17:07:32 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9b19d20af774aa4c4de18c09845d54b9
cd0d41b4957edf5b2f7f66df082b7d1010acceb8
067f454a8ba17fba5f10b67b6a594edd9d9775beb5fb87cb6c98ff462a9f2fe1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-N7SQ5DP
142.250.74.72200 OK 98 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-N7SQ5DP
IP 142.250.74.72:0
File type ASCII text, with very long lines (35497)
Hash dcedc9d7687fc75d5ac7535487821e51
d219573d47f5b7dba54bdc577dba29eee75d7139
845377bf4c9030acdf27f0d9e5acbba60804c6c26041d7156470649ce902e9ca
GET /gtm.js?id=GTM-N7SQ5DP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Sep 2022 17:07:32 GMT
expires: Sun, 18 Sep 2022 17:07:32 GMT
cache-control: private, max-age=900
last-modified: Sun, 18 Sep 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 97610
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9b19d20af774aa4c4de18c09845d54b9
cd0d41b4957edf5b2f7f66df082b7d1010acceb8
067f454a8ba17fba5f10b67b6a594edd9d9775beb5fb87cb6c98ff462a9f2fe1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zero.pointlessplay.com/i/3c2d8da22b7aa416fab4696fbd547cc9.js
54.230.111.4200 OK 29 kB URL HTTP/2 zero.pointlessplay.com/i/3c2d8da22b7aa416fab4696fbd547cc9.js
IP 54.230.111.4:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 9ff95f5238c81576a696a583448c583e
46c640c88c05eff94436e5ec39d6339481623354
30d534c9148cf242f10ad4f5f6cf99fb9555f5b696acbf1970f986d490671f3f
GET /i/3c2d8da22b7aa416fab4696fbd547cc9.js HTTP/1.1
Host: zero.pointlessplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 29069
content-encoding: gzip
server: Caddy
cache-control: max-age=43200
date: Sun, 18 Sep 2022 12:01:15 GMT
expires: Mon, 19 Sep 2022 00:01:15 GMT
etag: "136c1-cNu5okS1rHZvqcM/9a5nqzsiX18"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xyWWSGV3o6_kOwM9MQPM85F6bBR0JD64ALe53dY5zla65PMxHYuL6A==
age: 18377
X-Firefox-Spdy: h2
marketing.etorostatic.com/others/general/js/seo.js
23.38.201.117200 OK 2.2 kB URL HTTP/2 marketing.etorostatic.com/others/general/js/seo.js
IP 23.38.201.117:0
File type C source, ASCII text, with very long lines (366), with CRLF line terminators
Hash f22c155ea9a463fee325cc2f52cb2c5b
67913d0b1cdaa875752a36f5c22fc21884cd6b22
115d84510217e73948fabbc05aa6041071564a86dee31d7abb282d764ff4f7a7
GET /others/general/js/seo.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: IbCrnl2jHtt3ARkbdDtJdY1t/iT+eA6L1pkPIeISKQrHurrfYzN0CE54ZOlbBo/E9qrm76WQ/M0=
x-amz-request-id: 69QVGW75ZMC6VK3N
x-amz-replication-status: COMPLETED
last-modified: Tue, 10 Jan 2017 14:31:16 GMT
etag: "bb01557076c5f1cc6976325a60a0be7c"
x-amz-meta-s3b-last-modified: 20170110T142820Z
x-amz-version-id: SSqunX8tv_w4z_1vK9cbzCWNqGZTmd8y
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sun, 18 Sep 2022 17:12:32 GMT
date: Sun, 18 Sep 2022 17:07:32 GMT
content-length: 2209
X-Firefox-Spdy: h2
sc-static.net/scevent.min.js
54.230.82.240200 OK 8.0 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (23033), with no line terminators
Hash 0f16280f78683c4dcb392b7df7a5ddc0
379551a0ea6b3b2d1ecbf40be1b15fc575dfc00c
6866325a547f2dbee73e122e987dba0e1a0277769d6e9525a3765a7100d041e7
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 7961
server: CloudFront
date: Sun, 18 Sep 2022 17:07:32 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Mon, 19 Sep 2022 16:22:39 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vv1esq4pD1XSvEs9F4-w9EIGN9B_VJ59xn-AWTZxFFCVZBcGkhzd4A==
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8014ea74946aee77ef2f3b9a264be553
fda85fc27ac2f811e543c11436cf5623cbd46bb2
271b1db0f8cff912a931b78cedb32fd59adeb60025dbcbd7cc5add7d03c82f7c
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 18 Sep 2022 01:41:05 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EpB1aQ1GsWnwuJ0tuM2Ba1VItmlWVmzf25PFoYlzthaVphaZUSUahw==
Age: 55588
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ef491d15a0bde5279fa4fc8b426a9941
efd17fcc768356192e7ff660ecf77b5ca845ef77
43b144675694707debd0125a8e2a0acbc2a53ab34e33df0071ae8f0a2d0bfc05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 921e8a0262005f8ee573fb2b42c1986c
5c75e821cce7f52205386b7264feb86f23eae952
203db2e39e95498c9336df6b8e2814d67a6228aa8531d8b53d3d781878e3d3b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
9944765.fls.doubleclick.net/activityi;src=9944765;type=visit0;cat=pagev0;match_id=undefined;u1=undefined;u8=undefined;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=undefinedundefined
142.250.74.70200 OK 400 B URL HTTP/2 9944765.fls.doubleclick.net/activityi;src=9944765;type=visit0;cat=pagev0;match_id=undefined;u1=undefined;u8=undefined;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=undefinedundefined
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (561), with no line terminators
Hash 9397e6a80d72dd757569751d3564b21c
539155bdc7f0462f3ffd5bb1b94dfeb29b09e3f6
6a1d41e27a3e24e4e4adb6001ca08d0ca68054a1bbccb5b96266494c785fbcb6
GET /activityi;src=9944765;type=visit0;cat=pagev0;match_id=undefined;u1=undefined;u8=undefined;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=undefinedundefined HTTP/1.1
Host: 9944765.fls.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 17:07:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 400
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 18-Sep-2022 17:22:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f306a99fb4171d175c16525a799255b4
9d4a38d70c19b8272595ac137b3ebdbd1c1a5ab4
6b731c6e37f6957bca4f986b4c8dc046d0a0a772fcd01042d00ed2c10daf67f9
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4301
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:32 GMT
Last-Modified: Sun, 18 Sep 2022 15:55:51 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
9944765.fls.doubleclick.net/activityi;src=9944765;type=visit0;cat=visit0;ord=1;num=1160643502734;gtm=2wg9e0;auiddc=993407975.1663520834;u8=undefined;u1=undefined;~oref=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D?
142.250.74.70200 OK 440 B URL HTTP/2 9944765.fls.doubleclick.net/activityi;src=9944765;type=visit0;cat=visit0;ord=1;num=1160643502734;gtm=2wg9e0;auiddc=993407975.1663520834;u8=undefined;u1=undefined;~oref=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (610), with no line terminators
Hash 84a1011827870239121eff2401ce7d97
b82947f95e5d3bbc78ea64828fc52c09de31baac
43580090b41ddd07ade216bd8eb9af833022fb67884d0ecbdd222145a3dbcc18
GET /activityi;src=9944765;type=visit0;cat=visit0;ord=1;num=1160643502734;gtm=2wg9e0;auiddc=993407975.1663520834;u8=undefined;u1=undefined;~oref=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D? HTTP/1.1
Host: 9944765.fls.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 17:07:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 18-Sep-2022 17:22:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 921e8a0262005f8ee573fb2b42c1986c
5c75e821cce7f52205386b7264feb86f23eae952
203db2e39e95498c9336df6b8e2814d67a6228aa8531d8b53d3d781878e3d3b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.adalyser.com/adalyser.js?cid=etoro
108.128.154.23200 OK 12 kB URL HTTP/2 c0.adalyser.com/adalyser.js?cid=etoro
IP 108.128.154.23:0
File type ASCII text, with very long lines (31834)
Hash 5301983312500f1fa818e866832a8ede
96c054b07049abe3b764dbcf0f8189055de98e78
24f6c7d7b8467781e61deda43741ad359abebb7efd8b41add68e4bb359cc0867
GET /adalyser.js?cid=etoro HTTP/1.1
Host: c0.adalyser.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 17:07:32 GMT
content-type: application/javascript
content-length: 12183
x-powered-by: Express
access-control-allow-headers: origin, content-type, accept
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="ADMa OUR IND DSP NON COR"
etag: "60b9cf4ef4ac6dab5294025f3c443ba3cca92451"
cache-control: public, max-age=21600
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a05d3239e3bdfe95c8d17bf214323c44
8efa213025a2b2ca57a5408912ef1c0a8b520868
4b9500d053e249ba6b49bd13d5b87b15356052afcd617f25f198a3259d1a2174
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6392
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:32 GMT
Last-Modified: Sun, 18 Sep 2022 15:21:00 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a05d3239e3bdfe95c8d17bf214323c44
8efa213025a2b2ca57a5408912ef1c0a8b520868
4b9500d053e249ba6b49bd13d5b87b15356052afcd617f25f198a3259d1a2174
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6392
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:32 GMT
Last-Modified: Sun, 18 Sep 2022 15:21:00 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a05d3239e3bdfe95c8d17bf214323c44
8efa213025a2b2ca57a5408912ef1c0a8b520868
4b9500d053e249ba6b49bd13d5b87b15356052afcd617f25f198a3259d1a2174
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2600
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:32 GMT
Last-Modified: Sun, 18 Sep 2022 16:24:12 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 306ca1345fdf0ca28498ad115cea782b
97f61ca341ad256d80ca5d18b534e16497a781fa
3c96cc4baa7a17c0c6319f91b533a568f474554bd402c399456fe99078d09f9d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=9944765;type=visit0;cat=visit0;ord=1;num=1160643502734;gtm=2wg9e0;auiddc=993407975.1663520834;u8=undefined;u1=undefined;~oref=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D
142.250.74.98200 OK 439 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=9944765;type=visit0;cat=visit0;ord=1;num=1160643502734;gtm=2wg9e0;auiddc=993407975.1663520834;u8=undefined;u1=undefined;~oref=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (609), with no line terminators
Hash f6fc17fe8dbf87b284b02b375042501a
8f0082d8419f43f4bd3fe3450cf7e4e9d1cdf683
632db2a7c2831ffa6bbae508bc9fb04444271e76ac536221d601982bd519c610
GET /ddm/fls/i/src=9944765;type=visit0;cat=visit0;ord=1;num=1160643502734;gtm=2wg9e0;auiddc=993407975.1663520834;u8=undefined;u1=undefined;~oref=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9944765.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 17:07:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 439
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=9944765;type=visit0;cat=pagev0;match_id=undefined;u1=undefined;u8=undefined;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=undefinedundefined;~oref=https://go.etoro.com/
142.250.74.98200 OK 400 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=9944765;type=visit0;cat=pagev0;match_id=undefined;u1=undefined;u8=undefined;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=undefinedundefined;~oref=https://go.etoro.com/
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (560), with no line terminators
Hash c51e421305d874c3528d5530ed3cd6a5
c250010c6ca4b5a19cec660b6fea90c25287b681
58d65d98a6b692d44ad480c7afc87d8f73feeb8e3df9599c75345329ce90e376
GET /ddm/fls/i/src=9944765;type=visit0;cat=pagev0;match_id=undefined;u1=undefined;u8=undefined;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=undefinedundefined;~oref=https://go.etoro.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9944765.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 17:07:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 400
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/p
35.190.43.134200 OK 68 B IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
POST /p HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------295817396931375099334182150842
Content-Length: 2608
Origin: https://go.etoro.com
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 17:07:32 GMT
access-control-allow-origin: https://go.etoro.com
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIQgEsIlI+BNExjkkTsHw3/IEbwXFspaYZUs2nzAangWF3plv7+XQ4xj9AXsFtdYyAAAA;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 5
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c0.adalyser.com/tracking/track/v3/p?stm=1663520834271&e=lce1&url=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&refr=http%3A%2F%2Fbalor-ghn.com%2F&cid=etoro&p=%7B%22et%22%3A1663520834269%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Unknown%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%2272681%22%2C%22me%22%3A%22Networks%22%2C%22ca%22%3A%22(not%20set)%22%2C%22co%22%3A%2219861%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A2%2C%22sid%22%3A%221178b364-c1ca-4591-b705-f4e97ecef532%22%2C%22duid%22%3A%22b82e78b3-dc5a-474a-9663-83f3f4ffe5dd%22%2C%22cw%22%3A1663520834269%7D&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&domain=go.etoro.com
108.128.154.23200 OK 43 B URL HTTP/2 c0.adalyser.com/tracking/track/v3/p?stm=1663520834271&e=lce1&url=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&refr=http%3A%2F%2Fbalor-ghn.com%2F&cid=etoro&p=%7B%22et%22%3A1663520834269%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Unknown%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%2272681%22%2C%22me%22%3A%22Networks%22%2C%22ca%22%3A%22(not%20set)%22%2C%22co%22%3A%2219861%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A2%2C%22sid%22%3A%221178b364-c1ca-4591-b705-f4e97ecef532%22%2C%22duid%22%3A%22b82e78b3-dc5a-474a-9663-83f3f4ffe5dd%22%2C%22cw%22%3A1663520834269%7D&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&domain=go.etoro.com
IP 108.128.154.23:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /tracking/track/v3/p?stm=1663520834271&e=lce1&url=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&refr=http%3A%2F%2Fbalor-ghn.com%2F&cid=etoro&p=%7B%22et%22%3A1663520834269%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Unknown%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%2272681%22%2C%22me%22%3A%22Networks%22%2C%22ca%22%3A%22(not%20set)%22%2C%22co%22%3A%2219861%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A2%2C%22sid%22%3A%221178b364-c1ca-4591-b705-f4e97ecef532%22%2C%22duid%22%3A%22b82e78b3-dc5a-474a-9663-83f3f4ffe5dd%22%2C%22cw%22%3A1663520834269%7D&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&domain=go.etoro.com HTTP/1.1
Host: c0.adalyser.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 17:07:32 GMT
content-type: image/gif
content-length: 43
x-powered-by: Express
access-control-allow-headers: origin, content-type, accept
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="ADMa OUR IND DSP NON COR"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
etag: W/"2b-B//0C13UlayirE4cP7xgqg"
X-Firefox-Spdy: h2
tr.snapchat.com/init?pids=2b300842-74be-4e72-8ed5-3bab9449a996
35.190.43.134200 OK 601 B URL HTTP/2 tr.snapchat.com/init?pids=2b300842-74be-4e72-8ed5-3bab9449a996
IP 35.190.43.134:0
Hash 8a555e4ef3bb1f4143fb404767d61356
6eac20a6eaeba32d70af199f6070f27d575b7057
8e563816ffb98c3d9e74af10f16511fc5fcf640e9bbe1c31cada6313847f334c
GET /init?pids=2b300842-74be-4e72-8ed5-3bab9449a996 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go.etoro.com/
Origin: https://go.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 17:07:32 GMT
access-control-allow-origin: https://go.etoro.com
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/cm/i?pid=2b300842-74be-4e72-8ed5-3bab9449a996&u_scsid=f8ae081b-8935-493c-82b3-99dede144a1b&u_sclid=070ef1c2-23aa-4a70-a537-f4e5f3a0dd41
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=2b300842-74be-4e72-8ed5-3bab9449a996&u_scsid=f8ae081b-8935-493c-82b3-99dede144a1b&u_sclid=070ef1c2-23aa-4a70-a537-f4e5f3a0dd41
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=2b300842-74be-4e72-8ed5-3bab9449a996&u_scsid=f8ae081b-8935-493c-82b3-99dede144a1b&u_sclid=070ef1c2-23aa-4a70-a537-f4e5f3a0dd41 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 17:07:32 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 306ca1345fdf0ca28498ad115cea782b
97f61ca341ad256d80ca5d18b534e16497a781fa
3c96cc4baa7a17c0c6319f91b533a568f474554bd402c399456fe99078d09f9d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash fd6f5d48a8eb6a76f7c699a235f6ed95
6dfe5af37fa0c7a6ed073d73d8be6e23ec4e1cc4
a7239c791a93ecf634d1afef2a09feae30f46decdbfa039403bd10394e444d56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 846cbf15e676b7aa9477514a183675a5
a4d9089b67555c61684a7d0b9b58668a34a16c7c
bb8e766ec5696ec9fc878a7db1496cc5fc07ef046ce53092182c0fc98c927ecc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dc.services.visualstudio.com/v2/track
13.69.106.217200 OK 0 B URL HTTP/2 dc.services.visualstudio.com/v2/track
IP 13.69.106.217:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v2/track HTTP/1.1
Host: dc.services.visualstudio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Referer: https://go.etoro.com/
Origin: https://go.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Sun, 18 Sep 2022 17:07:32 GMT
content-length: 0
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=9944765;type=visit0;cat=visit0;ord=1;num=1160643502734;gtm=2wg9e0;auiddc=993407975.1663520834;u8=undefined;u1=undefined;~oref=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D
142.250.74.130200 OK 177 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=9944765;type=visit0;cat=visit0;ord=1;num=1160643502734;gtm=2wg9e0;auiddc=993407975.1663520834;u8=undefined;u1=undefined;~oref=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 9393b28661a65a763699c108887882eb
c237ba6491e6fb9ca57da33dd9d048ca8e86cfda
2bdce28c6fb3cb210861d4aba734ab7aedfc979a8fa273512a61d8cf8afc78b0
GET /ddm/fls/i/src=9944765;type=visit0;cat=visit0;ord=1;num=1160643502734;gtm=2wg9e0;auiddc=993407975.1663520834;u8=undefined;u1=undefined;~oref=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 17:07:32 GMT
expires: Sun, 18 Sep 2022 17:07:32 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=9944765;type=visit0;cat=pagev0;match_id=undefined;u1=undefined;u8=undefined;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=undefinedundefined;~oref=https://go.etoro.com/
142.250.74.130200 OK 177 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=9944765;type=visit0;cat=pagev0;match_id=undefined;u1=undefined;u8=undefined;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=undefinedundefined;~oref=https://go.etoro.com/
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 9393b28661a65a763699c108887882eb
c237ba6491e6fb9ca57da33dd9d048ca8e86cfda
2bdce28c6fb3cb210861d4aba734ab7aedfc979a8fa273512a61d8cf8afc78b0
GET /ddm/fls/i/src=9944765;type=visit0;cat=pagev0;match_id=undefined;u1=undefined;u8=undefined;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=undefinedundefined;~oref=https://go.etoro.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 17:07:32 GMT
expires: Sun, 18 Sep 2022 17:07:32 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
match.adsrvr.org/track/upb/?adv=ucnwrwt&ref=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&upid=jxpewqr&upv=1.1.0&td1=visit
3.33.220.150200 OK 471 B URL HTTP/2 match.adsrvr.org/track/upb/?adv=ucnwrwt&ref=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&upid=jxpewqr&upv=1.1.0&td1=visit
IP 3.33.220.150:0
Hash 846cbf15e676b7aa9477514a183675a5
a4d9089b67555c61684a7d0b9b58668a34a16c7c
bb8e766ec5696ec9fc878a7db1496cc5fc07ef046ce53092182c0fc98c927ecc
GET /track/upb/?adv=ucnwrwt&ref=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&upid=jxpewqr&upv=1.1.0&td1=visit HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go.etoro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 17:07:32 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
dc.services.visualstudio.com/v2/track
13.69.106.217200 OK 96 B URL HTTP/2 dc.services.visualstudio.com/v2/track
IP 13.69.106.217:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 04433ec1ff671159abfc4515498ce810
912c15f4f6359fcc1a830cea7feecb50b0096695
90d4582122c25303fff98bc5bb393a6545d9c4a872225587978be8e0c234bcef
POST /v2/track HTTP/1.1
Host: dc.services.visualstudio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Sdk-Context: appId
Content-Length: 3578
Origin: https://go.etoro.com
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
x-ms-session-id: 27A2C4C4-547B-457F-BB07-6AED2F3D4796
strict-transport-security: max-age=31536000
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Sun, 18 Sep 2022 17:07:32 GMT
content-length: 96
X-Firefox-Spdy: h2
one.pointlessplay.com/ct?id=10929&url=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1663520834137&hl=3&op=0&ag=718972423&rand=14227222975921107292762920509178270106060771089025100998099207582112889922&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=http%3A%2F%2Fbalor-ghn.com%2F&ss=1280x1024&nc=0&at=&di=W1siZWYiLDU0MDNdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDIsMCwwLDAsMCwzLDQsMSwxLDAsMCwyLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDMsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstMiwiLSJdLFstMywiW10iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJ3ZWJwYWNrSnNvbnBcIixcIl9fY29yZS1qc19zaGFyZWRfX1wiLFwiY29yZVwiLFwiWm9uZVwiLFwiX196b25lX3N5bWJvbF9fUHJvbWlzZVwiLFwiX196b25lX3N5bWJvbF9fWm9uZUF3YXJlUHJvbWlzZVwiLFwiX196b25lX3N5bWJvbF9fZmV0Y2hcIixcIl9fem9uZV9zeW1ib2xfX3NldFRpbWVvdXRcIixcIl9fem9uZV9zeW1ib2xfX2NsZWFyVGltZW91dFwiLFwiX196b25lX3N5bWJvbF9fc2V0SW50ZXJ2YWxcIixcIl9fem9uZV9zeW1ib2xfX2NsZWFySW50ZXJ2YWxcIixcIl9fem9uZV9zeW1ib2xfX3JlcXVlc3RBbmltYXRpb25GcmFtZVwiLFwiX196b25lX3N5bWJvbF9fY2FuY2VsQW5pbWF0aW9uRnJhbWVcIixcIl9fem9uZV9zeW1ib2xfX2FsZXJ0XCIsXCJfX3pvbmVfc3ltYm9sX19wcm9tcHRcIixcIl9fem9uZV9zeW1ib2xfX2NvbmZpcm1cIixcIl9fem9uZV9zeW1ib2xfX011dGF0aW9uT2JzZXJ2ZXJcIixcIl9fem9uZV9zeW1ib2xfX0ludGVyc2VjdGlvbk9ic2VydmVyXCIsXCJfX3pvbmVfc3ltYm9sX19GaWxlUmVhZGVyXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uYWJvcnRwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uYW5pbWF0aW9uY2FuY2VscGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmFuaW1hdGlvbmVuZHBhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25hbmltYXRpb25pdGVyYXRpb25wYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uYXV4Y2xpY2twYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uYmVmb3JlaW5wdXRwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uYmx1cnBhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25jYW5wbGF5cGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmNhbnBsYXl0aHJvdWdocGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmNoYW5nZXBhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25jdWVjaGFuZ2VwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uY2xpY2twYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uY2xvc2VwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uY29udGV4dG1lbnVwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uZGJsY2xpY2twYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uZHJhZ3BhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25kcmFnZW5kcGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmRyYWdlbnRlcnBhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25kcmFnbGVhdmVwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uZHJhZ292ZXJwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uZHJvcHBhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25kdXJhdGlvbmNoYW5nZXBhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25lbXB0aWVkcGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmVuZGVkcGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmVycm9ycGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmZvY3VzcGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmdvdHBvaW50ZXJjYXB0dXJlcGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmlucHV0cGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmludmFsaWRwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9ua2V5ZG93bnBhdGNoZWRcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltdfSJdLFstMTIsIlwidW5zcGVjaWZpZWRcIiJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxNiJdLFstMTgsIlsxLDAsMCwwXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDEyODAsMTAwMiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsOTM5LDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCItXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY2MzUyMDgzNDExMywwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImMsLTEsLTEsMzAwLDAsMywwLDExLDcsMiwtMSwwLCw1NTIsMTA5NCwxMDkzIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMTExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIi0iXSxbLTQ2LCIwIl0sWy00NywiVVRDLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy01MSwiLSJdLFstNTIsIi0iXSxbLTUzLCIwMTAiXSxbImRkYiIsIjAsMCwwLDEsMSwzLDAsMCwwLDAsMCwwLDAsMCwxLDAsMywwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMiwwLDAsMCwxLDAsMCwwLDEsMCwwLDAsMywwLDAsMTYsMCwwLDAsMCwwLDEiXSxbImJuY2giLDU4XSxbImFibmNoIiw1OV1d&dep=0&pre=0&sdd=%7B%7D&cri=DpPGjD48a9&pto=1119&ver=47&gac=-&mei=&ap=&duid=1.1663520834.DE43scHrAaKFocnW&suid=1.1663520834.R1Kr15MzSPjGQYqu&tuid=1.1663520834.lOa3YnRqFtQUbMS5&fbc=->m=W10%3D&it=51%2C973%2C34&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
34.199.234.25200 OK 922 B URL HTTP/2 one.pointlessplay.com/ct?id=10929&url=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1663520834137&hl=3&op=0&ag=718972423&rand=14227222975921107292762920509178270106060771089025100998099207582112889922&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=http%3A%2F%2Fbalor-ghn.com%2F&ss=1280x1024&nc=0&at=&di=W1siZWYiLDU0MDNdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDIsMCwwLDAsMCwzLDQsMSwxLDAsMCwyLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDMsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstMiwiLSJdLFstMywiW10iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJ3ZWJwYWNrSnNvbnBcIixcIl9fY29yZS1qc19zaGFyZWRfX1wiLFwiY29yZVwiLFwiWm9uZVwiLFwiX196b25lX3N5bWJvbF9fUHJvbWlzZVwiLFwiX196b25lX3N5bWJvbF9fWm9uZUF3YXJlUHJvbWlzZVwiLFwiX196b25lX3N5bWJvbF9fZmV0Y2hcIixcIl9fem9uZV9zeW1ib2xfX3NldFRpbWVvdXRcIixcIl9fem9uZV9zeW1ib2xfX2NsZWFyVGltZW91dFwiLFwiX196b25lX3N5bWJvbF9fc2V0SW50ZXJ2YWxcIixcIl9fem9uZV9zeW1ib2xfX2NsZWFySW50ZXJ2YWxcIixcIl9fem9uZV9zeW1ib2xfX3JlcXVlc3RBbmltYXRpb25GcmFtZVwiLFwiX196b25lX3N5bWJvbF9fY2FuY2VsQW5pbWF0aW9uRnJhbWVcIixcIl9fem9uZV9zeW1ib2xfX2FsZXJ0XCIsXCJfX3pvbmVfc3ltYm9sX19wcm9tcHRcIixcIl9fem9uZV9zeW1ib2xfX2NvbmZpcm1cIixcIl9fem9uZV9zeW1ib2xfX011dGF0aW9uT2JzZXJ2ZXJcIixcIl9fem9uZV9zeW1ib2xfX0ludGVyc2VjdGlvbk9ic2VydmVyXCIsXCJfX3pvbmVfc3ltYm9sX19GaWxlUmVhZGVyXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uYWJvcnRwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uYW5pbWF0aW9uY2FuY2VscGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmFuaW1hdGlvbmVuZHBhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25hbmltYXRpb25pdGVyYXRpb25wYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uYXV4Y2xpY2twYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uYmVmb3JlaW5wdXRwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uYmx1cnBhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25jYW5wbGF5cGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmNhbnBsYXl0aHJvdWdocGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmNoYW5nZXBhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25jdWVjaGFuZ2VwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uY2xpY2twYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uY2xvc2VwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uY29udGV4dG1lbnVwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uZGJsY2xpY2twYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uZHJhZ3BhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25kcmFnZW5kcGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmRyYWdlbnRlcnBhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25kcmFnbGVhdmVwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uZHJhZ292ZXJwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uZHJvcHBhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25kdXJhdGlvbmNoYW5nZXBhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25lbXB0aWVkcGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmVuZGVkcGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmVycm9ycGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmZvY3VzcGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmdvdHBvaW50ZXJjYXB0dXJlcGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmlucHV0cGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmludmFsaWRwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9ua2V5ZG93bnBhdGNoZWRcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltdfSJdLFstMTIsIlwidW5zcGVjaWZpZWRcIiJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxNiJdLFstMTgsIlsxLDAsMCwwXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDEyODAsMTAwMiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsOTM5LDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCItXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY2MzUyMDgzNDExMywwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImMsLTEsLTEsMzAwLDAsMywwLDExLDcsMiwtMSwwLCw1NTIsMTA5NCwxMDkzIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMTExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIi0iXSxbLTQ2LCIwIl0sWy00NywiVVRDLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy01MSwiLSJdLFstNTIsIi0iXSxbLTUzLCIwMTAiXSxbImRkYiIsIjAsMCwwLDEsMSwzLDAsMCwwLDAsMCwwLDAsMCwxLDAsMywwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMiwwLDAsMCwxLDAsMCwwLDEsMCwwLDAsMywwLDAsMTYsMCwwLDAsMCwwLDEiXSxbImJuY2giLDU4XSxbImFibmNoIiw1OV1d&dep=0&pre=0&sdd=%7B%7D&cri=DpPGjD48a9&pto=1119&ver=47&gac=-&mei=&ap=&duid=1.1663520834.DE43scHrAaKFocnW&suid=1.1663520834.R1Kr15MzSPjGQYqu&tuid=1.1663520834.lOa3YnRqFtQUbMS5&fbc=->m=W10%3D&it=51%2C973%2C34&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
IP 34.199.234.25:0
File type ASCII text, with very long lines (2862), with no line terminators
Hash bbb88ba4dec2eecb243c9b77a9dad4a6
abe79155f93abeac627e838aaf6f2d6b0ee2d0c0
dd0d2955e393236eba510014cfb3fdd5f3bd5001cccb130be10d506195c50ea9
GET /ct?id=10929&url=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1663520834137&hl=3&op=0&ag=718972423&rand=14227222975921107292762920509178270106060771089025100998099207582112889922&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=http%3A%2F%2Fbalor-ghn.com%2F&ss=1280x1024&nc=0&at=&di=W1siZWYiLDU0MDNdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDIsMCwwLDAsMCwzLDQsMSwxLDAsMCwyLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDMsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstMiwiLSJdLFstMywiW10iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJ3ZWJwYWNrSnNvbnBcIixcIl9fY29yZS1qc19zaGFyZWRfX1wiLFwiY29yZVwiLFwiWm9uZVwiLFwiX196b25lX3N5bWJvbF9fUHJvbWlzZVwiLFwiX196b25lX3N5bWJvbF9fWm9uZUF3YXJlUHJvbWlzZVwiLFwiX196b25lX3N5bWJvbF9fZmV0Y2hcIixcIl9fem9uZV9zeW1ib2xfX3NldFRpbWVvdXRcIixcIl9fem9uZV9zeW1ib2xfX2NsZWFyVGltZW91dFwiLFwiX196b25lX3N5bWJvbF9fc2V0SW50ZXJ2YWxcIixcIl9fem9uZV9zeW1ib2xfX2NsZWFySW50ZXJ2YWxcIixcIl9fem9uZV9zeW1ib2xfX3JlcXVlc3RBbmltYXRpb25GcmFtZVwiLFwiX196b25lX3N5bWJvbF9fY2FuY2VsQW5pbWF0aW9uRnJhbWVcIixcIl9fem9uZV9zeW1ib2xfX2FsZXJ0XCIsXCJfX3pvbmVfc3ltYm9sX19wcm9tcHRcIixcIl9fem9uZV9zeW1ib2xfX2NvbmZpcm1cIixcIl9fem9uZV9zeW1ib2xfX011dGF0aW9uT2JzZXJ2ZXJcIixcIl9fem9uZV9zeW1ib2xfX0ludGVyc2VjdGlvbk9ic2VydmVyXCIsXCJfX3pvbmVfc3ltYm9sX19GaWxlUmVhZGVyXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uYWJvcnRwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uYW5pbWF0aW9uY2FuY2VscGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmFuaW1hdGlvbmVuZHBhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25hbmltYXRpb25pdGVyYXRpb25wYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uYXV4Y2xpY2twYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uYmVmb3JlaW5wdXRwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uYmx1cnBhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25jYW5wbGF5cGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmNhbnBsYXl0aHJvdWdocGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmNoYW5nZXBhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25jdWVjaGFuZ2VwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uY2xpY2twYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uY2xvc2VwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uY29udGV4dG1lbnVwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uZGJsY2xpY2twYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uZHJhZ3BhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25kcmFnZW5kcGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmRyYWdlbnRlcnBhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25kcmFnbGVhdmVwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uZHJhZ292ZXJwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9uZHJvcHBhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25kdXJhdGlvbmNoYW5nZXBhdGNoZWRcIixcIl9fem9uZV9zeW1ib2xfX29ub25lbXB0aWVkcGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmVuZGVkcGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmVycm9ycGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmZvY3VzcGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmdvdHBvaW50ZXJjYXB0dXJlcGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmlucHV0cGF0Y2hlZFwiLFwiX196b25lX3N5bWJvbF9fb25vbmludmFsaWRwYXRjaGVkXCIsXCJfX3pvbmVfc3ltYm9sX19vbm9ua2V5ZG93bnBhdGNoZWRcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltdfSJdLFstMTIsIlwidW5zcGVjaWZpZWRcIiJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxNiJdLFstMTgsIlsxLDAsMCwwXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDEyODAsMTAwMiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsOTM5LDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCItXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY2MzUyMDgzNDExMywwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImMsLTEsLTEsMzAwLDAsMywwLDExLDcsMiwtMSwwLCw1NTIsMTA5NCwxMDkzIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMTExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIi0iXSxbLTQ2LCIwIl0sWy00NywiVVRDLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy01MSwiLSJdLFstNTIsIi0iXSxbLTUzLCIwMTAiXSxbImRkYiIsIjAsMCwwLDEsMSwzLDAsMCwwLDAsMCwwLDAsMCwxLDAsMywwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMiwwLDAsMCwxLDAsMCwwLDEsMCwwLDAsMywwLDAsMTYsMCwwLDAsMCwwLDEiXSxbImJuY2giLDU4XSxbImFibmNoIiw1OV1d&dep=0&pre=0&sdd=%7B%7D&cri=DpPGjD48a9&pto=1119&ver=47&gac=-&mei=&ap=&duid=1.1663520834.DE43scHrAaKFocnW&suid=1.1663520834.R1Kr15MzSPjGQYqu&tuid=1.1663520834.lOa3YnRqFtQUbMS5&fbc=->m=W10%3D&it=51%2C973%2C34&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0 HTTP/1.1
Host: one.pointlessplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/javascript
date: Sun, 18 Sep 2022 17:07:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
set-cookie: cg_uuid=7e9f042d8ceb10ff7d73f9f9e47d8a6f; Max-Age=29030400; Path=/; Expires=Sun, 20 Aug 2023 17:07:32 GMT; HttpOnly; Secure; SameSite=None
content-length: 922
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 3.2 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (8072), with no line terminators
Hash 9b19340ef7db3cbb26aa923adb8dbe6e
082e699bca6e80ca6c72a43f2894f4a32e785e26
c042b8b199b2c08fa66f90753998544860e3f64c3a1f47754a66970b3b8c5b2a
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Sun, 18 Sep 2022 17:27:33 GMT
Date: Sun, 18 Sep 2022 17:07:33 GMT
Content-Length: 3249
Connection: keep-alive
s.yimg.com/wi/ytc.js
188.125.94.204200 OK 5.9 kB IP 188.125.94.204:0
File type ASCII text, with very long lines (16553), with no line terminators
Hash 2f6a1b8a4843f74a5ba54c055fcb3850
919a5f9166f3f9c73803cebd312ad016570a30d8
1b6439153633e4e2dc23c743e14218931c1b4912bc7a3ad64bfee1d2d6982f50
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: iLs4WN0JJB5NVFpzhGw54Dn2XduLJ9tv4QdJmGTzGQlzXRO0b5CQpeOwHrUpKXyodnGyNoKfDLg=
x-amz-request-id: SBXA5159T2WSRMYD
date: Sun, 18 Sep 2022 17:03:54 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
content-encoding: gzip
age: 220
content-length: 5929
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.google-analytics.com/gtm/optimize.js?id=GTM-55ZB4XN
142.250.74.174200 OK 46 kB URL HTTP/2 www.google-analytics.com/gtm/optimize.js?id=GTM-55ZB4XN
IP 142.250.74.174:0
File type ASCII text, with very long lines (6289)
Hash 0cf99df04a73d7187322ec4192ac1335
a18ebb66fe702e32690bb3f220dad5ad065651b4
4752857fdd83102a454a6168493a5daabc8bc3df6570ace9171d7a06e1ab747e
GET /gtm/optimize.js?id=GTM-55ZB4XN HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Sep 2022 17:07:33 GMT
expires: Sun, 18 Sep 2022 17:07:33 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46459
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=08B716B9220D60B93417049A235A61F9; domain=.bing.com; expires=Fri, 13-Oct-2023 17:07:33 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D82B36D04BAD4352A8B681FE6BECAA87 Ref B: OSL30EDGE0313 Ref C: 2022-09-18T17:07:33Z
date: Sun, 18 Sep 2022 17:07:32 GMT
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sun, 18 Sep 2022 16:41:12 GMT
expires: Sun, 18 Sep 2022 18:41:12 GMT
cache-control: public, max-age=7200
age: 1581
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 3.1 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (7751)
Hash 57efbbeb3e1d23c82b677511c67c8b0e
f927ba115ef4be362694c22850ddbdd1c1b054d1
873b38d80c8ff1ffcac23ecdb7fb2d17413ae3c217236d8e1e24574b1c4707c6
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=51505
date: Sun, 18 Sep 2022 17:07:33 GMT
content-length: 3063
x-cdn: AKAM
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/unip/1005612/tfa.js
151.101.85.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1005612/tfa.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (58483)
Hash 1d9545e49448679d864889763e6e9662
517617ffa46c7d81aa437bd30f36b1b14667efa1
e9da06e4d33cc2bc1027b7806985517bff416ae3f61326ef8cd54e1334a0501d
GET /libtrc/unip/1005612/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 66AhQNJXa2CwvtC8cZ2Q2K+JV5O1nrPbfo/KfgaTxVaZ9yLyK7ysKls2EPt8ewOInXSEkSRawik=
x-amz-request-id: B8926ZB17BPG9R0N
x-amz-replication-status: PENDING
last-modified: Sun, 18 Sep 2022 11:12:51 GMT
etag: "f1daaabff7e2cfd49f33620cde41f76b"
x-amz-version-id: f3RG6qD0gKcLjGUiYYTuSX6Y3Mjn8TRw
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 18 Sep 2022 17:07:33 GMT
via: 1.1 varnish
age: 21278
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 141
x-timer: S1663520853.190791,VS0,VE0
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 50
content-length: 17944
X-Firefox-Spdy: h2
one.pointlessplay.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136cedc237ea4f8f9e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f11846f2e17071a10acf9f29f674ed78adf07283d4ff62b2256863b8934c0503706759a04090a31030bceef6d1977be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e8270cff0a461d3cbc1c7dfd80a3f667ee7ded07dc12e3382831ec81683124735f9b659b810bb25174ea99a3231b2c23d6d77a26dd825c4b2f47760108ae8d2e327d0fa1f84c788cfdf629c6f247604379b9aca2979f6bac989c06f95c8e007a268dab90aae963cfc2b72fc87151cfaa96710743a97e2feac14720b78bae69de55ac19f7da5ccd0a8f9210996d61cfdc7ad51bc596afaccdb4a00f6fb272d9f8a56c1367e9de6492b24ab25303458a3209da8e95cfcdeada63937084cdf19f6ee1416a339473289acbd55931dfd572a80ef59046937bf039555d5bf120b81dd398ee31f8813f8744b4c19ccb608d484961bd065b022a1f3087ad23ec05f8e1c76ae59e25a5c0629a95eabe25dcfea74f617a8ff94e43cbf7511a08e2faf06cbb25c8bb00b0a233e524fe2fc60c890bc5b42e944235eebc807a2d613145735c0d53f3bed27ed810e95752517ea9c71386cd464887eccdb0ae71d0f1f6aad48bf3a81e1178821394bc4b73915f77598b71571a71f07baf6a04c1edc50e96728360d2ff3ec7aa0c877a092723077e1394c3e0c5480e51995b16ed91a8eacbbc0c56c0d7af61848c36228cc0182e68e790df5022b22585579c1efd5d9a6999c91685f05182c1ffb3f10627fdfc2927c72ff29fbab917826d321006916a4358b2a741d39345c9f0c5aa15bbc3e6565c4a24bb2fb717e815e49363fd5f5f33037e246deb5a92936a16c02fb2fbaa66829613db6679f940206fcaa5&cri=DpPGjD48a9&ts=491&cb=1663520834628
34.199.234.25200 OK 43 B URL HTTP/2 one.pointlessplay.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136cedc237ea4f8f9e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f11846f2e17071a10acf9f29f674ed78adf07283d4ff62b2256863b8934c0503706759a04090a31030bceef6d1977be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e8270cff0a461d3cbc1c7dfd80a3f667ee7ded07dc12e3382831ec81683124735f9b659b810bb25174ea99a3231b2c23d6d77a26dd825c4b2f47760108ae8d2e327d0fa1f84c788cfdf629c6f247604379b9aca2979f6bac989c06f95c8e007a268dab90aae963cfc2b72fc87151cfaa96710743a97e2feac14720b78bae69de55ac19f7da5ccd0a8f9210996d61cfdc7ad51bc596afaccdb4a00f6fb272d9f8a56c1367e9de6492b24ab25303458a3209da8e95cfcdeada63937084cdf19f6ee1416a339473289acbd55931dfd572a80ef59046937bf039555d5bf120b81dd398ee31f8813f8744b4c19ccb608d484961bd065b022a1f3087ad23ec05f8e1c76ae59e25a5c0629a95eabe25dcfea74f617a8ff94e43cbf7511a08e2faf06cbb25c8bb00b0a233e524fe2fc60c890bc5b42e944235eebc807a2d613145735c0d53f3bed27ed810e95752517ea9c71386cd464887eccdb0ae71d0f1f6aad48bf3a81e1178821394bc4b73915f77598b71571a71f07baf6a04c1edc50e96728360d2ff3ec7aa0c877a092723077e1394c3e0c5480e51995b16ed91a8eacbbc0c56c0d7af61848c36228cc0182e68e790df5022b22585579c1efd5d9a6999c91685f05182c1ffb3f10627fdfc2927c72ff29fbab917826d321006916a4358b2a741d39345c9f0c5aa15bbc3e6565c4a24bb2fb717e815e49363fd5f5f33037e246deb5a92936a16c02fb2fbaa66829613db6679f940206fcaa5&cri=DpPGjD48a9&ts=491&cb=1663520834628
IP 34.199.234.25:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /tracker/tc_imp.gif?e=37dfbd8ee84e00136cedc237ea4f8f9e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f11846f2e17071a10acf9f29f674ed78adf07283d4ff62b2256863b8934c0503706759a04090a31030bceef6d1977be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e8270cff0a461d3cbc1c7dfd80a3f667ee7ded07dc12e3382831ec81683124735f9b659b810bb25174ea99a3231b2c23d6d77a26dd825c4b2f47760108ae8d2e327d0fa1f84c788cfdf629c6f247604379b9aca2979f6bac989c06f95c8e007a268dab90aae963cfc2b72fc87151cfaa96710743a97e2feac14720b78bae69de55ac19f7da5ccd0a8f9210996d61cfdc7ad51bc596afaccdb4a00f6fb272d9f8a56c1367e9de6492b24ab25303458a3209da8e95cfcdeada63937084cdf19f6ee1416a339473289acbd55931dfd572a80ef59046937bf039555d5bf120b81dd398ee31f8813f8744b4c19ccb608d484961bd065b022a1f3087ad23ec05f8e1c76ae59e25a5c0629a95eabe25dcfea74f617a8ff94e43cbf7511a08e2faf06cbb25c8bb00b0a233e524fe2fc60c890bc5b42e944235eebc807a2d613145735c0d53f3bed27ed810e95752517ea9c71386cd464887eccdb0ae71d0f1f6aad48bf3a81e1178821394bc4b73915f77598b71571a71f07baf6a04c1edc50e96728360d2ff3ec7aa0c877a092723077e1394c3e0c5480e51995b16ed91a8eacbbc0c56c0d7af61848c36228cc0182e68e790df5022b22585579c1efd5d9a6999c91685f05182c1ffb3f10627fdfc2927c72ff29fbab917826d321006916a4358b2a741d39345c9f0c5aa15bbc3e6565c4a24bb2fb717e815e49363fd5f5f33037e246deb5a92936a16c02fb2fbaa66829613db6679f940206fcaa5&cri=DpPGjD48a9&ts=491&cb=1663520834628 HTTP/1.1
Host: one.pointlessplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Cookie: cg_uuid=7e9f042d8ceb10ff7d73f9f9e47d8a6f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
date: Sun, 18 Sep 2022 17:07:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 43
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57443), with no line terminators
Hash 1e9c4d503a9e162d8b549dc3d9c040e2
1fa99d7d7e878cdd45567af4b0c3c65542036c1d
f936c0124c595fe5d0c7858277f3a5f3bd104de39d36ac92557501fa1dec8563
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 20:19:10 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
accept-ranges: bytes
date: Sun, 18 Sep 2022 17:07:33 GMT
x-served-by: cache-iad-kjyo7100048-IAD, cache-bma1668-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15317
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 9ecd89752214ef749272eef344b9089a
70a58a49c08934265ee34c74efb01d6b3124095d
f76c51487e348977288fcaf83984cd8fe4e73758cc352402774d9eb94680d528
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: /LiCszWt4F8iogQoYypuplfMRf/+xBWPn2c8Fl+pb++T9+BOoATxqGMxiRAe5kVDkT772E4mW85az48tVRVGeQ==
priority: u=3,i
content-length: 26839
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 17:07:33 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B0NS054E7V&cid=1215325232.1663520834>m=2oe9e0&aip=1&z=172482926
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B0NS054E7V&cid=1215325232.1663520834>m=2oe9e0&aip=1&z=172482926
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B0NS054E7V&cid=1215325232.1663520834>m=2oe9e0&aip=1&z=172482926 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 17:07:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10118123.json
188.125.94.204200 OK 46 B URL HTTP/2 s.yimg.com/wi/config/10118123.json
IP 188.125.94.204:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 21e2ae430121102daa2c1810b5cf910b
ffef080cc2eacc942a9bcb67561f790c34ed3fb0
a44e6042de416123c90209eb39d7fdbe79665819ffbb07646cc939bb2dfa84e0
GET /wi/config/10118123.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.etoro.com
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: uxkRhkKxlg4cpsmhm10i9s2NrI9gL7YZ+krEP1HX4+66xdrdi6/zyXwmm8C3oTALhSm/3/1yagk=
x-amz-request-id: EZ3SZXM93F1MGN7N
date: Sun, 18 Sep 2022 16:59:11 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Sun, 05 Sep 2021 23:47:17 GMT
x-amz-expiration: expiry-date="Tue, 11 Oct 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "21e2ae430121102daa2c1810b5cf910b"
x-amz-server-side-encryption: AES256
x-amz-version-id: RcIj4KYxBIEB8OtXKzJB2onK.A1t0mw0
accept-ranges: bytes
content-type: application/octet-stream
server: ATS
content-length: 46
referrer-policy: no-referrer-when-downgrade
age: 503
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 38e7657af6b426db96e62cd44eeac911
b4d04a3abfd994a7eec215cbf57a08f060cea29d
24b0ee3343ba885318db8e2fc0bdbb63bad3c1bd81c09042c21a5aa93db98487
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1027
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:33 GMT
Last-Modified: Sun, 18 Sep 2022 16:50:26 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
bat.bing.com/action/0?ti=19002254&tm=gtm002&Ver=2&mid=50972aee-2223-4699-8fe2-eff5955f221d&sid=57e22340377411eda156cf7ed5e655dd&vid=57e233d0377411ed8f7bb9ba96747f00&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=eToro%20practice%20account&p=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&r=http%3A%2F%2Fbalor-ghn.com%2F<=932&evt=pageLoad&sv=1&rn=278248
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=19002254&tm=gtm002&Ver=2&mid=50972aee-2223-4699-8fe2-eff5955f221d&sid=57e22340377411eda156cf7ed5e655dd&vid=57e233d0377411ed8f7bb9ba96747f00&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=eToro%20practice%20account&p=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&r=http%3A%2F%2Fbalor-ghn.com%2F<=932&evt=pageLoad&sv=1&rn=278248
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=19002254&tm=gtm002&Ver=2&mid=50972aee-2223-4699-8fe2-eff5955f221d&sid=57e22340377411eda156cf7ed5e655dd&vid=57e233d0377411ed8f7bb9ba96747f00&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=eToro%20practice%20account&p=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&r=http%3A%2F%2Fbalor-ghn.com%2F<=932&evt=pageLoad&sv=1&rn=278248 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0FB47E13AB5E604B1CCE6C30AA096168; domain=.bing.com; expires=Fri, 13-Oct-2023 17:07:33 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4E037AA3B0734D21B9CD2F7A567B21A3 Ref B: OSL30EDGE0313 Ref C: 2022-09-18T17:07:33Z
date: Sun, 18 Sep 2022 17:07:33 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/19002254.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/19002254.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/19002254.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=1840160877D0606E340E042B768761FD; domain=.bing.com; expires=Fri, 13-Oct-2023 17:07:33 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0A5FD9E66B7D475396B3520F46547607 Ref B: OSL30EDGE0313 Ref C: 2022-09-18T17:07:33Z
date: Sun, 18 Sep 2022 17:07:33 GMT
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-B0NS054E7V>m=2oe9e0&_p=731587281&_gaz=1&ul=NA&cid=1215325232.1663520834&sr=1280x1024&_z=ccd.v9B&_s=1&dl=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&sid=1663520834&sct=1&seg=0&dr=http%3A%2F%2Fbalor-ghn.com%2F&dt=eToro%20practice%20account&en=page_view&_fv=1&_nsi=1&_ss=1&ep.funnel_page_category=General&ep.real_URL=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&ep.is_logged_in=No&ep.event_trigger=gtm.js&ep.hit_referrer=http%3A%2F%2Fbalor-ghn.com%2F&ep.platform=Web&ep.full_URL_dl=NA&up.affwizz_medium=Networks&up.affwizz_source=72681&up.session_referer=http%3A%2F%2Fbalor-ghn.com%2F
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-B0NS054E7V>m=2oe9e0&_p=731587281&_gaz=1&ul=NA&cid=1215325232.1663520834&sr=1280x1024&_z=ccd.v9B&_s=1&dl=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&sid=1663520834&sct=1&seg=0&dr=http%3A%2F%2Fbalor-ghn.com%2F&dt=eToro%20practice%20account&en=page_view&_fv=1&_nsi=1&_ss=1&ep.funnel_page_category=General&ep.real_URL=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&ep.is_logged_in=No&ep.event_trigger=gtm.js&ep.hit_referrer=http%3A%2F%2Fbalor-ghn.com%2F&ep.platform=Web&ep.full_URL_dl=NA&up.affwizz_medium=Networks&up.affwizz_source=72681&up.session_referer=http%3A%2F%2Fbalor-ghn.com%2F
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-B0NS054E7V>m=2oe9e0&_p=731587281&_gaz=1&ul=NA&cid=1215325232.1663520834&sr=1280x1024&_z=ccd.v9B&_s=1&dl=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&sid=1663520834&sct=1&seg=0&dr=http%3A%2F%2Fbalor-ghn.com%2F&dt=eToro%20practice%20account&en=page_view&_fv=1&_nsi=1&_ss=1&ep.funnel_page_category=General&ep.real_URL=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&ep.is_logged_in=No&ep.event_trigger=gtm.js&ep.hit_referrer=http%3A%2F%2Fbalor-ghn.com%2F&ep.platform=Web&ep.full_URL_dl=NA&up.affwizz_medium=Networks&up.affwizz_source=72681&up.session_referer=http%3A%2F%2Fbalor-ghn.com%2F HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.etoro.com
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://go.etoro.com
date: Sun, 18 Sep 2022 17:07:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c2900cacb3e6b33190e657a697ca589b
102eb3b32fc710cef2b7053100454c30d097bab3
d5bad2878173240c5dbcef360dd701c4f13de4576ba5dedbe882745ae7ea2fb0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-B0NS054E7V&cid=1215325232.1663520834>m=2oe9e0&aip=1
142.251.1.157204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-B0NS054E7V&cid=1215325232.1663520834>m=2oe9e0&aip=1
IP 142.251.1.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-B0NS054E7V&cid=1215325232.1663520834>m=2oe9e0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.etoro.com
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://go.etoro.com
date: Sun, 18 Sep 2022 17:07:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2056847-65&cid=1215325232.1663520834&jid=2005562491&gjid=1602292605&_gid=2142121970.1663520835&_u=aADAAEAAQAAAAC~&z=1822361194
142.251.1.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2056847-65&cid=1215325232.1663520834&jid=2005562491&gjid=1602292605&_gid=2142121970.1663520835&_u=aADAAEAAQAAAAC~&z=1822361194
IP 142.251.1.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2056847-65&cid=1215325232.1663520834&jid=2005562491&gjid=1602292605&_gid=2142121970.1663520835&_u=aADAAEAAQAAAAC~&z=1822361194 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://go.etoro.com
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://go.etoro.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 18 Sep 2022 17:07:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=2929684&time=1663520834779&url=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=2929684&time=1663520834779&url=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=2929684&time=1663520834779&url=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2929684%26time%3D1663520834779%26url%3Dhttps%253A%252F%252Fgo.etoro.com%252Fen%252Fpractice-account%253Futm_medium%253DNetworks%2526utm_source%253D72681%2526utm_content%253D19861%2526utm_serial%253D%2526utm_campaign%253D%2526utm_term%253D%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQI1SI1ifYrcdAAAAYNRkc15Phcsbcd0uPpWl7yLJrQ4pTDKLd4T5mbb3BQDHX5wb51xwTnIK60IEA; Max-Age=2592000; Expires=Tue, 18 Oct 2022 17:07:33 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQIyeDxmr8m54gAAAYNRkc150W89f_T03N7AmB__SxK67_hGaG7TOCB85CAnOmf0BtpV86Q-eHvENeXQYMAwpg; Max-Age=2592000; Expires=Tue, 18 Oct 2022 17:07:33 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&93560267-da99-4c69-8cbe-3267c9a7db14"; domain=.linkedin.com; Path=/; Secure; Expires=Mon, 18-Sep-2023 17:07:33 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2387:u=1:x=1:i=1663520853:t=1663607253:v=2:sig=AQHOPtIc2IvJdlAH5_98N1TfeNUWedht"; Expires=Mon, 19 Sep 2022 17:07:33 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXo9qGKfDImKhISx/mi3w==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 1C2376DE5CD34C63B266A71F4646B553 Ref B: OSL30EDGE0106 Ref C: 2022-09-18T17:07:33Z
date: Sun, 18 Sep 2022 17:07:32 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 8acd608903ae9543b77256e52ecf5add
76ddabf5abb6c039c51809ee21b8199b6a05b566
123443ea438f3298321125394f4b7e123271549ba7f8437c687b39fb323dc913
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3767
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:33 GMT
Last-Modified: Sun, 18 Sep 2022 16:04:46 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 8acd608903ae9543b77256e52ecf5add
76ddabf5abb6c039c51809ee21b8199b6a05b566
123443ea438f3298321125394f4b7e123271549ba7f8437c687b39fb323dc913
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4281
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:33 GMT
Last-Modified: Sun, 18 Sep 2022 15:56:12 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c2900cacb3e6b33190e657a697ca589b
102eb3b32fc710cef2b7053100454c30d097bab3
d5bad2878173240c5dbcef360dd701c4f13de4576ba5dedbe882745ae7ea2fb0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 8ea67c049bf040a7639cf548441711eb
66fe1e153c838dd35efcc45d9e8aecab15e4cbf5
b41ce2bcef084ce0d8c9e73d1af8b600660d2b99021439828c43dcbc782bb1b6
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 18 Sep 2022 17:07:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 17 Sep 2022 20:50:40 GMT
Expires: Sun, 18 Sep 2022 20:50:40 GMT
ETag: "66fe1e153c838dd35efcc45d9e8aecab15e4cbf5"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
t.co/i/adsct?bci=3&eci=2&event_id=cbde842d-0814-4790-a632-4fa9c22800af&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=849cf049-2516-469a-bc04-9e77fab3a00a&tw_document_href=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o52r0&type=javascript&version=2.3.27
104.244.42.133200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=cbde842d-0814-4790-a632-4fa9c22800af&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=849cf049-2516-469a-bc04-9e77fab3a00a&tw_document_href=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o52r0&type=javascript&version=2.3.27
IP 104.244.42.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=cbde842d-0814-4790-a632-4fa9c22800af&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=849cf049-2516-469a-bc04-9e77fab3a00a&tw_document_href=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o52r0&type=javascript&version=2.3.27 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 17:07:33 GMT
server: tsa_o
set-cookie: muc_ads=ecf83daf-bab8-494a-b763-726009236c81; Max-Age=63072000; Expires=Tue, 17 Sep 2024 17:07:33 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
strict-transport-security: max-age=0
x-response-time: 107
x-connection-hash: d4799c13d19cf34f8783ab5f927049d32762dc3e9ee259cde5a55701be06465e
X-Firefox-Spdy: h2
t.co/i/adsct?bci=3&eci=2&event_id=be07a262-dcc3-4875-abad-49d7e3f7376c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=849cf049-2516-469a-bc04-9e77fab3a00a&tw_document_href=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1dlu&type=javascript&version=2.3.27
104.244.42.133200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=be07a262-dcc3-4875-abad-49d7e3f7376c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=849cf049-2516-469a-bc04-9e77fab3a00a&tw_document_href=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1dlu&type=javascript&version=2.3.27
IP 104.244.42.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=be07a262-dcc3-4875-abad-49d7e3f7376c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=849cf049-2516-469a-bc04-9e77fab3a00a&tw_document_href=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1dlu&type=javascript&version=2.3.27 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 17:07:32 GMT
server: tsa_o
set-cookie: muc_ads=3ba1ee21-bcd5-495b-8607-d8be59031323; Max-Age=63072000; Expires=Tue, 17 Sep 2024 17:07:33 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
strict-transport-security: max-age=0
x-response-time: 111
x-connection-hash: d4799c13d19cf34f8783ab5f927049d32762dc3e9ee259cde5a55701be06465e
X-Firefox-Spdy: h2
tr.outbrain.com/cachedClickId?marketerId=00995ec51eb23fc05a0627b93976ed9179,00444d53aaa69516fdd4f38cb01a408ffb,007bfa109c755ce2abc89bcca6ab1ec76b,00e5c90732d6db4c996b8e51ecf69f2be4,009db2f50602ec66a785ccba2f2190d042,0035680ae49e7216a26be3859972ee9575
70.42.32.127200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=00995ec51eb23fc05a0627b93976ed9179,00444d53aaa69516fdd4f38cb01a408ffb,007bfa109c755ce2abc89bcca6ab1ec76b,00e5c90732d6db4c996b8e51ecf69f2be4,009db2f50602ec66a785ccba2f2190d042,0035680ae49e7216a26be3859972ee9575
IP 70.42.32.127:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=00995ec51eb23fc05a0627b93976ed9179,00444d53aaa69516fdd4f38cb01a408ffb,007bfa109c755ce2abc89bcca6ab1ec76b,00e5c90732d6db4c996b8e51ecf69f2be4,009db2f50602ec66a785ccba2f2190d042,0035680ae49e7216a26be3859972ee9575 HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 17:07:33 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: f99c4e991422b8034c4765767a0d0662
content-encoding: gzip
tr.outbrain.com/unifiedPixel?marketerId=00995ec51eb23fc05a0627b93976ed9179,00444d53aaa69516fdd4f38cb01a408ffb,007bfa109c755ce2abc89bcca6ab1ec76b,00e5c90732d6db4c996b8e51ecf69f2be4,009db2f50602ec66a785ccba2f2190d042,0035680ae49e7216a26be3859972ee9575&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&optOut=false&bust=05487191023706802&referrer=http%3A%2F%2Fbalor-ghn.com%2F
70.42.32.127200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00995ec51eb23fc05a0627b93976ed9179,00444d53aaa69516fdd4f38cb01a408ffb,007bfa109c755ce2abc89bcca6ab1ec76b,00e5c90732d6db4c996b8e51ecf69f2be4,009db2f50602ec66a785ccba2f2190d042,0035680ae49e7216a26be3859972ee9575&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&optOut=false&bust=05487191023706802&referrer=http%3A%2F%2Fbalor-ghn.com%2F
IP 70.42.32.127:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00995ec51eb23fc05a0627b93976ed9179,00444d53aaa69516fdd4f38cb01a408ffb,007bfa109c755ce2abc89bcca6ab1ec76b,00e5c90732d6db4c996b8e51ecf69f2be4,009db2f50602ec66a785ccba2f2190d042,0035680ae49e7216a26be3859972ee9575&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&optOut=false&bust=05487191023706802&referrer=http%3A%2F%2Fbalor-ghn.com%2F HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 17:07:33 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 7ae9db886d06539cab790fe53fcfbc97
content-encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4ee5c6443c11da4a5cf7ea801cd0c62f
e742a7ee1cbedf1a23a82361f3873dbc165f927c
e3682e49ed03efcf590a500154380807b54433f8344923e9017994bdf0d46924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 90283bc63827c945ae1c8f41f7c1732d
31e51610c050466bfa21345aa54bf8d288004a5b
80d7336429356b6349486a1df8bddb2a396751f40f961428457c7cc3712dc677
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5886
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:33 GMT
Last-Modified: Sun, 18 Sep 2022 15:29:27 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 90283bc63827c945ae1c8f41f7c1732d
31e51610c050466bfa21345aa54bf8d288004a5b
80d7336429356b6349486a1df8bddb2a396751f40f961428457c7cc3712dc677
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6583
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:33 GMT
Last-Modified: Sun, 18 Sep 2022 15:17:50 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2056847-65&cid=1215325232.1663520834&jid=2005562491&_u=aADAAEAAQAAAAC~&z=1320830534
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2056847-65&cid=1215325232.1663520834&jid=2005562491&_u=aADAAEAAQAAAAC~&z=1320830534
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2056847-65&cid=1215325232.1663520834&jid=2005562491&_u=aADAAEAAQAAAAC~&z=1320830534 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 17:07:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=432617183539790&ev=PageView&dl=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&rl=http%3A%2F%2Fbalor-ghn.com%2F&if=false&ts=1663520835182&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=28&fbp=fb.1.1663520835181.2130154980&it=1663520834908&coo=false&rqm=GET
157.240.200.35200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=432617183539790&ev=PageView&dl=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&rl=http%3A%2F%2Fbalor-ghn.com%2F&if=false&ts=1663520835182&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=28&fbp=fb.1.1663520835181.2130154980&it=1663520834908&coo=false&rqm=GET
IP 157.240.200.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=432617183539790&ev=PageView&dl=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&rl=http%3A%2F%2Fbalor-ghn.com%2F&if=false&ts=1663520835182&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=28&fbp=fb.1.1663520835181.2130154980&it=1663520834908&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Sun, 18 Sep 2022 17:07:33 GMT
expires: Sun, 18 Sep 2022 17:07:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=432617183539790&ev=Scroll50&dl=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&rl=http%3A%2F%2Fbalor-ghn.com%2F&if=false&ts=1663520835186&sw=1280&sh=1024&v=2.9.83&r=stable&ec=1&o=28&fbp=fb.1.1663520835181.2130154980&it=1663520834908&coo=false&rqm=GET
157.240.200.35200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=432617183539790&ev=Scroll50&dl=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&rl=http%3A%2F%2Fbalor-ghn.com%2F&if=false&ts=1663520835186&sw=1280&sh=1024&v=2.9.83&r=stable&ec=1&o=28&fbp=fb.1.1663520835181.2130154980&it=1663520834908&coo=false&rqm=GET
IP 157.240.200.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=432617183539790&ev=Scroll50&dl=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&rl=http%3A%2F%2Fbalor-ghn.com%2F&if=false&ts=1663520835186&sw=1280&sh=1024&v=2.9.83&r=stable&ec=1&o=28&fbp=fb.1.1663520835181.2130154980&it=1663520834908&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Sun, 18 Sep 2022 17:07:33 GMT
expires: Sun, 18 Sep 2022 17:07:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
trc.taboola.com/1005612/trc/3/json?tim=1663520834866&data=%7B%22id%22%3A897%2C%22ii%22%3A%22%2Fen%2Fpractice-account%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1663520834859%2C%22cv%22%3A%2220220918-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D%22%2C%22e%22%3A%22http%3A%2F%2Fbalor-ghn.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Detoro-network%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1663520834866%2C%22ref%22%3A%22http%3A%2F%2Fbalor-ghn.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D%22%2C%22tos%22%3A3%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 1.4 kB URL HTTP/2 trc.taboola.com/1005612/trc/3/json?tim=1663520834866&data=%7B%22id%22%3A897%2C%22ii%22%3A%22%2Fen%2Fpractice-account%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1663520834859%2C%22cv%22%3A%2220220918-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D%22%2C%22e%22%3A%22http%3A%2F%2Fbalor-ghn.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Detoro-network%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1663520834866%2C%22ref%22%3A%22http%3A%2F%2Fbalor-ghn.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D%22%2C%22tos%22%3A3%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
Hash 0da95e10d3956ace734aab30b357578e
9500225e7f71af64f5ea1ae59716e3142fa475fe
c889422a776fba3bacbf638f4fba8eef3162d1492f2acbf203fa7b6a8f3615be
GET /1005612/trc/3/json?tim=1663520834866&data=%7B%22id%22%3A897%2C%22ii%22%3A%22%2Fen%2Fpractice-account%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1663520834859%2C%22cv%22%3A%2220220918-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D%22%2C%22e%22%3A%22http%3A%2F%2Fbalor-ghn.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Detoro-network%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1663520834866%2C%22ref%22%3A%22http%3A%2F%2Fbalor-ghn.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D%22%2C%22tos%22%3A3%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 18 Sep 2022 17:07:33 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663520853.397665,VS0,VE94
vary: Accept-Encoding
x-vcl-time-ms: 94
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2929684%26time%3D1663520834779%26url%3Dhttps%253A%252F%252Fgo.etoro.com%252Fen%252Fpractice-account%253Futm_medium%253DNetworks%2526utm_source%253D72681%2526utm_content%253D19861%2526utm_serial%253D%2526utm_campaign%253D%2526utm_term%253D%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2929684%26time%3D1663520834779%26url%3Dhttps%253A%252F%252Fgo.etoro.com%252Fen%252Fpractice-account%253Futm_medium%253DNetworks%2526utm_source%253D72681%2526utm_content%253D19861%2526utm_serial%253D%2526utm_campaign%253D%2526utm_term%253D%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2929684%26time%3D1663520834779%26url%3Dhttps%253A%252F%252Fgo.etoro.com%252Fen%252Fpractice-account%253Futm_medium%253DNetworks%2526utm_source%253D72681%2526utm_content%253D19861%2526utm_serial%253D%2526utm_campaign%253D%2526utm_term%253D%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go.etoro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2929684&time=1663520834779&url=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&21fa7d3e-6280-41f3-88b1-3e50d27c7a42"; Domain=.linkedin.com; Expires=Mon, 18-Sep-2023 17:07:33 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20220918170733f75c05c2-8b6b-4839-82c4-75b9e2ca2c4bAQErt6_8cpGSmo3mISKZOJBt6DFnkEuj"; Domain=.www.linkedin.com; Expires=Mon, 18-Sep-2023 17:07:33 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjM1MjA4NTM7MjswMjGPq+dvnMVvXxhqOxivFpPHoHOGaSUCSbyjfrtl9KIJEg==; Domain=.linkedin.com; Expires=Fri, 17 Mar 2023 17:07:33 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2345:u=1:x=1:i=1663520853:t=1663607253:v=2:sig=AQG6DnqDWaEZbAMQscys-wWcdHa_DfbK"; Expires=Mon, 19 Sep 2022 17:07:33 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXo9qGP4esB/1thq/jLvg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B3BA2C8CD300453ABC7101AE4CF00D87 Ref B: OSL30EDGE0106 Ref C: 2022-09-18T17:07:33Z
date: Sun, 18 Sep 2022 17:07:33 GMT
content-length: 0
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=cbde842d-0814-4790-a632-4fa9c22800af&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=849cf049-2516-469a-bc04-9e77fab3a00a&tw_document_href=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o52r0&type=javascript&version=2.3.27
104.244.42.195200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=cbde842d-0814-4790-a632-4fa9c22800af&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=849cf049-2516-469a-bc04-9e77fab3a00a&tw_document_href=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o52r0&type=javascript&version=2.3.27
IP 104.244.42.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=cbde842d-0814-4790-a632-4fa9c22800af&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=849cf049-2516-469a-bc04-9e77fab3a00a&tw_document_href=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o52r0&type=javascript&version=2.3.27 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 17:07:33 GMT
server: tsa_o
set-cookie: personalization_id="v1_npcS+trhCcuBubtCIXpeHg=="; Max-Age=63072000; Expires=Tue, 17 Sep 2024 17:07:33 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
strict-transport-security: max-age=631138519
x-response-time: 103
x-connection-hash: 33c3b6881095fe3693c1dbe8cd4106ec758e2b092dd16a4b59e2e041293608e3
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=be07a262-dcc3-4875-abad-49d7e3f7376c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=849cf049-2516-469a-bc04-9e77fab3a00a&tw_document_href=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1dlu&type=javascript&version=2.3.27
104.244.42.195200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=be07a262-dcc3-4875-abad-49d7e3f7376c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=849cf049-2516-469a-bc04-9e77fab3a00a&tw_document_href=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1dlu&type=javascript&version=2.3.27
IP 104.244.42.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=be07a262-dcc3-4875-abad-49d7e3f7376c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=849cf049-2516-469a-bc04-9e77fab3a00a&tw_document_href=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1dlu&type=javascript&version=2.3.27 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 17:07:33 GMT
server: tsa_o
set-cookie: personalization_id="v1_Z4Q0lQJeXisNoncdRLePtQ=="; Max-Age=63072000; Expires=Tue, 17 Sep 2024 17:07:33 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
strict-transport-security: max-age=631138519
x-response-time: 115
x-connection-hash: 33c3b6881095fe3693c1dbe8cd4106ec758e2b092dd16a4b59e2e041293608e3
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=2929684&time=1663520834779&url=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=2929684&time=1663520834779&url=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=2929684&time=1663520834779&url=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go.etoro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&60b84ae0-a301-491f-84c7-cbafc268a047"; domain=.linkedin.com; Path=/; Secure; Expires=Mon, 18-Sep-2023 17:07:33 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2387:u=1:x=1:i=1663520853:t=1663607253:v=2:sig=AQHOPtIc2IvJdlAH5_98N1TfeNUWedht"; Expires=Mon, 19 Sep 2022 17:07:33 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXo9qGT9EHtm7sSD/inDQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 9916D50EF2EB430F9274B63A617DD957 Ref B: OSL30EDGE0106 Ref C: 2022-09-18T17:07:33Z
date: Sun, 18 Sep 2022 17:07:33 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a7ffc60a08c67045e3e60d43e5888f83
2477b626ba22c67bde14b5eef37e16e82e15da30
995cde6d503a82d237b05139b99c9d2702acfd02270543f7be58b166f0f4c031
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 17:07:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 14:54:23 GMT
Expires: Sat, 24 Sep 2022 14:54:22 GMT
Etag: "2477b626ba22c67bde14b5eef37e16e82e15da30"
Cache-Control: max-age=509807,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cbadba1ca8b503-OSL
one.pointlessplay.com/mon
34.199.234.25200 OK 0 B URL HTTP/2 one.pointlessplay.com/mon
IP 34.199.234.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: one.pointlessplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1525
Origin: https://go.etoro.com
Connection: keep-alive
Referer: https://go.etoro.com/
Cookie: cg_uuid=7e9f042d8ceb10ff7d73f9f9e47d8a6f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://go.etoro.com
content-type: application/json
date: Sun, 18 Sep 2022 17:07:34 GMT
content-length: 0
X-Firefox-Spdy: h2
one.pointlessplay.com/mon
34.199.234.25200 OK 0 B URL HTTP/2 one.pointlessplay.com/mon
IP 34.199.234.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: one.pointlessplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1520
Origin: https://go.etoro.com
Connection: keep-alive
Referer: https://go.etoro.com/
Cookie: cg_uuid=7e9f042d8ceb10ff7d73f9f9e47d8a6f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://go.etoro.com
content-type: application/json
date: Sun, 18 Sep 2022 17:07:34 GMT
content-length: 0
X-Firefox-Spdy: h2
trc-events.taboola.com/1005612/log/3/unip?en=pre_d_eng_tb&tos=1560&scd=100&ssd=1&est=1663520834861&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1663520836423&vi=1663520834859&ri=cb4a003532c920cbe1fbf1d6bcb9d97d&ref=http%3A%2F%2Fbalor-ghn.com%2F&cv=20220918-2-RELEASE&item-url=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&ler=other
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1005612/log/3/unip?en=pre_d_eng_tb&tos=1560&scd=100&ssd=1&est=1663520834861&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1663520836423&vi=1663520834859&ri=cb4a003532c920cbe1fbf1d6bcb9d97d&ref=http%3A%2F%2Fbalor-ghn.com%2F&cv=20220918-2-RELEASE&item-url=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&ler=other
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1005612/log/3/unip?en=pre_d_eng_tb&tos=1560&scd=100&ssd=1&est=1663520834861&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1663520836423&vi=1663520834859&ri=cb4a003532c920cbe1fbf1d6bcb9d97d&ref=http%3A%2F%2Fbalor-ghn.com%2F&cv=20220918-2-RELEASE&item-url=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&ler=other HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.etoro.com
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 18 Sep 2022 17:07:35 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://go.etoro.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash ab9b48f27a4386a2caab37537b2e1e43
79df999fb568075a464fbf1137414492d0a65a0b
a9fc54a61231ad623f316d32a759171107dcfe019c728f5c20d3ce05b40572ef
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5792
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:35 GMT
Last-Modified: Sun, 18 Sep 2022 15:31:04 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 727
cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
35.186.235.23200 OK 17 kB URL HTTP/2 cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
IP 35.186.235.23:0
File type ASCII text, with very long lines (755)
Hash caa762087e9d75cecc34b5d6626cb7b9
fcc68d485c2f42e0f880260c3e104cedf50d0d11
dc0ec55efae4c1f0ff095cf05133cc835e1cc4ff7906d3b7a2d0d86789bfe145
GET /libs/mixpanel-2-latest.min.js HTTP/1.1
Host: cdn.mxpnl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduDhNOiBNlSnqMjgGudQ9qPdBVik93k2Q-g3yNeJuO0mAyN9nwzRvJAY1tfVu5_vB2yWnUuFhM4kBwT3EQQYAn_Iw
x-goog-generation: 1645129310876382
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 17435
content-encoding: gzip
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 17435
access-control-allow-origin: *
server: UploadServer
date: Sun, 18 Sep 2022 17:02:05 GMT
expires: Sun, 18 Sep 2022 17:12:05 GMT
cache-control: public,max-age=600
age: 330
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
etag: "caa762087e9d75cecc34b5d6626cb7b9"
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash ab9b48f27a4386a2caab37537b2e1e43
79df999fb568075a464fbf1137414492d0a65a0b
a9fc54a61231ad623f316d32a759171107dcfe019c728f5c20d3ce05b40572ef
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5792
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:07:35 GMT
Last-Modified: Sun, 18 Sep 2022 15:31:04 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 727
px.steelhousemedia.com/st?ga_tracking_id=UA-2056847-65&ga_client_id=1215325232.1663520834&shpt=eToro%20practice%20account&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-2056847-65%22%2C%22ga_client_id%22%3A%221215325232.1663520834%22%2C%22shpt%22%3A%22eToro%20practice%20account%22%2C%22dcm_cid%22%3A%221663520834.1%22%2C%22dcm_gid%22%3A%222142121970.1663520835%22%2C%22ga_utm_campaign%22%3A%22%22%2C%22ga_utm_source%22%3A%2272681%22%2C%22ga_utm_medium%22%3A%22Networks%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getTrackingIdByGA%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1663520834.1&dcm_gid=2142121970.1663520835&dxver=4.0.0&shaid=31950&tdr=http%3A%2F%2Fbalor-ghn.com%2F&plh=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&cb=57399281210038980term%3Dvalue
44.233.136.7200 OK 1.3 kB URL HTTP/1.1 px.steelhousemedia.com/st?ga_tracking_id=UA-2056847-65&ga_client_id=1215325232.1663520834&shpt=eToro%20practice%20account&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-2056847-65%22%2C%22ga_client_id%22%3A%221215325232.1663520834%22%2C%22shpt%22%3A%22eToro%20practice%20account%22%2C%22dcm_cid%22%3A%221663520834.1%22%2C%22dcm_gid%22%3A%222142121970.1663520835%22%2C%22ga_utm_campaign%22%3A%22%22%2C%22ga_utm_source%22%3A%2272681%22%2C%22ga_utm_medium%22%3A%22Networks%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getTrackingIdByGA%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1663520834.1&dcm_gid=2142121970.1663520835&dxver=4.0.0&shaid=31950&tdr=http%3A%2F%2Fbalor-ghn.com%2F&plh=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&cb=57399281210038980term%3Dvalue
IP 44.233.136.7:0
Hash 65ff5f3a89b222579669ae1b3883a13e
73a86460413b541aa9ecf76d8cb95356c06c2355
497bf36f28a3f5ea2af47fe2d842186e259c1d177a0d450bb254ca16ad1e2788
GET /st?ga_tracking_id=UA-2056847-65&ga_client_id=1215325232.1663520834&shpt=eToro%20practice%20account&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-2056847-65%22%2C%22ga_client_id%22%3A%221215325232.1663520834%22%2C%22shpt%22%3A%22eToro%20practice%20account%22%2C%22dcm_cid%22%3A%221663520834.1%22%2C%22dcm_gid%22%3A%222142121970.1663520835%22%2C%22ga_utm_campaign%22%3A%22%22%2C%22ga_utm_source%22%3A%2272681%22%2C%22ga_utm_medium%22%3A%22Networks%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getTrackingIdByGA%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1663520834.1&dcm_gid=2142121970.1663520835&dxver=4.0.0&shaid=31950&tdr=http%3A%2F%2Fbalor-ghn.com%2F&plh=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&cb=57399281210038980term%3Dvalue HTTP/1.1
Host: px.steelhousemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 18 Sep 2022 17:07:34 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=63cfcd08-3774-11ed-a649-795f2433e0e6;Domain=steelhousemedia.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
connection: close
one.pointlessplay.com/mon
34.199.234.25200 OK 0 B URL HTTP/2 one.pointlessplay.com/mon
IP 34.199.234.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: one.pointlessplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1520
Origin: https://go.etoro.com
Connection: keep-alive
Referer: https://go.etoro.com/
Cookie: cg_uuid=7e9f042d8ceb10ff7d73f9f9e47d8a6f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://go.etoro.com
content-type: application/json
date: Sun, 18 Sep 2022 17:07:36 GMT
content-length: 0
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd6067cf-6392-4f3a-8543-a3861c83d1cd.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd6067cf-6392-4f3a-8543-a3861c83d1cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ae5a7fc19cf9601753b147621cb9f8c
04063797f76518668fdd9a5d5a86c7637eac43b8
b1c659363aa69139a03aab9a6d76800b3568ccf5201f02e1ea864e2bff70d3a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd6067cf-6392-4f3a-8543-a3861c83d1cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9093
x-amzn-requestid: 29c7788f-27e9-4823-8cba-ebf4ef9ea7ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tjEvsoAMFrtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbc-37b8d7930503d507592bf728;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ad9w48miLhhgUj5HjLWVi8MuMLErwtnog3r3Set_qdQH2FS9Q5Fj6A==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:10:23 GMT
age: 68234
etag: "04063797f76518668fdd9a5d5a86c7637eac43b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
etoro-cdn.etorostatic.com/studio/content/lp/cache_1/etoro-lps/fonts/madera/Madera-Medium.ttf
23.38.201.117200 OK 0 B URL HTTP/2 etoro-cdn.etorostatic.com/studio/content/lp/cache_1/etoro-lps/fonts/madera/Madera-Medium.ttf
IP 23.38.201.117:0
GET /studio/content/lp/cache_1/etoro-lps/fonts/madera/Madera-Medium.ttf HTTP/1.1
Host: etoro-cdn.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.etoro.com
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: nblT89t0u5uwevTGLaU+eog/wH9xflAljrdcDrqCcjA1Zvspu4vaMAZfVa9+65eN/1JBbSNznbs=
x-amz-request-id: MN2THFD78W4RQFT5
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Sun, 16 Jan 2022 07:07:48 GMT
etag: "d5888614c5b3d758ef59fa6600e7425e"
x-amz-meta-sha256: d144af5ebf9f2ce2c4e6eca89b38e8fc5961014e66d4d76ea46e832be3d6f959
x-amz-meta-s3b-last-modified: 20220116T070301Z
x-amz-version-id: YMg5tZdevSXydv6Mb5hXds7Amba8krCd
accept-ranges: bytes
content-type: application/x-font-ttf
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
expires: Sun, 25 Sep 2022 17:07:32 GMT
date: Sun, 18 Sep 2022 17:07:32 GMT
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=ucnwrwt&ref=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&upid=jxpewqr&upv=1.1.0&td1=visit
3.33.220.150302 Found 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=ucnwrwt&ref=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&upid=jxpewqr&upv=1.1.0&td1=visit
IP 3.33.220.150:0
GET /track/up?adv=ucnwrwt&ref=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&upid=jxpewqr&upv=1.1.0&td1=visit HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 18 Sep 2022 17:07:32 GMT
content-type: text/html; charset=utf-8
location: https://match.adsrvr.org/track/upb/?adv=ucnwrwt&ref=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&upid=jxpewqr&upv=1.1.0&td1=visit
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=e8dc740b-1204-43c9-a6e8-f2f14fe670f7; domain=.adsrvr.org; expires=Mon, 18-Sep-2023 17:07:33 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
tr.snapchat.com/collector/is_enabled?pids=2b300842-74be-4e72-8ed5-3bab9449a996&tld=com
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/collector/is_enabled?pids=2b300842-74be-4e72-8ed5-3bab9449a996&tld=com
IP 35.190.43.134:0
GET /collector/is_enabled?pids=2b300842-74be-4e72-8ed5-3bab9449a996&tld=com HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go.etoro.com/
Origin: https://go.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 17:07:32 GMT
access-control-allow-origin: https://go.etoro.com
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
px.steelhousemedia.com/st?ga_tracking_id=UA-2056847-65&ga_client_id=1215325232.1663520834&shpt=eToro%20practice%20account&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-2056847-65%22%2C%22ga_client_id%22%3A%221215325232.1663520834%22%2C%22shpt%22%3A%22eToro%20practice%20account%22%2C%22dcm_cid%22%3A%221663520834.1%22%2C%22dcm_gid%22%3A%222142121970.1663520835%22%2C%22ga_utm_campaign%22%3A%22%22%2C%22ga_utm_source%22%3A%2272681%22%2C%22ga_utm_medium%22%3A%22Networks%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getTrackingIdByGA%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1663520834.1&dcm_gid=2142121970.1663520835&dxver=4.0.0&shaid=31950&tdr=http%3A%2F%2Fbalor-ghn.com%2F&plh=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&cb=1663520854865468&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1663520855652
44.233.136.7200 OK 0 B URL HTTP/1.1 px.steelhousemedia.com/st?ga_tracking_id=UA-2056847-65&ga_client_id=1215325232.1663520834&shpt=eToro%20practice%20account&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-2056847-65%22%2C%22ga_client_id%22%3A%221215325232.1663520834%22%2C%22shpt%22%3A%22eToro%20practice%20account%22%2C%22dcm_cid%22%3A%221663520834.1%22%2C%22dcm_gid%22%3A%222142121970.1663520835%22%2C%22ga_utm_campaign%22%3A%22%22%2C%22ga_utm_source%22%3A%2272681%22%2C%22ga_utm_medium%22%3A%22Networks%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getTrackingIdByGA%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1663520834.1&dcm_gid=2142121970.1663520835&dxver=4.0.0&shaid=31950&tdr=http%3A%2F%2Fbalor-ghn.com%2F&plh=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&cb=1663520854865468&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1663520855652
IP 44.233.136.7:0
GET /st?ga_tracking_id=UA-2056847-65&ga_client_id=1215325232.1663520834&shpt=eToro%20practice%20account&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-2056847-65%22%2C%22ga_client_id%22%3A%221215325232.1663520834%22%2C%22shpt%22%3A%22eToro%20practice%20account%22%2C%22dcm_cid%22%3A%221663520834.1%22%2C%22dcm_gid%22%3A%222142121970.1663520835%22%2C%22ga_utm_campaign%22%3A%22%22%2C%22ga_utm_source%22%3A%2272681%22%2C%22ga_utm_medium%22%3A%22Networks%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getTrackingIdByGA%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1663520834.1&dcm_gid=2142121970.1663520835&dxver=4.0.0&shaid=31950&tdr=http%3A%2F%2Fbalor-ghn.com%2F&plh=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&cb=1663520854865468&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1663520855652 HTTP/1.1
Host: px.steelhousemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 18 Sep 2022 17:07:36 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: rt=MzAyMDg6MTY2MzEwMDU4NCwzMjEzMDoxNjYyNzg0NzIzLDMyMTMxOjE2NjI2MDU2MzksMzEyNDQ6MTY2MjY2NjUyOSwzMDczMjoxNjYyNzU4OTM3LDMyMTQwOjE2NjMzNDE1NTEsMzE2MzE6MTY2MzA4NzM2MSwzMDQ4MToxNjYyNjg0MjkxLDMwNzM4OjE2NjI5NzQ1ODcsOTQ5MjoxNjYyNzI2MDQxLDMyMTQ4OjE2NjI5MzA1NTksMzIxNTA6MTY2MjgxMjM3MCwzMTM4NzoxNjYyODk4NzcyLDMwMjQwOjE2NjI1OTIzNzEsMzA0OTg6MTY2MzA5NDg4MCwzMTAxMjoxNjYzMDIyODcwLDMyMTcwOjE2NjMwMDg4OTIsMzAzNzk6MTY2MjYzOTUxMywxMjU5MDoxNjYzMDg1ODcwLDMxNDA5OjE2NjMwMzQ2MzEsMzE0MTM6MTY2MzA3MTY2NSwzMTQxNDoxNjYyNjU0NzEzLDMxNTQyOjE2NjI2NjY1NDksMzAzOTM6MTY2MjY1MzMyNywzMDkwODoxNjYzMTc0NzQ4LDMxODA1OjE2NjMwMDgxNTcsMzIwNjI6MTY2Mjk5MzUyMCwzMTQyMzoxNjYyNzUxMTY4LDMwOTE4OjE2NjMzNDM3MTIsMzIwNzc6MTY2Mjc4NjQyNSwzMTY5NDoxNjYyNTg4Nzc5LDMxOTUwOjE2NjM1MDk3MTQsMzA3OTk6MTY2MjU4MzgzMywzMTcwMzoxNjYzMDIxMDI0LDMxMzE5OjE2NjMwMjUyOTYsMzE1Nzc6MTY2MjU4OTAzNSwzMTgzNjoxNjYyNjU3NTI3LDMxODQxOjE2NjI4OTg2ODEsMzEzMzE6MTY2MjY4NzI4MiwzMDU3MToxNjYzNTAzNjMwLDMwOTU3OjE2NjMxOTI0MjQsMzE4NTU6MTY2Mjc2NjM1NywzMDQ0NzoxNjYzMTgzOTI3LDMxMDg4OjE2NjI2NjgwOTMsMzMxMzk6MTY2MjU0MjMwOCwzMTYwMzoxNjYzMDA4ODkyLDMxNjA1OjE2NjI2NjgwOTMsMzEzNDk6MTY2MzMzNjEyNSwzMTYxMjoxNjYyNTg5NjIwLDMxODY5OjE2NjMwMTg5MTUsMzExMDE6MTY2MzE1Nzk1NiwzMjEyNzoxNjYyNjY1NjYw;Domain=steelhousemedia.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=35b0bce9-d250-329d-b012-c0426f88d0bd;Domain=steelhousemedia.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
connection: close
dx.steelhousemedia.com/spx?dxver=4.0.0&shaid=31950&tdr=http%3A%2F%2Fbalor-ghn.com%2F&plh=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&cb=57399281210038980term=value
54.69.84.146200 0 B URL HTTP/1.1 dx.steelhousemedia.com/spx?dxver=4.0.0&shaid=31950&tdr=http%3A%2F%2Fbalor-ghn.com%2F&plh=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&cb=57399281210038980term=value
IP 54.69.84.146:0
GET /spx?dxver=4.0.0&shaid=31950&tdr=http%3A%2F%2Fbalor-ghn.com%2F&plh=https%3A%2F%2Fgo.etoro.com%2Fen%2Fpractice-account%3Futm_medium%3DNetworks%26utm_source%3D72681%26utm_content%3D19861%26utm_serial%3D%26utm_campaign%3D%26utm_term%3D&cb=57399281210038980term=value HTTP/1.1
Host: dx.steelhousemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Sun, 18 Sep 2022 17:07:33 GMT
connection: close
marketing.etorostatic.com/landingpages/main-es2015.aa0d4bd073c6a7339a36.js
23.38.201.117200 OK 0 B URL HTTP/2 marketing.etorostatic.com/landingpages/main-es2015.aa0d4bd073c6a7339a36.js
IP 23.38.201.117:0
GET /landingpages/main-es2015.aa0d4bd073c6a7339a36.js HTTP/1.1
Host: marketing.etorostatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.etoro.com
Connection: keep-alive
Referer: https://go.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nZD0ZFzqJURilWhukTuo5HyKUnihVGWu2Eg+4HlO7F4GIKybgu4mPSTv4sqSyZOSMrGG0dJOE1M=
x-amz-request-id: KMKXTNXXACXJVCT2
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 15 Sep 2022 12:14:54 GMT
etag: "81d123a54e111d096716feab00504cc6"
x-amz-version-id: ii.gqIM1AtVp7rMU7Ka8YtiIcnkbp8EQ
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sun, 18 Sep 2022 17:12:31 GMT
date: Sun, 18 Sep 2022 17:07:31 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2