Overview

URLt2.blowingwnd.com/l.php?p=c:o6450ylcdnn31butk&d=624e9ea3e8e2a8163b65d246&pid=63631c7ed25a000001997fbb&s=503
IP 51.161.115.163 (Canada)
ASN#16276 OVH SAS
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-03 01:42:53 UTC
StatusLoading report..
IDS alerts0
Blocklist alert3
urlquery alerts No alerts detected
Tags None

Domain Summary (74)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
static.hotjar.com (1) 641 2014-11-01 05:14:27 UTC 2020-04-26 08:32:02 UTC 52.222.139.53
px.steelhousemedia.com (2) 7685 2012-07-19 07:21:29 UTC 2022-11-02 21:22:21 UTC 54.244.159.189
adspredictiv.com (3) 160243 2015-04-30 21:27:53 UTC 2022-11-02 22:22:02 UTC 35.190.38.40
vars.hotjar.com (1) 1014 2020-11-05 10:13:14 UTC 2022-11-02 22:48:18 UTC 13.227.219.76
9944765.fls.doubleclick.net (1) 125024 No data No data 142.250.74.70
s.yimg.com (1) 375 2012-05-21 13:25:46 UTC 2020-03-08 23:51:03 UTC 188.125.94.204
ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2020-05-02 20:58:10 UTC 192.124.249.24
ww.steelhousemedia.com (1) 16192 2013-04-10 15:22:18 UTC 2022-11-02 18:57:23 UTC 44.238.130.186
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
www.googletagmanager.com (2) 75 2012-12-25 14:52:06 UTC 2022-11-02 13:18:55 UTC 142.250.74.168
etorologsapi.etoro.com (1) 54636 2015-02-05 06:25:55 UTC 2019-11-21 07:10:20 UTC 20.54.24.199
connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2020-02-17 13:26:09 UTC 157.240.240.1
go.money616.xyz (1) 0 No data No data 18.184.197.212 Unknown ranking
cdn.acsbapp.com (2) 5589 2020-08-16 06:12:24 UTC 2020-11-08 12:35:22 UTC 104.238.215.8
bam.nr-data.net (2) 630 2015-02-10 00:06:27 UTC 2022-05-19 12:27:58 UTC 162.247.241.14
acsbapp.com (1) 5220 2020-08-14 05:49:08 UTC 2022-11-02 07:05:11 UTC 138.128.247.123
adservice.google.no (1) 96969 2018-06-19 23:38:38 UTC 2020-05-14 07:59:11 UTC 142.250.74.130
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-02 20:47:22 UTC 142.250.74.174
stats.g.doubleclick.net (2) 96 2013-06-10 20:21:11 UTC 2022-11-02 19:23:22 UTC 173.194.221.154
popcash.net (1) 11104 2017-07-19 16:41:38 UTC 2022-11-02 20:05:45 UTC 172.67.194.203
cdn.taboola.com (1) 1040 2013-07-19 23:48:03 UTC 2020-04-10 11:29:57 UTC 151.101.85.44
r3.o.lencr.org (7) 344 No data No data 23.36.77.32
adservice.google.com (1) 76 2021-02-20 16:10:48 UTC 2022-11-02 21:05:58 UTC 142.250.74.2
geolocation.onetrust.com (1) 802 2018-09-01 13:33:45 UTC 2022-11-02 07:59:51 UTC 172.64.146.158
zero.pointlessplay.com (1) 0 2022-05-04 08:00:48 UTC 2022-11-02 11:15:05 UTC 52.222.139.93 Unknown ranking
amplify.outbrain.com (1) 2255 2018-06-20 02:16:23 UTC 2021-09-19 09:57:40 UTC 23.38.201.81
www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-11-02 18:32:34 UTC 142.250.74.3
www.etoro.com (1) 18613 2012-05-29 12:18:15 UTC 2020-04-30 06:11:14 UTC 104.18.35.149
ocsp.digicert.com (19) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
ps.popcash.net (2) 67692 No data No data 54.204.100.201
script.hotjar.com (1) 887 2020-11-05 16:23:46 UTC 2022-11-02 19:04:53 UTC 13.227.219.71
c0.adalyser.com (2) 26110 2018-08-22 06:21:53 UTC 2020-04-21 04:24:50 UTC 54.220.223.247
sp.analytics.yahoo.com (2) 816 2014-02-20 00:23:24 UTC 2020-02-06 05:43:37 UTC 212.82.100.181
www.linkedin.com (1) 608 2015-06-18 16:10:03 UTC 2020-04-27 12:38:34 UTC 13.107.42.14
dipaka-ead.com (1) 0 2022-10-31 13:23:43 UTC 2022-11-02 11:20:47 UTC 3.212.50.125 Unknown ranking
js-agent.newrelic.com (1) 378 2018-06-22 04:15:37 UTC 2020-05-01 11:44:04 UTC 151.101.86.137
static.ads-twitter.com (1) 614 2018-06-23 22:08:39 UTC 2020-04-02 08:58:40 UTC 151.101.84.157
tr.outbrain.com (2) 2017 2018-07-09 09:55:46 UTC 2021-09-19 09:16:35 UTC 70.42.32.95
region1.analytics.google.com (1) 0 2022-03-17 11:26:33 UTC 2022-11-02 08:06:51 UTC 216.239.34.36 Domain (google.com) ranked at: 1
t.co (2) 569 2012-07-25 19:09:44 UTC 2022-11-02 06:53:59 UTC 104.244.42.197
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.149.83.187
ocsp.pki.goog (18) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
www.googleoptimize.com (1) 1604 2019-07-23 08:23:32 UTC 2022-11-02 22:54:16 UTC 142.250.74.78
web1.acsbapp.com (1) 37191 2021-03-10 09:46:33 UTC 2022-11-02 07:05:11 UTC 138.128.247.123
med.etoro.com (1) 45781 No data No data 96.6.17.100
ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 52.222.137.119
trc-events.taboola.com (1) 1779 2020-06-09 13:52:57 UTC 2021-01-14 12:00:33 UTC 141.226.228.48
insight.adsrvr.org (2) 631 2014-03-25 22:33:59 UTC 2022-11-02 06:11:54 UTC 52.223.40.198
ron.trffclb.com (3) 0 2022-09-30 13:04:48 UTC 2022-11-02 21:21:57 UTC 51.83.143.92 Unknown ranking
dx.steelhousemedia.com (1) 8530 2013-09-26 09:54:29 UTC 2022-11-02 18:23:44 UTC 54.69.84.146
cdn.fonts.net (1) 62966 2018-07-06 16:36:26 UTC 2022-11-02 18:32:35 UTC 104.17.224.78
status.thawte.com (3) 5123 2019-03-13 17:00:46 UTC 2020-04-10 08:00:21 UTC 93.184.220.29
www.google.com (2) 7 2016-03-22 03:56:07 UTC 2022-11-02 12:52:22 UTC 142.250.74.164
analytics.twitter.com (2) 526 2013-04-10 19:53:18 UTC 2020-02-24 11:40:32 UTC 104.244.42.131
bat.bing.com (3) 387 2014-04-08 09:23:16 UTC 2020-04-20 20:17:24 UTC 204.79.197.200
px.ads.linkedin.com (2) 522 2018-06-15 11:29:56 UTC 2019-09-20 11:09:24 UTC 13.107.42.14
t2.blowingwnd.com (1) 0 2022-08-03 13:42:13 UTC 2022-11-02 15:52:53 UTC 51.161.115.163 Unknown ranking
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
cdn.cookielaw.org (7) 502 2014-05-20 23:23:17 UTC 2022-11-02 06:39:56 UTC 104.16.149.64
in.hotjar.com (1) 1746 2018-10-22 17:15:59 UTC 2020-11-20 16:45:40 UTC 34.246.28.68
sc-static.net (1) 1183 2022-01-24 20:13:30 UTC 2022-11-02 18:50:51 UTC 54.192.87.248
tr.snapchat.com (3) 978 2017-04-26 06:25:03 UTC 2022-05-17 21:54:32 UTC 35.190.43.134
snap.licdn.com (2) 1044 2014-10-06 08:43:45 UTC 2020-04-10 04:11:37 UTC 23.36.76.112
one.pointlessplay.com (5) 0 2021-08-13 12:07:31 UTC 2022-11-02 11:19:15 UTC 52.45.196.192 Unknown ranking
goosebomb.com (1) 96435 2021-08-27 13:00:38 UTC 2022-11-02 20:54:07 UTC 172.67.144.202
etoro.com (1) 7928 2017-06-07 21:14:27 UTC 2022-11-02 11:59:00 UTC 2.22.37.169
marketing.etorostatic.com (36) 82505 2015-09-24 17:03:19 UTC 2019-11-14 02:05:56 UTC 23.38.201.117
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-11-02 05:46:26 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
trc.taboola.com (1) 602 2013-07-11 10:17:31 UTC 2020-03-17 19:54:14 UTC 151.101.85.44
www.facebook.com (1) 99 2012-05-21 00:23:41 UTC 2021-06-08 06:38:51 UTC 157.240.240.35
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-02 05:33:59 UTC 34.117.237.239
ocsp.sectigo.com (3) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 104.18.32.68
js.adsrvr.org (1) 1664 2014-10-28 22:25:15 UTC 2020-02-11 15:39:45 UTC 13.227.222.181
googleads.g.doubleclick.net (2) 42 2021-02-20 15:43:32 UTC 2022-11-02 21:46:43 UTC 142.250.74.130

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-03 2 trffclb.com Sinkholed
2022-11-03 2 trffclb.com Sinkholed
2022-11-03 2 trffclb.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 51.161.115.163
Date UQ / IDS / BL URL IP
2023-02-08 19:55:47 +0000 0 - 0 - 2 t2.blowingwnd.com/e.php?p=c:0hfgb_xop9nwe9i4a (...) 51.161.115.163
2023-02-07 06:14:26 +0000 0 - 0 - 2 t3.blowingwnd.com/p.php?p=c:8pnojh5wwryg9ycmq (...) 51.161.115.163
2023-02-05 10:59:01 +0000 0 - 1 - 0 t5.lowtid.com/d.php?p=c:ub_a64rij70pog14q&d=6 (...) 51.161.115.163
2023-02-04 08:55:02 +0000 0 - 1 - 0 t3.hightid.com/s.php?p=c:s_8942pggbfij953c&d= (...) 51.161.115.163
2023-02-03 07:47:07 +0000 0 - 0 - 2 t3.blowingwnd.com/p.php?p=c:8pnojh5wwryg9ycmq (...) 51.161.115.163


Last 5 reports on ASN: OVH SAS
Date UQ / IDS / BL URL IP
2023-02-09 00:30:43 +0000 0 - 0 - 3 upload.ee/download/14128479/c3aebd7870651c6ab (...) 51.91.30.159
2023-02-09 00:09:38 +0000 6 - 0 - 3 sgp-updcenter.com/landers/clean/en/12_mcheck_ (...) 51.79.230.64
2023-02-09 00:00:19 +0000 0 - 0 - 1 forward.continuapro.com/372119/13593277/9191/ (...) 167.114.137.235
2023-02-08 23:43:55 +0000 0 - 2 - 0 unos.pp.ua/ 192.99.147.139
2023-02-08 23:42:46 +0000 0 - 2 - 0 videolucah.top/ 5.135.131.141


Last 5 reports on domain: blowingwnd.com
Date UQ / IDS / BL URL IP
2023-02-08 19:55:47 +0000 0 - 0 - 2 t2.blowingwnd.com/e.php?p=c:0hfgb_xop9nwe9i4a (...) 51.161.115.163
2023-02-07 06:14:26 +0000 0 - 0 - 2 t3.blowingwnd.com/p.php?p=c:8pnojh5wwryg9ycmq (...) 51.161.115.163
2023-02-04 16:55:03 +0000 0 - 0 - 14 t11.blowingwnd.com/l.php?p=c:9qopki6xwqp7b0yj (...) 51.83.143.92
2023-02-03 07:47:07 +0000 0 - 0 - 2 t3.blowingwnd.com/p.php?p=c:8pnojh5wwryg9ycmq (...) 51.161.115.163
2023-02-01 17:27:00 +0000 0 - 0 - 2 t3.blowingwnd.com/p.php?p=c:8pnojh5wwryg9ycmq (...) 51.161.115.163


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-15 20:11:14 +0000 0 - 1 - 1 w4x0i.bemobtrcks.com/go/db5076e0-b753-4adf-be (...) 3.70.16.242
2023-01-15 16:14:58 +0000 0 - 1 - 0 camp.purchase-shop.com/3967415d-e788-42c8-80d (...) 18.192.108.151
2023-01-14 21:58:08 +0000 0 - 1 - 2 inoradde.com/4/4326573/ 139.45.197.238
2023-01-13 22:53:19 +0000 0 - 1 - 2 inoradde.com/4/4326573/ 139.45.197.238
2023-01-12 16:00:12 +0000 0 - 1 - 0 h.youractualjournal.com/4/3735494/ 188.114.96.1

JavaScript

Executed Scripts (85)

Executed Evals (8)
#1 JavaScript::Eval (size: 2189) - SHA256: db1c51b1bc2509bed472dbb86131b420337ba080af11866adde14b7c34698118
(function() {
    if (typeof irongate == 'undefined') irongate = {};
    irongate.gr = function(callback) {
        if (typeof irongate.g != 'undefined') {
            callback()
        } else {
            if (typeof irongate.gcb == 'undefined') {
                irongate.gcb = []
            }
            irongate.gcb.push(callback)
        }
    };
    irongate.gsl = function() {
        var st = document.createElement("script");
        st.type = "text/javascript";
        st.src = "https://ww.steelhousemedia.com/gs";
        var list = document.getElementsByTagName("script");
        var last = Number(list.length) - 1;
        var scpt = document.getElementsByTagName("script")[last];
        scpt.parentNode.insertBefore(st, scpt);
        irongate.timeout = setInterval(irongate.dl, 2000)
    };
    irongate.dl = function() {
        if (typeof irongate.g != 'undefined') {
            clearInterval(irongate.timeout)
        }
        while (irongate.gcb.length > 0) {
            var callback = irongate.gcb.pop();
            callback()
        }
    };
    var request = function() {
        var st = document.createElement('script');
        st.type = 'text/javascript';
        var g = (typeof irongate.g != 'undefined' ? irongate.g() : 'null');
        var gt = (typeof irongate.gt != 'undefined' ? irongate.gt() : 'null');
        var sturl = 'px.steelhousemedia.com/st?ga_tracking_id=UA-2056847-65&ga_client_id=940653742.1667439765&shpt=Crypto%20Stocks%20%26%20Beyond!%20The%20power%20of%20social%20investing%20%7C%20eToro&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-2056847-65%22%2C%22ga_client_id%22%3A%22940653742.1667439765%22%2C%22shpt%22%3A%22Crypto%20Stocks%20%26%20Beyond!%20The%20power%20of%20social%20investing%20%7C%20eToro%22%2C%22dcm_cid%22%3A%221667439765.1%22%2C%22dcm_gid%22%3A%22922497944.1667439766%22%2C%22ao%22%3A%7B%22s_ecid%22%3A%22MCMID%7Cundefined%22%7D%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getTrackingIdByGA%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1667439765.1&dcm_gid=922497944.1667439766&dxver=4.0.0&shaid=31950&plh=https%3A%2F%2Fwww.etoro.com%2F&cb=1667439768022105&shguid=' + g + '&shgts=' + gt;
        st.src = ('https:' == document.location.protocol ? 'https://' : 'http://') + sturl;
        var list = document.getElementsByTagName('script');
        var last = Number(list.length) - 1;
        var scpt = document.getElementsByTagName('script')[last];
        scpt.parentNode.insertBefore(st, scpt)
    };
    irongate.gr(request);
    irongate.gsl()
})();
#2 JavaScript::Eval (size: 25) - SHA256: b62262aeb7ee1694f40152af828f0d72a6ac6572f9db8ffa1ab16784c7532878
(function() {
    return !0
})();
#3 JavaScript::Eval (size: 83) - SHA256: 16546b79ed36a9ca2495b23fbef53975fd6d324b4b03a379a09a22cf788ba32c
(function() {
    var b = 3;
    return function(a) {
        a.set("dimension" + b, a.get("clientId"))
    }
})();
#4 JavaScript::Eval (size: 62) - SHA256: 6477acf082d26199b6ce8346b93149b1b999233d9fe76b0340ebf43317cf98f8
typeof 1 n === "bigint" && BigInt(1) === 1 n && Number(1 n) === 1
#5 JavaScript::Eval (size: 2273) - SHA256: 2a6b1debe96eedb484674dedf7673a27fc98c5eb848f115525693fd675ef95da
�
(function() {�
    var s = '9a74f2a902374864ad4dc39b44dfc54a0621a6f521b9f46cd0bd25625a2815c86759cacfa5435169aea777c53fb2b7da9ed67d38e406fe361d7c3675e2eac994fcad1de743fbd350907a34ca09de87b618d67f67df5f5f7a7c9d66e2253d607e0272ffd3f166d9da3e17d8172a9e21bbe6906860a0c9108e087123745f1c93';�
    function setCookie(cname, cvalue, domain, exdays) {�
        var d = new Date();�
        d.setTime(d.getTime() + (60 * exdays * 24 * 60 * 1000));�
        var expires = "expires=" + d.toUTCString();�
        var cookie = cname + "=" + cvalue;�
        if (domain) {�
            cookie += ";" + "domain=" + domain;�
        }�
        cookie += ";" + expires + ";path=/";�
        document.cookie = cookie;�
    }�
    function deleteCookie(cname, domain) {�
        setCookie(cname, "", domain, 0);�
    }�
    var ta = ["navigator.webdriver", "window.callPhantom", "window.__nightmare", "window.__webdriver_script_fn", "document.$cdc_asdjflasutopfhvcZLmcfl_", "window._phantom"];�
    var re;�
    try {�
        re = [!!navigator.webdriver, !!window.callPhantom, !!window.__nightmare, !!window.__webdriver_script_fn, !!document.$cdc_asdjflasutopfhvcZLmcfl_, !!window._phantom];�
    }�
    catch (err) {��}�
    if (re && re.indexOf(true) == -1) {�
        setCookie("TMIS2", s, ".etoro.com", 14);�
    }�
    else {�
        var resultsObj = {};�
        for (var i = 0; i < ta.length; i++) {�
            resultsObj[ta[i]] = re[i];�
        }�
        var img = new Image();�
        img.src = 'https://etorologsapi.etoro.com/api/v2/monitoring?applicationIdentifier=JSCClient&LogEvents=' + encodeURIComponent(JSON.stringify([{�
            ApplicationIdentifier: 'JSCClient',
            �ApplicationVersion: '0.0.11',
            �Level: "error",
            �Message: "ClientSel",
            �Results: resultsObj,
            �Type: 'log'�
        }]));�
    }�
})();��
#6 JavaScript::Eval (size: 4) - SHA256: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
true
#7 JavaScript::Eval (size: 25) - SHA256: d72255f7e5ea4dfdf9821df800356367d0bc7df07ecd103bb660018cb1e4f400
3.141592653589793 * * -100
#8 JavaScript::Eval (size: 7) - SHA256: 53e5f34ac520035c7f124076d1e68c70a85c83cf68a339fa713b872b54126148
() => !!1

Executed Writes (0)


HTTP Transactions (195)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7F251408F64B28BEBFE96F3DB5C3DDE3D5AD5FEBBAF2964B3516C114EAA51F4D"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11716
Expires: Thu, 03 Nov 2022 04:57:56 GMT
Date: Thu, 03 Nov 2022 01:42:40 GMT
Connection: keep-alive

                                        
                                            GET /l.php?p=c:o6450ylcdnn31butk&d=624e9ea3e8e2a8163b65d246&pid=63631c7ed25a000001997fbb&s=503 HTTP/1.1 
Host: t2.blowingwnd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         51.161.115.163
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 03 Nov 2022 01:42:40 GMT
Content-Length: 0
Connection: keep-alive
Round: 1217p3t0dz
Raund: 19t
Location: https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys-503

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F62EFF2AD4D64D785A48E2761D7F2BDA9171F1E60B0E9DC525D8F589F9EF7C60"
Last-Modified: Tue, 01 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6531
Expires: Thu, 03 Nov 2022 03:31:31 GMT
Date: Thu, 03 Nov 2022 01:42:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6171
Cache-Control: max-age=120676
Date: Thu, 03 Nov 2022 01:42:40 GMT
Etag: "636238d9-1d7"
Expires: Fri, 04 Nov 2022 11:13:56 GMT
Last-Modified: Wed, 02 Nov 2022 09:31:05 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: L5K/6XePBgYkoSjhlhGfLCl1IKnSNdBXkd7bs0U+AG3eXkr78cUPVoL+dx83MJI9qGTM/icbGS4=
x-amz-request-id: HQ5YCPYJQTSYQRH4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 03 Nov 2022 01:08:58 GMT
age: 2022
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 03 Nov 2022 01:42:40 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F0F2D3B8D2EC94551F14660BDA46221D22EA3FDAE4C690A443EF3E4931C330C6"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=650
Expires: Thu, 03 Nov 2022 01:53:31 GMT
Date: Thu, 03 Nov 2022 01:42:41 GMT
Connection: keep-alive

                                        
                                            GET /f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys-503 HTTP/1.1 
Host: ron.trffclb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         51.83.143.92
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 03 Nov 2022 01:42:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: bt-603611c5b7eaf46891533240=63631c9143648b7b8c40d69e; expires=Sun, 06-Nov-2022 01:42:41 GMT; Max-Age=259200; path=/; domain=ron.trffclb.com; HttpOnly
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (537)
Size:   490
Md5:    eed6ca2e6faadd3219a810d97770cc54
Sha1:   39693a89722cad19c57487743a5c75df4b381968
Sha256: 09f5f1f377f20165379f14e10564b81961f82c3e01a2ec0984baae64f38aec13

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys-503&bv=1 HTTP/1.1 
Host: ron.trffclb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys-503
Cookie: bt-603611c5b7eaf46891533240=63631c9143648b7b8c40d69e
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

search
                                         51.83.143.92
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 03 Nov 2022 01:42:41 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: bt-603611c5b7eaf46891533240=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=ron.trffclb.com; HttpOnly
Round: 119cdtswvl
Raund: 2g2
Location: https://popcash.net/world/go/134600/317194


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5806
Cache-Control: max-age=92926
Date: Thu, 03 Nov 2022 01:42:41 GMT
Etag: "6361cde1-116"
Expires: Fri, 04 Nov 2022 03:31:27 GMT
Last-Modified: Wed, 02 Nov 2022 01:54:41 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: ron.trffclb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys-503
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         51.83.143.92
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 03 Nov 2022 01:42:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  data
Size:   20
Md5:    a4745abc5e7fdb89cc6df3069f3c6e69
Sha1:   74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /world/go/134600/317194 HTTP/1.1 
Host: popcash.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ron.trffclb.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         172.67.194.203
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
date: Thu, 03 Nov 2022 01:42:41 GMT
content-length: 162
location: http://ps.popcash.net/go/134600/317194
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kppqZjf%2BscTDa7KM96VtLtvymY1SYL7kk8Zo%2BpFYb%2BI2DpD29tIS1lklywq0rFbIMoskSrHGj0eisLdxHV%2F0Sbg9EakUQfFoulqdhiJD9qqO%2FbJn4qrK4DRexEij"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76416a2bde90b506-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /go/134600/317194 HTTP/1.1 
Host: ps.popcash.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         54.204.100.201
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Encoding: gzip
Date: Thu, 03 Nov 2022 01:42:41 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 270
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   270
Md5:    8b13274eaa546f04e18971a1f66cc922
Sha1:   274fa2f119cfb8f6ef98738ff0b6928d42348c6e
Sha256: a5938f722a894020b44f617a9e76733088f3f4b5c65ec0061a3605c1bed5561b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3546
Cache-Control: max-age=112993
Date: Thu, 03 Nov 2022 01:42:41 GMT
Etag: "63622518-1d7"
Expires: Fri, 04 Nov 2022 09:05:54 GMT
Last-Modified: Wed, 02 Nov 2022 08:06:48 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ad/ad?p=134600&w=317194&t=4a1fd2d280ffac36&r=&vw=1280&vh=0 HTTP/1.1 
Host: ps.popcash.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ps.popcash.net/go/134600/317194
Upgrade-Insecure-Requests: 1

search
                                         54.204.100.201
HTTP/1.1 303 See Other
                                        
Date: Thu, 03 Nov 2022 01:42:41 GMT
Location: http://dipaka-ead.com/zcvisitor/ce523474-5b18-11ed-b440-127a9a8e997d/7fcf9220-c93c-11e7-9820-0e06c6fba698?campaignid=06d8a3f0-48cd-11ed-a334-0a918cbcbb97#pc151445
Server: nginx
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /zcvisitor/ce523474-5b18-11ed-b440-127a9a8e997d/7fcf9220-c93c-11e7-9820-0e06c6fba698?campaignid=06d8a3f0-48cd-11ed-a334-0a918cbcbb97 HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ps.popcash.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         3.212.50.125
HTTP/1.1 302
                                        
Date: Thu, 03 Nov 2022 01:42:41 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Location: https://go.money616.xyz/s4?sub1=vitellary-lion&sub2=whiskey-ria-ss9gkru3z
Server: ymkMpLwr

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DjidRVwJPD/r1UHc63SIfg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.149.83.187
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OPTOyoL7ZMj81QJ+7X3oSgFfwsc=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "04CD7D3FDFBD3B7AE777818C1557D335EA3F1E4C035C602D7DDCA5A136B6C07F"
Last-Modified: Mon, 31 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18195
Expires: Thu, 03 Nov 2022 06:45:57 GMT
Date: Thu, 03 Nov 2022 01:42:42 GMT
Connection: keep-alive

                                        
                                            GET /s4?sub1=vitellary-lion&sub2=whiskey-ria-ss9gkru3z HTTP/1.1 
Host: go.money616.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ps.popcash.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         18.184.197.212
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
connection: close
x-content-type-options: nosniff
x-powered-by: Short.io link shortener
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
content-length: 1554
Date: Thu, 03 Nov 2022 01:42:42 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (364)
Size:   1554
Md5:    c24e15479ee13bf91a82641b36b047f5
Sha1:   da083066c51dd9db186d7a61164e08898078259d
Sha256: cd71af54b4d548e56eb40cc173b403e8185cba321fc69a891d70e15eed1a8281
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 03 Nov 2022 01:42:42 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 10:25:06 GMT
Expires: Wed, 09 Nov 2022 10:25:05 GMT
Etag: "60387b4a475000772d54c410925be1a4870b9783"
Cache-Control: max-age=549142,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76416a331ff2b512-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 03 Nov 2022 01:42:42 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 10:25:06 GMT
Expires: Wed, 09 Nov 2022 10:25:05 GMT
Etag: "60387b4a475000772d54c410925be1a4870b9783"
Cache-Control: max-age=549142,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76416a3558f1b512-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "106617C550459147E0E38E15D84305ED944CBC259B78291AD0C9FC01083C182D"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16539
Expires: Thu, 03 Nov 2022 06:18:21 GMT
Date: Thu, 03 Nov 2022 01:42:42 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "106617C550459147E0E38E15D84305ED944CBC259B78291AD0C9FC01083C182D"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16538
Expires: Thu, 03 Nov 2022 06:18:21 GMT
Date: Thu, 03 Nov 2022 01:42:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "106617C550459147E0E38E15D84305ED944CBC259B78291AD0C9FC01083C182D"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16538
Expires: Thu, 03 Nov 2022 06:18:21 GMT
Date: Thu, 03 Nov 2022 01:42:43 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F116416c7-b158-4c98-af55-3027f9bfbd6c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7044
x-amzn-requestid: 6ed2687f-f478-4206-a9b7-fc63428966bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a5sd1GcvIAMFYew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63608df1-79ada3087098484923a3b64d;Sampled=0
x-amzn-remapped-date: Tue, 01 Nov 2022 03:09:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HsnvvNU6huvFGVXW-AypNd0J5_Hwv-bQbpJ0g6JVrjUt6a_cy3vAUA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 04:23:25 GMT
age: 76758
etag: "ee2c892adba5d3e12ac8443065c38317752f3e4a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7044
Md5:    cc615bd01e1ac97fec7bf47b18f0e999
Sha1:   ee2c892adba5d3e12ac8443065c38317752f3e4a
Sha256: ca41974691496f2629f45cba9bb21b84e7dbb9cefbf7e8e3348c98b101002269
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb41c369d-2e26-4fd4-b02e-9c68040d509b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13312
x-amzn-requestid: d441a42e-5ddf-439d-a784-8e2c6927178f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a_iCZFTKoAMFV7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6362e3a8-38c27dce51585b1521bb0a45;Sampled=0
x-amzn-remapped-date: Wed, 02 Nov 2022 21:39:52 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zHKTy3bnA3jeaZ_46AdPy3qL1ot8MXq76Pg0dRnzbHgVAb2Kdip8bA==
via: 1.1 33d72803ad26b392c1b578a2b1276580.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 21:40:08 GMT
age: 14555
etag: "6e1bc636b7923030b294feeaeb96b593923bdaf9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13312
Md5:    5c3da5a5a34566686d08b68c465804f3
Sha1:   6e1bc636b7923030b294feeaeb96b593923bdaf9
Sha256: 6a77d97b723c42715fc0afaad2c7ff24dfe0868bd92c9a162ad73aefd7cc20ae
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a20b50a-8733-4b26-831f-c0a5c7afc605.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9061
x-amzn-requestid: 46da4a81-4629-485e-a1ac-6d1cf7794a1a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avzazGt0IAMFsSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c9911-0225b41020c46521683bdf7a;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 03:08:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: du60l8S7Y1FiCa1ZW-Jnk8SDNCVuvmGzlO2d5kRHWmvNOUrFhE_5yg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 08:59:45 GMT
age: 60178
etag: "9feb2d147394a8bde9df6184de4e95e2c0e2c67c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9061
Md5:    26182d39e6261f137221e7f49dc4bf57
Sha1:   9feb2d147394a8bde9df6184de4e95e2c0e2c67c
Sha256: 55979ae48a023c4dce97ab1ac085ae797a650f82ef5a8cac0ac57e43f0fabb63
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z6Lnru_eeTvRGdsz-q37-HGFgFfIT6fLSFcJBvT3oPjAPilszTWkDw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 11:00:57 GMT
age: 52906
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10462
Md5:    4e2853cc6ec6223160471401e6871f4b
Sha1:   f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
Sha256: bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8dd5c36-0f84-4c71-b515-880ebaa20d52.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7972
x-amzn-requestid: fa64bad3-9070-43c8-83d1-803fb3696318
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a8cx_GSlIAMFZqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6361a80c-5806a37c15d428d96366abfa;Sampled=0
x-amzn-remapped-date: Tue, 01 Nov 2022 23:13:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dW1wdxKzL1WvezmHwKiqEoPPoEQVoq9oYTKoLMq9sd2nPED6afF63w==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 04:29:40 GMT
age: 76383
etag: "eafb1bafaa2feb2b188aeb1bc8caac505337d258"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7972
Md5:    ff4da3d2c66d6f155fea05b88127873d
Sha1:   eafb1bafaa2feb2b188aeb1bc8caac505337d258
Sha256: 82e62da33562177403fcab7a552a5f5f64c91ab4cee25dd1cd979dedfe066cde
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F915461ca-9b07-49f7-ad2b-5c86773b4292.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6652
x-amzn-requestid: c911092c-70d7-41ee-8fa2-ce9387c320ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a2ZK9FOZoAMFjVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635f3bdf-18f40a4a4c74b38b5dbe87a0;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 03:07:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: lAzsnRovNNjufGLK7JbjExab1Uh_QlQEq0NpQHOa5oK3GqFk1AZYaw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 06:39:13 GMT
age: 68610
etag: "dfe01edc335a0894b67b26999e810c64f9cca524"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6652
Md5:    29dda99e5910f2c33ce87e5c794c5dc2
Sha1:   dfe01edc335a0894b67b26999e810c64f9cca524
Sha256: 9569302edc6518ac09794f5ccfbcf4bf2d231fec23652a1a8f7893c70c517f0f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5122
Cache-Control: max-age=89382
Date: Thu, 03 Nov 2022 01:42:43 GMT
Etag: "6361c2b7-116"
Expires: Fri, 04 Nov 2022 02:32:25 GMT
Last-Modified: Wed, 02 Nov 2022 01:07:03 GMT
Server: ECS (amb/6BBE)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5122
Cache-Control: max-age=89382
Date: Thu, 03 Nov 2022 01:42:43 GMT
Etag: "6361c2b7-116"
Expires: Fri, 04 Nov 2022 02:32:25 GMT
Last-Modified: Wed, 02 Nov 2022 01:07:03 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /gogate/etoro/31/index.html?action=166743976210000TNOTV415326358024Vbc HTTP/1.1 
Host: goosebomb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         172.67.144.202
HTTP/2 200 OK
content-type: text/html
                                        
date: Thu, 03 Nov 2022 01:42:43 GMT
x-guploader-uploadid: ADPycduhZ5LfvR5FAgGRJiu_U0TiyOwn1O1k_nhATi7EbyE3i_Jixk_isU_JVTxImfCkjWajekYtW0UhiM7eQBEJy9Ecb_-UQ-Bv
expires: Thu, 03 Nov 2022 02:42:43 GMT
cache-control: public, max-age=3600
last-modified: Tue, 09 Mar 2021 12:58:00 GMT
x-goog-generation: 1615294680223358
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1290
x-goog-meta-goog-reserved-file-mtime: 1614945425
content-language: en
x-goog-hash: crc32c=XVFUmg==, md5=RiW9HhJTA+38GSh9LrzYDg==
x-goog-storage-class: STANDARD
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XV%2FNFkTeVkRUyuEdquQhvv6X515Vu4Gnqgtia7Zsyj9DFw0b9xa%2BiPNMdrR%2Bchy5QZ0jVepblP7Vq1Qv5VBWxPt80aNAw3E1j9iner3D4fsJc%2Fg2ryidx%2BQP61r1f1Pf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76416a379e851c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   1112
Md5:    d81584c84fe6754737963fcfe089767b
Sha1:   0414b0aa0cb764a45ee799615a8a16a37830bf73
Sha256: 4fa6af6ec486a171df12d70e72d9286a65056c6c0b4abeb68028f4cf5e2f3b50
                                        
                                            GET /gtag/js?id=G-E9QBCJNBNS HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 03 Nov 2022 01:42:43 GMT
expires: Thu, 03 Nov 2022 01:42:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75964
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18991)
Size:   75964
Md5:    33ae7f0d7fa6ea2c43229b0e48f900b8
Sha1:   d67a4eb0bae6d79854e26696091fbed1f7bf173f
Sha256: 515a65051f4f9c059442b6a4461e2b3c3df5e7cb0f0b5075650e34a82eeb07e1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 03 Nov 2022 01:42:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /B12616_A89099_TSlick_S166743976210000TNOTV415326358024Vbc.aspx HTTP/1.1 
Host: med.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         96.6.17.100
HTTP/1.1 301 Moved Permanently
                                        
Server: AkamaiGHost
Content-Length: 0
Location: https://etoro.com/
Date: Thu, 03 Nov 2022 01:42:43 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         2.22.37.169
HTTP/1.1 301 Moved Permanently
                                        
Server: AkamaiGHost
Content-Length: 0
Location: https://www.etoro.com/
Date: Thu, 03 Nov 2022 01:42:43 GMT
Connection: keep-alive

                                        
                                            GET /consent/f72d065d-437e-4ee9-87c6-475882c9f118/OtAutoBlock.js HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.149.64
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Thu, 03 Nov 2022 01:42:43 GMT
content-length: 2072
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: uerbbQW5uv5BmqmfaAl98g==
last-modified: Tue, 14 Dec 2021 12:34:46 GMT
etag: 0x8D9BEFE1D111A88
x-ms-request-id: f237f594-901e-0118-62e7-f0b326000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 13711
expires: Thu, 03 Nov 2022 05:42:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76416a3bfb48b500-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2829)
Size:   2072
Md5:    b9eadb6d05b9bafe419aa99f68097df2
Sha1:   d850dc819264475c6d1cbe6e8419a1016a659db2
Sha256: a4592788dd762df3672b970f81802bf8325dfca74ed394118867bc4946983f61
                                        
                                            GET /jump/next.php?r=6399926&sub1=vitellary-lion&sub2=whiskey-ria-ss9gkru3z HTTP/1.1 
Host: adspredictiv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.money616.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         35.190.38.40
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: openresty
date: Thu, 03 Nov 2022 01:42:42 GMT
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (21747)
Size:   9925
Md5:    61504f2004811a760fd23ce494b2e601
Sha1:   20ea5e9a7c37248efb0ae1af24184fc4ee2be1ba
Sha256: c07cc6000056597df9bd619b500949c93fbe748c2e7b89bffb959be3246c3b0d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 03 Nov 2022 01:42:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cache1/hp/v_250/images/instruments/t3-3.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: ynBcBZLuM0g8KM2F3SRl5wWRChG7u8muIqcCU58ccgoEdfV0x23Je45/tjxzNW1Pv46uF30VAQQ=
x-amz-request-id: BJSN68QDJ2WRDK40
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:26 GMT
etag: "b7322c639dcf276550e310727cf76893"
x-amz-meta-sha256: 6123cab143cf8d85ef530972afd495cac11d35c417b90d8ec05724db5bd4bd3c
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: r9skgKWaP8RVY9nRMto5PlKboL4BQb73
accept-ranges: bytes
server: AmazonS3
content-length: 11012
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:43 GMT
date: Thu, 03 Nov 2022 01:42:43 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 322 x 432, 8-bit colormap, non-interlaced\012- data
Size:   11012
Md5:    b7322c639dcf276550e310727cf76893
Sha1:   136b5f1a82788708f04b74a30fcefdadaff00e43
Sha256: 6123cab143cf8d85ef530972afd495cac11d35c417b90d8ec05724db5bd4bd3c
                                        
                                            GET /cache1/assets/css/onetrust.css HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: text/css
                                        
x-amz-id-2: 7vqiIPn64ptqVNwIM1fvJGjbv11IUdsOT6JKR8Cyxsr81DT/4uax9s7iGzI7fTeV0SwX20GmqJE=
x-amz-request-id: Z3V5BX28EG5962WS
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Jun 2022 12:30:17 GMT
etag: "66e8b2c112ebb5bb9b4fc326d3d5f87b"
x-amz-meta-sha256: 55c8a3b763077bf16466a3a9af5b7e5b2baba7d345cd90b50403058a633bda48
x-amz-meta-s3b-last-modified: 20220616T122823Z
x-amz-version-id: Qcu9.b5PJ70a2SNFK2gJjtsbcFrk1Lur
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:43 GMT
date: Thu, 03 Nov 2022 01:42:43 GMT
content-length: 2655
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (885)
Size:   2655
Md5:    b3f403de6d79b34f32dba5e4effaabc2
Sha1:   7b436b6060e88daf19f12bd27cbe2533d25a2343
Sha256: 3ec0cde05873dde93c16f4b4f3b7ca7e236ba4e82ab595ee8f13b959f5b2813a
                                        
                                            GET /cache1/hp/v_250/images/instruments/t3-4.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: CQyOioDgEwsXle/cn0DSfXbIj4PtX6wwvvY03kgw+sPBr5gMr79OxJ6rVKvDrcsLStc69BjQXWU=
x-amz-request-id: BJSNRPZPM3RB1Y56
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:26 GMT
etag: "43f62ee21492814c91e306a57be05ee7"
x-amz-meta-sha256: 55dc7c105ed71ed3781f433e6dd1943311e87e7d7330f9f11f10f0e502c170aa
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: ZJ9bAs_aawgIHhTc3zcLSZS.lxwDFu4K
accept-ranges: bytes
server: AmazonS3
content-length: 42876
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:43 GMT
date: Thu, 03 Nov 2022 01:42:43 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 660 x 684, 8-bit colormap, non-interlaced\012- data
Size:   42876
Md5:    43f62ee21492814c91e306a57be05ee7
Sha1:   77e0ddcffc72c83f9c6690f521a4594d0eacdf7a
Sha256: 55dc7c105ed71ed3781f433e6dd1943311e87e7d7330f9f11f10f0e502c170aa
                                        
                                            GET /cache1/hp/v_250/images/instruments/t1bg.jpg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-amz-id-2: YFTNty5SIcdhKq450TYHwf7SRkH10wCrNu6VxS0n04wBpLStduNxmbhS13gnNaIasJR4Ietz9UY=
x-amz-request-id: BJSVX197ACP9V7RR
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:24 GMT
etag: "2b8c66295f644aad1bbd97bffcf8f910"
x-amz-meta-sha256: 923d9c95a2e280eafb71ef8bae9001ce3bc574272986250090409b8e10b78472
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: rXQsdf5tcUphlZZ7QaAie.wlAbWxbLl7
accept-ranges: bytes
server: AmazonS3
content-length: 72188
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:43 GMT
date: Thu, 03 Nov 2022 01:42:43 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1934x1230, components 3\012- data
Size:   72188
Md5:    2b8c66295f644aad1bbd97bffcf8f910
Sha1:   f34b342b50c43263d6c130286958086addefd3d6
Sha256: 923d9c95a2e280eafb71ef8bae9001ce3bc574272986250090409b8e10b78472
                                        
                                            GET /cache1/hp/v_250/images/instruments/t1-3.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: 92R24GLatFUU0eh05veMnGqcA2KrIVfsdBz9zWssCytuT0e3Lb7tPc2v9A+iyx7fTZjRCEWnHVc=
x-amz-request-id: BJSJMDWMK7ZCK773
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:23 GMT
etag: "f61c9d2ed729320b71af181ff331cb79"
x-amz-meta-sha256: 11cf27e9710e187df6c25c3ed4ce130f8d35d9126dbacd711f68b0d2b7996763
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: YkW8_gVG77z0IkOnT2pWi2camXx3AgiY
accept-ranges: bytes
server: AmazonS3
content-length: 31786
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:43 GMT
date: Thu, 03 Nov 2022 01:42:43 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 450 x 392, 8-bit colormap, non-interlaced\012- data
Size:   31786
Md5:    f61c9d2ed729320b71af181ff331cb79
Sha1:   182f5c37accdde48b36e7803de6251cc92319b86
Sha256: 11cf27e9710e187df6c25c3ed4ce130f8d35d9126dbacd711f68b0d2b7996763
                                        
                                            GET /cache1/hp/v_250/images/hp-2022/cover-desktop-half.jpg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-amz-id-2: zqCA8I7VwQ4OM57SeL41enO3ZjqGkwlCS7cjlH8/RylZXzy3zQnrVtSi0iaVUFdNRZjfpzfdllE=
x-amz-request-id: XSS69QHT5BYHDT0P
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 16:16:38 GMT
etag: "b05c8e47e71ba8a0fe73a0da54f010ef"
x-amz-meta-sha256: 2c763340f1c0aa9c8bbd9b138ea1a054282b17e1fd2831efed5bbd74c09438d7
x-amz-meta-s3b-last-modified: 20220920T161111Z
x-amz-version-id: VChvjEsOHCDhESR_vRlWIZZI9qChCEb_
accept-ranges: bytes
server: AmazonS3
content-length: 94463
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:43 GMT
date: Thu, 03 Nov 2022 01:42:43 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x2160, components 3\012- data
Size:   94463
Md5:    b05c8e47e71ba8a0fe73a0da54f010ef
Sha1:   f26455efe60bcf1e74e693574e482b0a952e3de9
Sha256: 2c763340f1c0aa9c8bbd9b138ea1a054282b17e1fd2831efed5bbd74c09438d7
                                        
                                            GET /cache1/hp/v_250/images/instruments/t2-1.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: K4TQrvgv6tHAKlL+ySccGF7oIFbHIm62RTqZ2kB54E9ph5Z0n4O9Fr37Li7vBlcPNEqBlNn15Zg=
x-amz-request-id: BJSS8ZSZ4K6J87Q8
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:24 GMT
etag: "5a95a095169c27431449bf549b99993d"
x-amz-meta-sha256: 681caf8f93ff1be67796803a478cd4cb5df61fc228bd7388056599430d44a708
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: 6s15Jbvt_YhVTfS.Qm19BI1gvokKxcHz
accept-ranges: bytes
server: AmazonS3
content-length: 11234
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:43 GMT
date: Thu, 03 Nov 2022 01:42:43 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 744 x 504, 8-bit colormap, non-interlaced\012- data
Size:   11234
Md5:    5a95a095169c27431449bf549b99993d
Sha1:   91a11cffc857dcaa2b38fa901423b227870ac1e4
Sha256: 681caf8f93ff1be67796803a478cd4cb5df61fc228bd7388056599430d44a708
                                        
                                            GET /cache1/hp/v_250/images/instruments/t2-2.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: ky3vrANJhtTj+F60HsRTmFy7QMNFEWRYKVWaE2DyXeaBTBmkZn6svQRqLkPAK6t0vCsNwJQ9vwY=
x-amz-request-id: BJSN4THC2967ZG2T
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:24 GMT
etag: "beb13238cf465f668c413a022f5633c8"
x-amz-meta-sha256: 88e45ef77d50a2091ec00708b669d6d306bf4dc8ea78984a2a9bc14318abe6db
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: 42HIJXJNQSkchYiJUGINB9CQEa72HNtD
accept-ranges: bytes
server: AmazonS3
content-length: 21388
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:43 GMT
date: Thu, 03 Nov 2022 01:42:43 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 668 x 938, 8-bit colormap, non-interlaced\012- data
Size:   21388
Md5:    beb13238cf465f668c413a022f5633c8
Sha1:   31760dac17b8e58942c79708a4616c3a1df4b233
Sha256: 88e45ef77d50a2091ec00708b669d6d306bf4dc8ea78984a2a9bc14318abe6db
                                        
                                            GET /script/i.php?stamat=m%257C%252C%252CQhNqtiKuoGU3B0-GH0dEdHP3xP.645%252C1xiXI3Ajt2k-yEg2q0Uf9X-7ofbYCn32qzmv7RvlKxp1LGw0Pwl1oKmCbU7F3INm_u5yydwBS76L7qLOVhFru7WBPQxzBt1hVoh56zwPPFyPLJ3X-MpJCWqQeHesvfcOC78uFGRPLhR5z-iil4J-QSp-PjXXD-SNsxrqILrNdUJbFdZCUfNxXSuN5g27pSoz-Z3Byjhz5w_SESTCJyUby0rN0_oiKLLfkb246M-fNrX2QJm7h6jGqcT2vmb3zSCfAbsc3GQn5cqDMez69lgi51UheR_occ10yWO9GQ1D2WcdmjRGkeMMh_ou9pdmqjlOEGwG78H3FawIXbM5KqmWHKTFPaVs8an0stKpCHyeD4SBuryPuhAU8QZNP78Gb_styrlippmJgKnMMhWLoY2xZjsZYQM5Pgt9_fox-gvX5r-uewzmt4X8Lw-2P45HPrZQZIi5S1QZr75rDiJezroiMPU859AB69JCDHP7gnG0X7oO-lgpRwF6xPnpNtE3rAC1x1AzMpFcdK4m6stu8KjepEjUNjj5CKf9sZWvQ_vb3APxdDXMTMpPhYCBgGOwIruAaijZsFe8TUj40mi5efaZqs9HYBsRwRrUa8FCOuFNMl0%252C HTTP/1.1 
Host: adspredictiv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         35.190.38.40
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
server: openresty
date: Thu, 03 Nov 2022 01:42:43 GMT
access-control-allow-origin: *
referrer-policy: no-referrer
location: https://goosebomb.com/gogate/etoro/31/index.html?action=166743976210000TNOTV415326358024Vbc
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 136 x 132, 8-bit colormap, non-interlaced\012- data
Size:   1473
Md5:    6bedb1b3afc69447f7ea0c00993b53a8
Sha1:   1281f1fd5df23a9a19bd8573619007d04f6047ac
Sha256: 55900142e5def76acbb70acdb21d824b8b06f6d90a9a52fee556a5c3d3e1dab4
                                        
                                            GET /cache1/hp/v_250/images/instruments/t3-2.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: vYYw4/nX6J0XwQyBd7Bxo8ppBa11euWIhuDvwJG3+nyQlemDKpJ4ol5vRCRWMd3J1rhCuy9Zzfk=
x-amz-request-id: BJSG6VSZV3NPRZZ5
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:25 GMT
etag: "dad8f4f5e1f7c6afaa7a1d02bbad4aae"
x-amz-meta-sha256: 82d364f0c185402cc8da9b63d834ba5056a6e814d452879c1df6cd9cfbf8d2b5
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: .ea0J.LF3Tey.FSpyPfEDCWl6aYThAFP
accept-ranges: bytes
server: AmazonS3
content-length: 21261
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:43 GMT
date: Thu, 03 Nov 2022 01:42:43 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 436 x 390, 8-bit colormap, non-interlaced\012- data
Size:   21261
Md5:    dad8f4f5e1f7c6afaa7a1d02bbad4aae
Sha1:   7c47738ec815ba441c70d30967035c1a2c3a34ff
Sha256: 82d364f0c185402cc8da9b63d834ba5056a6e814d452879c1df6cd9cfbf8d2b5
                                        
                                            GET /cache1/hp/v_250/images/instruments/t2bg.jpg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-amz-id-2: CzOhkgu5Y0R6HoaBI3spOEsIC0ULFFWfQP/StDzqj7O8zeKrbqTF2gmrAiXeQrLylU+M0/ANeRM=
x-amz-request-id: BJSZ59B0WDG7GH0E
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:25 GMT
etag: "19c57357b906758af6469a6b2a2c8846"
x-amz-meta-sha256: 358be7efee5b5551b4c5a7d977226283bfc40d89b01417e354aa1bfc098da8a2
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: RNRY.bWk105UAkjO4Db33xjz7lHZilcf
accept-ranges: bytes
server: AmazonS3
content-length: 66908
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:43 GMT
date: Thu, 03 Nov 2022 01:42:43 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1933x1230, components 3\012- data
Size:   66908
Md5:    19c57357b906758af6469a6b2a2c8846
Sha1:   e360a5922a6d44ca6066ff5dff01ef2440fd7368
Sha256: 358be7efee5b5551b4c5a7d977226283bfc40d89b01417e354aa1bfc098da8a2
                                        
                                            GET /cache1/hp/v_250/images/instruments/t3bg.jpg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-amz-id-2: XyBWTcKB6ZnhqlKK/cUvo3Mkusx8tebxk8v4iJZ1SngSydT4rYfmHqKA1NPou6jsVLdVHFTSpuc=
x-amz-request-id: BJSW4ZMF254PA5ET
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:26 GMT
etag: "6d94c8cb40dfa33fccc8b4800f2c7e0e"
x-amz-meta-sha256: a0bb83d719f2fdf76bae2c031b6a10875676bf1d0c47dae43c8182b7b8f95eda
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: pyA8G.VrAE4shNTZPyu3hFkUKsSZGk39
accept-ranges: bytes
server: AmazonS3
content-length: 59017
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:43 GMT
date: Thu, 03 Nov 2022 01:42:43 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1933x1230, components 3\012- data
Size:   59017
Md5:    6d94c8cb40dfa33fccc8b4800f2c7e0e
Sha1:   745c0d98d4cde90d8717feadfa120e0cc20dab1f
Sha256: a0bb83d719f2fdf76bae2c031b6a10875676bf1d0c47dae43c8182b7b8f95eda
                                        
                                            GET /cache1/hp/v_250/images/instruments/t1-2.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: CLncvM4L18ZkiKjHvjGrOYpGKksF2UJqMLsRtr7/JixW0QqS6mNX7SWENSlm9Aj8le9WdCqQ7XM=
x-amz-request-id: BJSTAV1CC0CZR8SW
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:23 GMT
etag: "a0edff04cdbe03fe84f35b2368beedd9"
x-amz-meta-sha256: 51a46214b92336ada7340f10305a167388d3421a6cd322090db15d5703dfa7d7
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: gsLHL9_akY3qvzziYmuZ43tVdbQ8cOch
accept-ranges: bytes
server: AmazonS3
content-length: 115422
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:43 GMT
date: Thu, 03 Nov 2022 01:42:43 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 588 x 638, 8-bit colormap, non-interlaced\012- data
Size:   115422
Md5:    a0edff04cdbe03fe84f35b2368beedd9
Sha1:   6231c9d9265502517533892d8a0f42d5790c0310
Sha256: 51a46214b92336ada7340f10305a167388d3421a6cd322090db15d5703dfa7d7
                                        
                                            GET /consent/f72d065d-437e-4ee9-87c6-475882c9f118/f72d065d-437e-4ee9-87c6-475882c9f118.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.149.64
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Thu, 03 Nov 2022 01:42:43 GMT
content-length: 1490
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: ZDmDXaPoXLaResBrLasrNw==
last-modified: Tue, 14 Dec 2021 12:34:46 GMT
etag: 0x8D9BEFE1D14004E
x-ms-request-id: 16122373-c01e-0026-35e7-f04352000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 13549
expires: Thu, 03 Nov 2022 05:42:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76416a3c9ba2b500-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (4265), with no line terminators
Size:   1490
Md5:    6439835da3e85cb6917ac06b2dab2b37
Sha1:   b65ad002a7c48559e9124256295c1c688e8f3084
Sha256: bd2d9654f22da1c44528cfd8a925b24a3b015d80bee375849d1e8800a8970c21
                                        
                                            GET /others/logger/logger.js HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: rFRtyRRvy8awZWbEw8KKBuYcsMr0FOn3VrHsw7WXTDWRDWcW8NmTXAtMX967njSth5isxYRudTE=
x-amz-request-id: 114803B553D57FD9
x-amz-replication-status: COMPLETED
last-modified: Wed, 15 Jan 2020 16:04:01 GMT
etag: "3a046ce8f3379b2e5a5fa5ee3ed02808"
x-amz-meta-s3b-last-modified: 20200115T160219Z
x-amz-version-id: RlsNx2j0zjqTyHD11R2PocORgBI_87x2
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Thu, 03 Nov 2022 01:47:43 GMT
date: Thu, 03 Nov 2022 01:42:43 GMT
content-length: 2285
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5055), with no line terminators
Size:   2285
Md5:    f620bec033fe844135374191b331937d
Sha1:   ef75dd9e7bddaaa53d9171c7b6869f5d72553f51
Sha256: c61b3f992c23497120340e96694c29b94ca8b2576820677e0432031b636eee87
                                        
                                            GET /optimize.js?id=GTM-55ZB4XN HTTP/1.1 
Host: www.googleoptimize.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.78
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 03 Nov 2022 01:42:43 GMT
expires: Thu, 03 Nov 2022 01:42:43 GMT
cache-control: private, max-age=900
last-modified: Thu, 03 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42909
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1343)
Size:   42909
Md5:    0e533996fcaba6ac174727a6e8e586bb
Sha1:   09bd81251154c02e44157f64eb883f919a909c02
Sha256: d8adcee38adfb3deea99e628daf88922be1f5d47ee0ec8ec202dec870ccdab56
                                        
                                            GET /t/1.css?apiType=css&projectid=1be8a670-63f2-11ec-84cb-06c8b378e9d2 HTTP/1.1 
Host: cdn.fonts.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.224.78
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 03 Nov 2022 01:42:43 GMT
content-length: 0
x-amz-id-2: 0YZ0H80/30MgBTG2ijPKvwK2o4c7bg1oKeBH6NC/Vct0AWcwyu8ktTQ8I/j+udXxbuBe4+WEVrY=
x-amz-request-id: K2GEEGSX18GPYAHC
last-modified: Thu, 20 Oct 2022 08:49:27 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=300
cf-cache-status: HIT
age: 579160
expires: Thu, 03 Nov 2022 01:47:43 GMT
accept-ranges: bytes
set-cookie: __cf_bm=Tokvvv8E59TPBJZ8Q7pzV7u_ai3LrXZXtd0EIwep.OY-1667439763-0-Ae+yLsUNrgUnR69Xm3pvDBZyzX+S/mYqABZyGPti6GTHZzrqGaMt9495eW93tXzUYM+xatEdz6z+1/BwSDsXhIs=; path=/; expires=Thu, 03-Nov-22 02:12:43 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 76416a3cc8f70b41-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /cache1/fonts/madera2/Madera-Regular.woff2 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/font-woff2
                                        
x-amz-id-2: giTQxaaku6b/my15IZ7MGbnS0j3R+Drz9aYHcOnTWdLimAm+vlONGNcGBk1VXAhvbuCj0dmjAZs=
x-amz-request-id: RB02W0BVGXZQ1Q0C
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Feb 2022 18:32:32 GMT
etag: "4a61fe67108ddbb01a2ceaf3687ba30e"
x-amz-meta-sha256: 2be6e9d5643e9857ffdb9f65021173c77f920dac2e106ee31b2f38608d5ac661
x-amz-meta-s3b-last-modified: 20220203T192734Z
x-amz-version-id: rdjZTCyTVtTzW48kSfmVzYhmpJIbNpae
accept-ranges: bytes
server: AmazonS3
content-length: 31960
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:43 GMT
date: Thu, 03 Nov 2022 01:42:43 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 31960, version 1.0\012- data
Size:   31960
Md5:    4a61fe67108ddbb01a2ceaf3687ba30e
Sha1:   3a60eb0e91c3f79e58c93ac63f040f07c5c4e058
Sha256: 2be6e9d5643e9857ffdb9f65021173c77f920dac2e106ee31b2f38608d5ac661
                                        
                                            GET /cache1/hp/v_250/images/flags-hd2022.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: TBVqRoB02EDyfVmR0znW/MNspedH9bXBBIhZ5E5yqJ3jEmjjuff+OOrTSAXRCNf4skiXRHJz8GQ=
x-amz-request-id: Y4J7D71XBE8X7XME
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 15:06:18 GMT
etag: "69d14115558936d84e16ec7efd2f4f45"
x-amz-meta-sha256: 68de9a9df604b303ce3c1c4fd7f977ecd4eeea196253f88d01d605a262c72a26
x-amz-meta-s3b-last-modified: 20220920T144902Z
x-amz-version-id: otKQpwD91003SDrhrFJwP7u7k7kYEK4v
accept-ranges: bytes
server: AmazonS3
content-length: 16703
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:44 GMT
date: Thu, 03 Nov 2022 01:42:44 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 830 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size:   16703
Md5:    69d14115558936d84e16ec7efd2f4f45
Sha1:   a6268986699c86e577ca5589a0fcf2880661f7ea
Sha256: 68de9a9df604b303ce3c1c4fd7f977ecd4eeea196253f88d01d605a262c72a26
                                        
                                            GET /cache1/fonts/tusker/TuskerGrotesk-3500Medium.woff2 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/font-woff2
                                        
x-amz-id-2: TnE1OvfRhb4wemqIMdAklRBV9anTek/CjSVpczlM56PMWdd3Awm6/s25i8C/yNMd3Kztf88tMvY=
x-amz-request-id: 0RKDVHM0FMVA32ZS
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Sun, 06 Feb 2022 22:24:49 GMT
etag: "1f385d1ea2e1c06cda506bafc17a4a94"
x-amz-meta-sha256: e71acf0321143c30f016a710cfb525b48b2ba940ac7d83660614082eb06880ca
x-amz-meta-s3b-last-modified: 20220206T231742Z
x-amz-version-id: U.WW5Nm_KS0r7k_Vxl0S9.MycmUEi2Pu
accept-ranges: bytes
server: AmazonS3
content-length: 11992
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:44 GMT
date: Thu, 03 Nov 2022 01:42:44 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 11992, version 1.0\012- data
Size:   11992
Md5:    1f385d1ea2e1c06cda506bafc17a4a94
Sha1:   0dc0ebf0502018976383091908379054b5a3cfed
Sha256: e71acf0321143c30f016a710cfb525b48b2ba940ac7d83660614082eb06880ca
                                        
                                            GET /cache1/fonts/tusker/TuskerGrotesk-4700Bold.woff2 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/font-woff2
                                        
x-amz-id-2: xDtdJzSi21sF7CpiuxjIbrQdQrHfCf0qZSuIYVXllN38HVN7OiOcLrLEIAOZRHPfr0UXkqds/bQ=
x-amz-request-id: 0RKEXE4EJ8774W83
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Sun, 06 Feb 2022 22:24:52 GMT
etag: "ee570da55652b90a2222880a1ece7323"
x-amz-meta-sha256: 26c2ac92dcf7740f3239e5c1dc01c2e90bf468aacaea52438db80c031af94962
x-amz-meta-s3b-last-modified: 20220206T231740Z
x-amz-version-id: _nNBWNk.b.aBJaK32Y.ScZnJcz4Is6Dl
accept-ranges: bytes
server: AmazonS3
content-length: 12028
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:44 GMT
date: Thu, 03 Nov 2022 01:42:44 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12028, version 1.0\012- data
Size:   12028
Md5:    ee570da55652b90a2222880a1ece7323
Sha1:   d9a81b65239041b42c6aed22f5809797f0574c1e
Sha256: 26c2ac92dcf7740f3239e5c1dc01c2e90bf468aacaea52438db80c031af94962
                                        
                                            GET /cache1/fonts/madera2/Madera-Light.woff2 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/font-woff2
                                        
x-amz-id-2: TVzcGMyrSRRAiX3OtO+JaeCIIWTuUd+EwTnEzNsZ7AgFflv7+H3xjLd4Nk7ctVtZpx+Ie+enpiQ=
x-amz-request-id: EXZTJQVA4Y4CV0JC
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Feb 2022 18:32:26 GMT
etag: "e20f6e1c0681c07f69d37c428c0684d3"
x-amz-meta-sha256: c2dfcbd62bd88bad9f09d80b0d1b2de5bf8276e6586a5431839c7ce9393fd4f7
x-amz-meta-s3b-last-modified: 20220203T192738Z
x-amz-version-id: TUjDnqX6S_vwWlvloC3aK3KdDGBYmBw_
accept-ranges: bytes
server: AmazonS3
content-length: 31636
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:44 GMT
date: Thu, 03 Nov 2022 01:42:44 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 31636, version 1.0\012- data
Size:   31636
Md5:    e20f6e1c0681c07f69d37c428c0684d3
Sha1:   4aa36ecd12f2e7d3592807a0a3879914252faeb5
Sha256: c2dfcbd62bd88bad9f09d80b0d1b2de5bf8276e6586a5431839c7ce9393fd4f7
                                        
                                            GET /cache1/fonts/madera2/Madera-Medium.woff2 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/font-woff2
                                        
x-amz-id-2: d6poWwwwj9abPq/ES4oNvQTY1I4y2hMv1EdVnTf07kpNv7a2N1tn1ySx9pMV8KWPcG6wwi1unZI=
x-amz-request-id: K8KWP566ERFJBVE1
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Feb 2022 18:32:29 GMT
etag: "9d7f82d9510b57b2d00f328d87ef3869"
x-amz-meta-sha256: c464ce47b2b31c08077e73656eb309e07cecd335cbc93c87efe552e281de0815
x-amz-meta-s3b-last-modified: 20220203T192736Z
x-amz-version-id: VMc3owpvYk5nHUjZ.xX4Wq.u2RPawBMa
accept-ranges: bytes
server: AmazonS3
content-length: 31844
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:44 GMT
date: Thu, 03 Nov 2022 01:42:44 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 31844, version 1.0\012- data
Size:   31844
Md5:    9d7f82d9510b57b2d00f328d87ef3869
Sha1:   2a031c8ae51e62d8dc30fa0bb47f57a3695224c1
Sha256: c464ce47b2b31c08077e73656eb309e07cecd335cbc93c87efe552e281de0815
                                        
                                            GET /cache1/fonts/madera2/Madera-Bold.woff2 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/font-woff2
                                        
x-amz-id-2: WQ8beP0j6j+XiswbzEpXZzamytHc5Av0QHRr7qawf362iuN3koZ3ealTS4jkLvOGZ6OcInkYl0Y=
x-amz-request-id: RB02FFVVAVWJVG5D
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Feb 2022 18:32:24 GMT
etag: "db85a0ddc6f6973df4bc98a1b2ed9d65"
x-amz-meta-sha256: 26902b4d0a3ba49a4a9b3aa0c8f9c185270ee162252f78cec00c831c9f5b05f8
x-amz-meta-s3b-last-modified: 20220203T192740Z
x-amz-version-id: zGguxQ5kSDF0NdIOnvToUoLZcOnV9szR
accept-ranges: bytes
server: AmazonS3
content-length: 31920
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:44 GMT
date: Thu, 03 Nov 2022 01:42:44 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 31920, version 1.0\012- data
Size:   31920
Md5:    db85a0ddc6f6973df4bc98a1b2ed9d65
Sha1:   c6bba41edc8501b76aed9bff58597edef1c2502f
Sha256: 26902b4d0a3ba49a4a9b3aa0c8f9c185270ee162252f78cec00c831c9f5b05f8
                                        
                                            GET /cache1/hp/v_250/js/waypoints.min.js HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: 9lFezzLGhy5accCsGYcyDyckewdqZE6Df8H6ytpCQuSWrMcKQiCNX7H2YhvOccJk0UxxBNsnPHo=
x-amz-request-id: 5E8B8NFW9H2EH0EG
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:43:00 GMT
etag: "1b79decba8cf0c886b7be539cfdbaa16"
x-amz-meta-sha256: 291c0fb451ed0410d515b7c4f0eeb429cae40f52a560a67aed3de8d7210e75a3
x-amz-meta-s3b-last-modified: 20200803T094544Z
x-amz-version-id: OAj0wpBsOOe0r5kxCMrusioy2xpCNFTE
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:44 GMT
date: Thu, 03 Nov 2022 01:42:44 GMT
content-length: 2635
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8887), with no line terminators
Size:   2635
Md5:    1d2137aea2d4a9fca68a7b135e2cb9f3
Sha1:   e97ca29d385352fc286f1711bbdc45584161a316
Sha256: ea701f82ca58f8a09ebd7d00a58deb97c1c2a09ecdd3a5486e91dab13f98113e
                                        
                                            GET /cache1/hp/v_250/js/jquery-3.5.1.min.js HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: e54UiWLmzXf08GlFZQOwNLmjw248K84CkHRaduvC3FXRYfpbzInEkKvkHjrXjI1R6iLGr6Oq0hk=
x-amz-request-id: 5E8854E5AX589C4N
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:57 GMT
etag: "dc5e7f18c8d36ac1d3d4753a87c98d0a"
x-amz-meta-sha256: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
x-amz-meta-s3b-last-modified: 20210919T132249Z
x-amz-version-id: 4aWmwoVEWdk_DjJ9o9.1cbellEQnGA4x
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:44 GMT
date: Thu, 03 Nov 2022 01:42:44 GMT
content-length: 30950
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30950
Md5:    e96fc85ce0a9070920b87b1072dd9e1d
Sha1:   afd9871c95caf6a26ae56e8c661789d00c510162
Sha256: 43e3ac1190912814c4b67ca3512c14745d1b41ce4740d3df73ead62561ca31dd
                                        
                                            GET /cache1/hp/v_250/js/slick.min.js HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: JlrnGLJ6W/UxGhdYSC8CH8xghXbLPjPNChhyxW9KZUfoGKU71X7LjptjjFXM/+ltoatY8umxNmk=
x-amz-request-id: 5E85XVS4GHHW1N8V
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:43:00 GMT
etag: "823f2a98db35550b1d2a78f530b1c633"
x-amz-meta-sha256: 0cf4b4cdcf20a06c8cfb25a84b84e0c7e81f51cd78de9b6231a1b54ed0e0935b
x-amz-meta-s3b-last-modified: 20200803T094544Z
x-amz-version-id: YetQublaGzZokQiJoN6572gELuBFGXNz
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:44 GMT
date: Thu, 03 Nov 2022 01:42:44 GMT
content-length: 9568
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32034), with CRLF line terminators
Size:   9568
Md5:    17232e2fe3e81d95e6f1cb7c4d5b9e57
Sha1:   510e1569ab0187ef5712a7630d673536e8c519ac
Sha256: 4bd093df7a16ca8f4d58c12a14859fdc0ef3f8ffb58c9b82126031787f2f5132
                                        
                                            POST /g/collect?v=2&tid=G-E9QBCJNBNS&gtm=2oeav0&_p=1047255493&cid=993084063.1667439763&ul=en-us&sr=1280x1024&_s=1&sid=1667439763&sct=1&seg=0&dl=https%3A%2F%2Fgoosebomb.com%2Fgogate%2Fetoro%2F31%2Findex.html%3Faction%3D166743976210000TNOTV415326358024Vbc&dt=loading...&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: null
date: Thu, 03 Nov 2022 01:42:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 421
Cache-Control: max-age=136500
Date: Thu, 03 Nov 2022 01:42:44 GMT
Etag: "63628d23-2d7"
Expires: Fri, 04 Nov 2022 15:37:44 GMT
Last-Modified: Wed, 02 Nov 2022 15:30:43 GMT
Server: ECS (amb/6BBE)
X-Cache: HIT
Content-Length: 727


--- Additional Info ---
Magic:  data
Size:   15652
Md5:    45a41737ff0108ad84e81403a2872d7a
Sha1:   8c8d9bf504e46dfe2bee42e479736273bfc6d32d
Sha256: cd2b59f94b408dcce2c6b3e1ff0e1d22128cb0ad37c3568fe6bdd5cde7921bf5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 03 Nov 2022 01:42:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cache1/hp/v_250/images/favicon/apple-touch-icon.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: zS7BtNRDYQQ8zMJHkYU73f6dvQrBR4/jG9pLiV2+ECAWJIWOshj7kabGoiH6CH3KtwiY7bnoVT4=
x-amz-request-id: 85NM0JGJ52A3JDYD
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:41:47 GMT
etag: "8d34d8eb122958024d6319988331e68a"
x-amz-meta-sha256: f14f9af8a7d4a1acaea97621a6d43cc34f1c430b318be76f58898d98efd9ab90
x-amz-meta-s3b-last-modified: 20200803T094544Z
x-amz-version-id: Q2EbxWG5EYMEKf0iJz44VFOyVRrx2PXV
accept-ranges: bytes
server: AmazonS3
content-length: 4959
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:44 GMT
date: Thu, 03 Nov 2022 01:42:44 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Size:   4959
Md5:    8d34d8eb122958024d6319988331e68a
Sha1:   e79ac403f17e240360be6f5540b8e7dd4a5bb9a6
Sha256: f14f9af8a7d4a1acaea97621a6d43cc34f1c430b318be76f58898d98efd9ab90
                                        
                                            GET /cache1/hp/v_250/images/favicon/favicon-16x16.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: q9Fv8gRd6+b337XtoTpjf0lXha/xDl8MDnEInDhNQHkRs5JLXmey+zDMgkhZFANHULI0QMT1Yxk=
x-amz-request-id: 85NZMGGA0Z9XBNVH
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:41:48 GMT
etag: "6f73b13c53883dda26ced7b25bdf69ef"
x-amz-meta-sha256: 4470f15d8d0268f1cf44bfc45a544baa38a6aa114dab9ad02b76b48034d156b9
x-amz-meta-s3b-last-modified: 20200803T094544Z
x-amz-version-id: 8hLOOpLCaCPyjH8.y7Cb39Asiw_Qt5uv
accept-ranges: bytes
server: AmazonS3
content-length: 1020
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:44 GMT
date: Thu, 03 Nov 2022 01:42:44 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size:   1020
Md5:    6f73b13c53883dda26ced7b25bdf69ef
Sha1:   a4743cd740ba05c518cc754a3ab2715f6a23d762
Sha256: 4470f15d8d0268f1cf44bfc45a544baa38a6aa114dab9ad02b76b48034d156b9
                                        
                                            GET /cache1/hp/v_250/css/style-newhp.min.css?v=1666787325 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: text/css
                                        
x-amz-id-2: RfoPvqKXzaq3HI+vj6CoefVvf/rn2n4Ybn6GKCGCDpFtSSsEb3ieUmiGkL2VP8WWZnbBJe+joTo=
x-amz-request-id: YFFS03YFYAZHRAFH
x-amz-replication-status: COMPLETED
last-modified: Wed, 21 Sep 2022 11:22:06 GMT
etag: "eb05627089f6248f125b58845182861e"
x-amz-meta-sha256: a9f2f6aa1eda10879c3d4149f011cb5529f07bb4ab43c09bd61e5d81c88b0012
x-amz-meta-s3b-last-modified: 20220920T204059Z
x-amz-version-id: BS1lBzQzv2GL0QuRJy7fh_FPT1FP8XXD
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:44 GMT
date: Thu, 03 Nov 2022 01:42:44 GMT
content-length: 8214
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (58067)
Size:   8214
Md5:    f953d5c71910c6ac52b43b461396312a
Sha1:   4f05910e43fe46b681cda2c81af778b5cd2d28b2
Sha256: 26a8ffd9765eda92a46eee6f2fd622e562ff124b394101c0118118ecca68c09c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6176
Cache-Control: max-age=126081
Date: Thu, 03 Nov 2022 01:42:44 GMT
Etag: "63624df6-118"
Expires: Fri, 04 Nov 2022 12:44:05 GMT
Last-Modified: Wed, 02 Nov 2022 11:01:10 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /c/hotjar-1871831.js?sv=6 HTTP/1.1 
Host: static.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         52.222.139.53
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Thu, 03 Nov 2022 01:42:44 GMT
cache-control: max-age=60
etag: W/357b85607a12995b0b089bfea41f2467
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dd133741afef09b02f3e6afd7cb39f40.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: d6uZn6fPtsMSKpIWgRR4loVA_lWQ8xbGzws4RNm_DWwyyiAyuF0LGA==
age: 1
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (11525)
Size:   9017
Md5:    812867babcbb6e978db2f4bd3d8ac373
Sha1:   7f2261fdfc2d1cc5fafb0d8c68d30b8f0c385741
Sha256: 26ac3a2c7cdb6054d75b5008ecc076aea6372c2b51c7972f890a30a2eb1fb24f
                                        
                                            GET /cache1/hp/v_250/images/hp-2022/reliability-icon.svg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marketing.etorostatic.com/cache1/hp/v_250/css/style-newhp.min.css?v=1666787325
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/svg+xml
                                        
x-amz-id-2: LzbecIzhwvBoQ7BWygJldYYYM6We6Ivc0s9yeELNTux/bvYN3Yt+4RBXo+6y+IJIMyE0XHUm5Ew=
x-amz-request-id: P36RY7P00A1N12Z3
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:15 GMT
etag: "0a6e20a299b321b57e48a9c83871cc0c"
x-amz-meta-sha256: f63e3109498dbf1f9ff656b0b151cf3a9ae0c22cb74369a32f1cd726dde79a19
x-amz-meta-s3b-last-modified: 20220312T200400Z
x-amz-version-id: YLr9yDu4y6poTawQ7WP7MojiYbCk.0rk
accept-ranges: bytes
server: AmazonS3
content-length: 2891
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:44 GMT
date: Thu, 03 Nov 2022 01:42:44 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (450)
Size:   2891
Md5:    0a6e20a299b321b57e48a9c83871cc0c
Sha1:   b3474e03f92a55d42c5ee4032fb1f7b38bd5fd80
Sha256: f63e3109498dbf1f9ff656b0b151cf3a9ae0c22cb74369a32f1cd726dde79a19
                                        
                                            GET /cache1/hp/v_250/images/hp-2022/reputation-icon.svg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marketing.etorostatic.com/cache1/hp/v_250/css/style-newhp.min.css?v=1666787325
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/svg+xml
                                        
x-amz-id-2: Ihx3lBRD+qT3COxacNhADs25840cosw7qQjWNARp2NEbhy2sQGGC6bcDQn8R8zkCgoXq9Qg6fjs=
x-amz-request-id: P36HSNCC0CCGYRB4
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:16 GMT
etag: "7dc0a2667b5de60ff9a96c6ebcca9a7b"
x-amz-meta-sha256: fcd6bf6244f1c8d6344c40b4222142f6fe020a3c8539c97c0db2b3bb18c7e92f
x-amz-meta-s3b-last-modified: 20220312T200400Z
x-amz-version-id: sr2qY5Yx1bOPXsrLw8D.ycZfr6bVRigS
accept-ranges: bytes
server: AmazonS3
content-length: 3894
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:44 GMT
date: Thu, 03 Nov 2022 01:42:44 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (774)
Size:   3894
Md5:    7dc0a2667b5de60ff9a96c6ebcca9a7b
Sha1:   cf77125f3a15d8e1ef12bd5ffaabfb020b439c4b
Sha256: fcd6bf6244f1c8d6344c40b4222142f6fe020a3c8539c97c0db2b3bb18c7e92f
                                        
                                            GET /cache1/hp/v_250/images/hp-2022/globe-icon.svg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marketing.etorostatic.com/cache1/hp/v_250/css/style-newhp.min.css?v=1666787325
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/svg+xml
                                        
x-amz-id-2: zEZql33RdFD015QzhOK47P8wzFLSFm/IcV6Blksieco1+krqTMPmOXsvpWNCUzjqRe5kvLJGWuU=
x-amz-request-id: P36N4Q9BMY5E42PD
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:11 GMT
etag: "d8016306372e33ba7354032b4de316ac"
x-amz-meta-sha256: 3c0a8e3833fe2d4d7d1223b97cd931988d4069eb89071d4d55b3a1434a02d571
x-amz-meta-s3b-last-modified: 20220312T200400Z
x-amz-version-id: qXWG2jxf6eO4.Ee8JU9epi0qWNdNYdex
accept-ranges: bytes
server: AmazonS3
content-length: 3405
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:44 GMT
date: Thu, 03 Nov 2022 01:42:44 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (575)
Size:   3405
Md5:    d8016306372e33ba7354032b4de316ac
Sha1:   7caeb070e9f95ab00ca267ad95c37530d3be361e
Sha256: 3c0a8e3833fe2d4d7d1223b97cd931988d4069eb89071d4d55b3a1434a02d571
                                        
                                            GET /cache1/fonts/socials/socials.ttf?qtqow1 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/x-font-ttf
                                        
x-amz-id-2: VqG8Xoz+PNUpc5ek0EHqjuCErGzCqKx3w2Mb/U3IRKb02qkQEhEC1dsBPpa357J3lamLhU00/dI=
x-amz-request-id: ABP0NYTQMK8XRN5V
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Jan 2022 19:09:35 GMT
etag: "379e2da7fbcf7192af131dab8664fa44"
x-amz-meta-sha256: 8c31b82294313eacadc653a0eeac4cc2c911b75c8f3792453823e72c3c73b3f2
x-amz-meta-s3b-last-modified: 20220111T153358Z
x-amz-version-id: 64DCSoh81dgHS5BU7pf3T55ups5kO3ge
accept-ranges: bytes
server: AmazonS3
content-length: 2232
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:44 GMT
date: Thu, 03 Nov 2022 01:42:44 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, socials \012- data
Size:   2232
Md5:    379e2da7fbcf7192af131dab8664fa44
Sha1:   191a7c64f76a91ab3ac7418ef12e16155ffe916b
Sha256: 8c31b82294313eacadc653a0eeac4cc2c911b75c8f3792453823e72c3c73b3f2
                                        
                                            GET /cache1/fonts/socials/socials.woff?qtqow1 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/octet-stream
                                        
x-amz-id-2: SbuN5uTeAbiLvwg0l6RWT5GcWDZBpW5c/cufnxT2YwGTrQ28ARdF3bRVi+0p5zOx3aqQYMQ0XQ8=
x-amz-request-id: P9HV07KX2C62PBM9
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Jan 2022 19:09:35 GMT
etag: "b63c50623057857a66071527d3d19e34"
x-amz-meta-sha256: 1e0140569fe23bdc3e016d72430447b3ce26f9edc0ab13d468c0b0588f9cffcc
x-amz-meta-s3b-last-modified: 20220111T153358Z
x-amz-version-id: k7ckggrGpXnM_OQiM5sA8.VZMQT0daDq
accept-ranges: bytes
server: AmazonS3
content-length: 2308
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:44 GMT
date: Thu, 03 Nov 2022 01:42:44 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 2308, version 1.0\012- data
Size:   2308
Md5:    b63c50623057857a66071527d3d19e34
Sha1:   60a97e3734cf76a48f1605076590257bfd370f5e
Sha256: 1e0140569fe23bdc3e016d72430447b3ce26f9edc0ab13d468c0b0588f9cffcc
                                        
                                            GET /cache1/hp/v_250/videos/cover-desktop-half.mp4 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=2588672-
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
x-amz-id-2: k0S3PTtQ6A7+7DCDF0jarhfLPTSbwVz1bTqEGKIUxZtmifOjl4sOuF9FVlox4Ojv2OaWaUfjwJU=
x-amz-request-id: VAB4HZ7XE1BNTWVP
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 16:16:56 GMT
etag: "53205974fecdfed20a25d53ffbfd6bef"
x-amz-meta-sha256: 086a1f99f93c021b8bd1aa13042c342054e3da9302fc41c00c55b31f7c7058ae
x-amz-meta-s3b-last-modified: 20220920T155830Z
x-amz-version-id: 5gD_fe1tCLrWjg18GcLMs5qAtl1xDeyt
accept-ranges: bytes
server: AmazonS3
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:44 GMT
date: Thu, 03 Nov 2022 01:42:44 GMT
content-range: bytes 2588672-2625182/2625183
content-length: 36511
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   36511
Md5:    d2ac9aa4d77b9430c5ad19d0c1546076
Sha1:   8bae7ca2e0ad65ac49cc0de9c6c5887c59f4db60
Sha256: 7483a4524ee20681692af93c354ace8d5c67137e8403f36f826049850da89b0a
                                        
                                            GET /cache1/hp/v_250/videos/cover-desktop-half.mp4 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=1081344-
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
x-amz-id-2: k0S3PTtQ6A7+7DCDF0jarhfLPTSbwVz1bTqEGKIUxZtmifOjl4sOuF9FVlox4Ojv2OaWaUfjwJU=
x-amz-request-id: VAB4HZ7XE1BNTWVP
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 16:16:56 GMT
etag: "53205974fecdfed20a25d53ffbfd6bef"
x-amz-meta-sha256: 086a1f99f93c021b8bd1aa13042c342054e3da9302fc41c00c55b31f7c7058ae
x-amz-meta-s3b-last-modified: 20220920T155830Z
x-amz-version-id: 5gD_fe1tCLrWjg18GcLMs5qAtl1xDeyt
accept-ranges: bytes
server: AmazonS3
cache-control: max-age=31536000
expires: Fri, 03 Nov 2023 01:42:44 GMT
date: Thu, 03 Nov 2022 01:42:44 GMT
content-range: bytes 1081344-2625182/2625183
content-length: 1543839
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1543839
Md5:    d0ba53357c4f5b4b9eae1c6525e903b2
Sha1:   f694aa31d8edd311ea848464213e810e9539783f
Sha256: 91d239b01228e9a83668643872aecff33a9e95f6c182e07d86a0639accb3f7bd
                                        
                                            POST /api/v2/monitoring?applicationIdentifier=marketingSites HTTP/1.1 
Host: etorologsapi.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 387
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         20.54.24.199
HTTP/2 200 OK
                                        
date: Thu, 03 Nov 2022 01:42:44 GMT
content-length: 0
server: Kestrel
cache-control: private, max-age=0, must-revalidate=true, noCache=true, noStore=true
vary: Origin
access-control-allow-origin: https://www.etoro.com
request-context: appId=cid-v1:9ca8c352-5fcb-4c17-b640-90373f23089b
X-Firefox-Spdy: h2

                                        
                                            GET /scripttemplates/6.27.0/otBannerSdk.js HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.149.64
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 03 Nov 2022 01:42:44 GMT
content-length: 78056
content-encoding: gzip
content-md5: 8eaHtBigP1U3b42ruIgxsQ==
last-modified: Mon, 29 Nov 2021 20:31:00 GMT
etag: 0x8D9B37727F240FD
x-ms-request-id: 7f82bfc5-f01e-0048-0667-33ea7b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 14030
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76416a405d64b500-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65455)
Size:   78056
Md5:    f1e687b418a03f55376f8dabb88831b1
Sha1:   59e7de3f39b2bd1d3cff8b1286f317d913a03fac
Sha256: a8f0ed59befb0dc3da4e194382166d61584fc77442140cdbe734a761ca07ded2
                                        
                                            GET /box-0feefa1930c964ac6aa4db4e99e8f25f.html HTTP/1.1 
Host: vars.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         13.227.219.76
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1035
date: Wed, 02 Nov 2022 16:01:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "7860f2201e5523a8914b582db81455db"
last-modified: Wed, 02 Nov 2022 16:00:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: hMur4sDck5-M5v2diUOxaSkzKKGwsw2GeEuSz5h-5rJmX2IgY9U4Qw==
age: 34898
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size:   1035
Md5:    7860f2201e5523a8914b582db81455db
Sha1:   91f1e5e06e953b9d35a106d2bb6a6739a2cd1479
Sha256: bf41dd20ba00ece42aa39b78fa602b8f7e4f0059e5ff6820057f19cc835573de
                                        
                                            GET /consent/f72d065d-437e-4ee9-87c6-475882c9f118/f3b2c177-d411-4b76-a21a-21650b13ebf4/en.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.149.64
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Thu, 03 Nov 2022 01:42:44 GMT
content-length: 14384
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: e00Dic0738NrYVoLBg7tPA==
last-modified: Tue, 14 Dec 2021 12:34:59 GMT
etag: 0x8D9BEFE24E4B72A
x-ms-request-id: 42befd17-e01e-00f6-6ee7-f0fff0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 13398
expires: Thu, 03 Nov 2022 05:42:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76416a40cd8eb500-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
Size:   14384
Md5:    7b4d0389cd3bdfc36b615a0b060eed3c
Sha1:   a13bee7f9604f7dc3b55ddbbad915fd605ab9a4b
Sha256: bd7cccf2a2ad2ff6c00b8fd8238da52e11e19f36d1e30447f7c4561576788a57
                                        
                                            GET /apps/app/dist/js/app.js HTTP/1.1 
Host: acsbapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         138.128.247.123
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: max-age=432000 public
expires: Fri, 04 Nov 2022 01:42:44 GMT
last-modified: Tue, 01 Nov 2022 18:06:07 GMT
etag: "6aab4-6361600f-af3ebb833015feec;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 142347
date: Thu, 03 Nov 2022 01:42:44 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (61000), with no line terminators
Size:   142347
Md5:    09e8b17fe8fb4fd2f6bd3e814adeb976
Sha1:   05f09e2001c9bfc7bd0ada6831b4edaeb1fc2f08
Sha256: fd0952431ab51c8c8a234b8df7917f7b0bba2a67c06e9fa27697ce7b476fb571
                                        
                                            GET /modules.681bd93469b1fa9acc61.js HTTP/1.1 
Host: script.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         13.227.219.71
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 66240
date: Wed, 02 Nov 2022 16:01:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "424c144768844c7a72bd7eec43025c4c"
last-modified: Wed, 02 Nov 2022 16:00:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: me-yIu-nqqRKMSSLqfS9Ac-ZnWhqW88xMneNDfnMG54gpLzfeZ0V4A==
age: 34897
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (48714)
Size:   66240
Md5:    424c144768844c7a72bd7eec43025c4c
Sha1:   d21fbc3e73119cbf6641d5520aba5b2338fca99b
Sha256: 0bcbd8fdf7ef2d3d1c2e8ad811494987b434a4356efd1ece6fa2be84e7ce0ec6
                                        
                                            GET /cache/app/etoro.com/config.json HTTP/1.1 
Host: cdn.acsbapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.238.215.8
HTTP/2 200 OK
content-type: application/json
                                        
cache-control: max-age=432000 public
expires: Fri, 04 Nov 2022 01:42:44 GMT
last-modified: Thu, 03 Nov 2022 01:42:11 GMT
etag: "9e-63631c73-b93a9b29ba86ba1a;;;"
accept-ranges: bytes
content-length: 158
date: Thu, 03 Nov 2022 01:42:44 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   158
Md5:    9f5877ec519a95badbdf8e757b9f4ccf
Sha1:   6b263af9f6033675094b95bf383701d859ba044f
Sha256: ea62b666bdee6306a22510336a41dd436ada3679fcba2b3502fdc4c68a910480
                                        
                                            GET /scripttemplates/6.27.0/assets/otFlat.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.149.64
HTTP/2 200 OK
content-type: application/json
                                        
date: Thu, 03 Nov 2022 01:42:45 GMT
content-length: 2950
content-encoding: gzip
content-md5: VSHBUrwe+huqkxKbuHF+GQ==
last-modified: Mon, 29 Nov 2021 20:30:50 GMT
etag: 0x8D9B3772216FA2F
x-ms-request-id: 247cd6ec-501e-004e-2dec-ec1d03000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 13413
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76416a440f51b500-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (10843)
Size:   2950
Md5:    5521c152bc1efa1baa93129bb8717e19
Sha1:   d89a1ebb0aa8417a5d0f27e172935bf743d8e42e
Sha256: 10e8c409d6b57eb0e5a7fa941b14b2a59b1437e37a16bb51f08adc3f65e807ba
                                        
                                            GET /scripttemplates/6.27.0/assets/v2/otPcCenter.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.149.64
HTTP/2 200 OK
content-type: application/json
                                        
date: Thu, 03 Nov 2022 01:42:45 GMT
content-length: 11602
content-encoding: gzip
content-md5: ceOHHWNBgrF8GxXKPVj35A==
last-modified: Mon, 29 Nov 2021 20:30:52 GMT
etag: 0x8D9B377239B4147
x-ms-request-id: a3c3cc4e-901e-00f9-2cec-ec1206000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 13413
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76416a440f52b500-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (37703)
Size:   11602
Md5:    71e3871d634182b17c1b15ca3d58f7e4
Sha1:   4063bf0afb25a8c96bdd33f6d24ca832067c7806
Sha256: c20f40887a2fdad6ea7070063acf1150881e18405c91338338e88be4195583b5
                                        
                                            GET /gtm.js?id=GTM-N7SQ5DP HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 03 Nov 2022 01:42:45 GMT
expires: Thu, 03 Nov 2022 01:42:45 GMT
cache-control: private, max-age=900
last-modified: Thu, 03 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 103552
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35498)
Size:   103552
Md5:    c00eb52e5983399007398beccbb30874
Sha1:   281b3c3c7f2e49b0f8e40103afd7cbc7e23569e7
Sha256: e33f2fbf54ca632ab5e0100a676c12e0e11abc00d0f457c4dd731fb04fb7c98d
                                        
                                            GET /cache/app/en.build.json HTTP/1.1 
Host: cdn.acsbapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.238.215.8
HTTP/2 200 OK
content-type: application/json
                                        
cache-control: max-age=432000 public
expires: Fri, 04 Nov 2022 01:42:45 GMT
last-modified: Tue, 01 Nov 2022 18:07:03 GMT
etag: "3b8a8-63616047-73b8cca57a4dfaaa;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 25896
date: Thu, 03 Nov 2022 01:42:45 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (65461), with no line terminators
Size:   25896
Md5:    13e3192ec8661075f563348727c205ab
Sha1:   75b80b84765af0ccf8cddf9b1483e7a90d514566
Sha256: 304c1959410b4ae2b9d554465e7f5da59aad27de1265bf640ac7c9de981e068c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         52.222.137.119
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=133612
Date: Thu, 03 Nov 2022 01:42:45 GMT
Etag: "63627dce-1d7"
Expires: Fri, 04 Nov 2022 14:49:37 GMT
Last-Modified: Wed, 02 Nov 2022 14:25:18 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 5345148f0ba8ae3c67b69d035acdbfc4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: nYinTblGn-LrHMkyD_kKBZjdIyOJCbUAZSzgz6SaXa0g-JAcq6llDQ==
Age: 1459

                                        
                                            GET /others/general/js/seo.js HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: IbCrnl2jHtt3ARkbdDtJdY1t/iT+eA6L1pkPIeISKQrHurrfYzN0CE54ZOlbBo/E9qrm76WQ/M0=
x-amz-request-id: 69QVGW75ZMC6VK3N
x-amz-replication-status: COMPLETED
last-modified: Tue, 10 Jan 2017 14:31:16 GMT
etag: "bb01557076c5f1cc6976325a60a0be7c"
x-amz-meta-s3b-last-modified: 20170110T142820Z
x-amz-version-id: SSqunX8tv_w4z_1vK9cbzCWNqGZTmd8y
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Thu, 03 Nov 2022 01:47:45 GMT
date: Thu, 03 Nov 2022 01:42:45 GMT
content-length: 2209
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (366), with CRLF line terminators
Size:   2209
Md5:    f22c155ea9a463fee325cc2f52cb2c5b
Sha1:   67913d0b1cdaa875752a36f5c22fc21884cd6b22
Sha256: 115d84510217e73948fabbc05aa6041071564a86dee31d7abb282d764ff4f7a7
                                        
                                            GET /up_loader.1.1.0.js HTTP/1.1 
Host: js.adsrvr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         13.227.222.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Wed, 02 Nov 2022 03:35:22 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 23776effa8a63b2e2dccd702e73b0c86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: l1j2P4CeSY5HbTlgB9SsSM_A1O2zk1LfvlT68GXD9DWSgVS8zBwWkg==
Age: 79644


--- Additional Info ---
Magic:  ASCII text, with very long lines (4593), with no line terminators
Size:   1887
Md5:    8dc722d27824e60548fd25752623cd07
Sha1:   33d66ad1a4a162e2d6c9ed732d6c9af79635fc4d
Sha256: 14ce9119fe06fb2d363ba3c824e9f5b3f212f1f39dfab38c836fa13a20daec1b
                                        
                                            GET /scevent.min.js HTTP/1.1 
Host: sc-static.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.192.87.248
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
content-length: 11952
server: CloudFront
date: Thu, 03 Nov 2022 01:42:45 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Fri, 04 Nov 2022 00:50:39 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 fc8f1559bec15e56ec52376ce42c7d90.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: aP787qdgDN2lLtTk9oSIOGV-xW_m93EAv4SdkqcDJdyALExxPnTpWA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27626), with no line terminators
Size:   11952
Md5:    1f0c68af0b1a3417320edf3397a92da8
Sha1:   da2b9d033dcfed8547c5ab2322cee4c833e36a65
Sha256: 066a2fe40523eeadd90df81e815fbe7420d5c2e8b851a81b80e408925c0ce1da
                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5260
Cache-Control: max-age=130523
Date: Thu, 03 Nov 2022 01:42:45 GMT
Etag: "636262e4-1d7"
Expires: Fri, 04 Nov 2022 13:58:08 GMT
Last-Modified: Wed, 02 Nov 2022 12:30:28 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 03 Nov 2022 01:42:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /activityi;src=9944765;type=visit0;cat=pagev0;match_id=undefined;u1=undefined;u8=undefined;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=undefinedundefined HTTP/1.1 
Host: 9944765.fls.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.70
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 01:42:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 398
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 03-Nov-2022 01:57:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (562), with no line terminators
Size:   398
Md5:    5a9998dc3732f15d817b24017d169287
Sha1:   825636fb778c372628fbf3f119c26cd8002631db
Sha256: d5c63dc0ce384f7306f7e3fc43f893fd13e2a71fcfebdc6af26a039e976dc810
                                        
                                            GET /apps/app/dist/media/logomono.svg HTTP/1.1 
Host: web1.acsbapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         138.128.247.123
HTTP/2 200 OK
content-type: image/svg+xml
                                        
cache-control: max-age=432000 public
expires: Fri, 03 Nov 2023 01:42:45 GMT
last-modified: Mon, 26 Sep 2022 21:02:04 GMT
etag: "1034-6332134c-7705bf7dfc5e498d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1210
date: Thu, 03 Nov 2022 01:42:45 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size:   1210
Md5:    5a1c5c803738f6acbab0a79379c92c10
Sha1:   9f4639325d9e8e69ccc2bfc30d0f83d7dd11cd79
Sha256: 04009697f389893748179c149cad7b1e399d23a2284637350fe07ad94ffa5350
                                        
                                            GET /adalyser.js?cid=etoro HTTP/1.1 
Host: c0.adalyser.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.220.223.247
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 03 Nov 2022 01:42:45 GMT
content-length: 12183
x-powered-by: Express
access-control-allow-headers: origin, content-type, accept
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="ADMa OUR IND DSP NON COR"
etag: "60b9cf4ef4ac6dab5294025f3c443ba3cca92451"
cache-control: public, max-age=21600
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (31834)
Size:   12183
Md5:    5301983312500f1fa818e866832a8ede
Sha1:   96c054b07049abe3b764dbcf0f8189055de98e78
Sha256: 24f6c7d7b8467781e61deda43741ad359abebb7efd8b41add68e4bb359cc0867
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         52.222.137.119
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=172042
Date: Thu, 03 Nov 2022 01:42:45 GMT
Etag: "6363141a-1d7"
Expires: Sat, 05 Nov 2022 01:30:07 GMT
Last-Modified: Thu, 03 Nov 2022 01:06:34 GMT
Server: ECS (dcb/7EEC)
X-Cache: Miss from cloudfront
Via: 1.1 5345148f0ba8ae3c67b69d035acdbfc4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: BqwowUYpqPEMylz-H2x2znNJJVaSd7SiAMdNvshM3cyxdh9wmGNAKg==
Age: 1413

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 03 Nov 2022 01:42:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /i/3c2d8da22b7aa416fab4696fbd547cc9.js HTTP/1.1 
Host: zero.pointlessplay.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         52.222.139.93
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
content-length: 29659
content-encoding: gzip
server: Caddy
cache-control: max-age=43200
date: Wed, 02 Nov 2022 19:23:52 GMT
expires: Thu, 03 Nov 2022 07:23:52 GMT
etag: "13cd9-8R36yXcfV1rrMSad8JN5R8CsNW0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dd133741afef09b02f3e6afd7cb39f40.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: dftaNg95UosA45mML6WsRdgV_khtWEYe-rrDJ8N5_jdtqoeN-WzJSA==
age: 22733
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size:   29659
Md5:    1654f0dd5a5d17ae2084d8bdf5c43a1c
Sha1:   10b05154ca19428f11c643258a13b145dc8d074c
Sha256: c7c97139f185f0e4b70d1d77780fd0b913ccc1c90f108dcf8af69c137c5ab0e0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4496
Cache-Control: max-age=105676
Date: Thu, 03 Nov 2022 01:42:45 GMT
Etag: "636204d2-1d7"
Expires: Fri, 04 Nov 2022 07:04:01 GMT
Last-Modified: Wed, 02 Nov 2022 05:49:06 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4496
Cache-Control: max-age=105676
Date: Thu, 03 Nov 2022 01:42:45 GMT
Etag: "636204d2-1d7"
Expires: Fri, 04 Nov 2022 07:04:01 GMT
Last-Modified: Wed, 02 Nov 2022 05:49:06 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /tracking/track/v3/p?stm=1667439765279&e=lce1&url=https%3A%2F%2Fwww.etoro.com%2F&cid=etoro&p=%7B%22et%22%3A1667439765277%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Direct%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%22direct%22%2C%22me%22%3A%22none%22%2C%22ca%22%3A%22direct%22%2C%22co%22%3A%22(not%20set)%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A%221%22%2C%22sid%22%3A%22765aa740-bf56-40ab-9b0a-2f2f7cec96fe%22%2C%22duid%22%3A%22da2994f7-a1a5-4a8c-9700-a87786965b7c%22%2C%22cw%22%3A1667439765277%7D&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&domain=www.etoro.com HTTP/1.1 
Host: c0.adalyser.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.220.223.247
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 03 Nov 2022 01:42:45 GMT
content-length: 43
x-powered-by: Express
access-control-allow-headers: origin, content-type, accept
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="ADMa OUR IND DSP NON COR"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
etag: W/"2b-B//0C13UlayirE4cP7xgqg"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    07fff40b5dd495aca2ac4e1c3fbc60aa
Sha1:   e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
Sha256: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 03 Nov 2022 01:42:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cm/i?pid=2b300842-74be-4e72-8ed5-3bab9449a996&u_scsid=88ed6596-d2bd-45f5-8cd9-aa3d47f850f0&u_sclid=aa7f8daa-77f3-4a81-a733-6c1bf8d41a27 HTTP/1.1 
Host: tr.snapchat.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         35.190.43.134
HTTP/2 200 OK
content-type: text/html
                                        
date: Thu, 03 Nov 2022 01:42:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /ddm/fls/i/src=9944765;type=visit0;cat=pagev0;match_id=undefined;u1=undefined;u8=undefined;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=undefinedundefined;~oref=https://www.etoro.com/ HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9944765.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.2
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 01:42:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 399
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (561), with no line terminators
Size:   399
Md5:    aafbe00c9237405a89209c023ecf0e9f
Sha1:   73cedd4fd162051ba33aa05103826a641e11b888
Sha256: 5c63f827ce3f4a9601091587fd7b5a85afdf1443a0b93fd06c4e8a226bc6b90c
                                        
                                            POST /p HTTP/1.1 
Host: tr.snapchat.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 456
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         35.190.43.134
HTTP/2 200 OK
content-type: text/html
                                        
date: Thu, 03 Nov 2022 01:42:45 GMT
access-control-allow-origin: https://www.etoro.com
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIMOKAc9ThFRxvy8nn5BFGldjbKaGWgot9M1AjtXsAbjMdq/UDZTMYcDIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 5
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   68
Md5:    c4a2b870062c2bb98c500bc1526c0498
Sha1:   528666ccdb12997358077bc8fcdbfb6b825c7788
Sha256: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4496
Cache-Control: max-age=105676
Date: Thu, 03 Nov 2022 01:42:45 GMT
Etag: "636204d2-1d7"
Expires: Fri, 04 Nov 2022 07:04:01 GMT
Last-Modified: Wed, 02 Nov 2022 05:49:06 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 03 Nov 2022 01:42:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /api/v2/client/sites/1871831/visit-data?sv=6 HTTP/1.1 
Host: in.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 145
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.246.28.68
HTTP/2 200 OK
content-type: application/json
                                        
date: Thu, 03 Nov 2022 01:42:45 GMT
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   567
Md5:    d79e7bbf599815baac868c6aea3f1754
Sha1:   715c09efc25695723c7bc8187dda3344059a75a6
Sha256: c8e9973ce310fcb7d1c10be12b89b247b7f482af1bf0528f0f25b8dc997f027c
                                        
                                            GET /ddm/fls/i/src=9944765;type=visit0;cat=pagev0;match_id=undefined;u1=undefined;u8=undefined;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=undefinedundefined;~oref=https://www.etoro.com/ HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.130
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 01:42:45 GMT
expires: Thu, 03 Nov 2022 01:42:45 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size:   177
Md5:    9393b28661a65a763699c108887882eb
Sha1:   c237ba6491e6fb9ca57da33dd9d048ca8e86cfda
Sha256: 2bdce28c6fb3cb210861d4aba734ab7aedfc979a8fa273512a61d8cf8afc78b0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 03 Nov 2022 01:42:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /nr-spa-1216.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 03 Nov 2022 01:42:46 GMT
via: 1.1 varnish
x-served-by: cache-bma1650-BMA
x-cache: HIT
x-cache-hits: 1025
x-timer: S1667439766.025900,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32010)
Size:   18216
Md5:    6561a2403142205f966207d61576f1a6
Sha1:   1310e72f494e12ab63a4280fc1600a2c89dc9bb8
Sha256: 0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
                                        
                                            GET /scripttemplates/6.27.0/assets/otCommonStyles.css HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.149.64
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 03 Nov 2022 01:42:45 GMT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
last-modified: Mon, 29 Nov 2021 20:31:07 GMT
x-ms-request-id: 45454291-e01e-00fd-65ec-ece784000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 13413
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76416a440f53b500-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11123)
Size:   24185
Md5:    907e358697f1e526fb5af3b1fb84f8bc
Sha1:   cbf712803dc000e767ed990385ade23d91b3b083
Sha256: e468a2e4eec8c73f654558da47573929ecfef0b81e72238fb9a89290fc629a9e
                                        
                                            GET /uwt.js HTTP/1.1 
Host: static.ads-twitter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.84.157
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Thu, 03 Nov 2022 01:42:46 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-bma1660-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57596), with no line terminators
Size:   15375
Md5:    573e6a7f86f6f3063763360ef0672c01
Sha1:   b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
Sha256: 02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
                                        
                                            GET /cp/obtp.js HTTP/1.1 
Host: amplify.outbrain.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.201.81
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Accept-Ranges: bytes
ETag: "0d5508c59e34b5d35cde5aea2aa1c2fd:1665301953.026714"
Last-Modified: Sun, 09 Oct 2022 07:50:08 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Thu, 03 Nov 2022 02:02:46 GMT
Date: Thu, 03 Nov 2022 01:42:46 GMT
Content-Length: 3471
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (8656), with no line terminators
Size:   3471
Md5:    6cff2cb49ee772adf066904fd18efd9a
Sha1:   8b876016198b0fc9862d2b6e29a80251c5422e72
Sha256: 85d26923c638ce50f36f7b69f9f50d2a6d6863abed574af143e24a14a343f9d2
                                        
                                            GET /bat.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         204.79.197.200
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: private,max-age=1800
content-length: 11367
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=3800FF6E90956FD03878ED3F91606E0B; domain=.bing.com; expires=Tue, 28-Nov-2023 01:42:46 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F8E4DAFBD01F432F85AB94848F986824 Ref B: OSL30EDGE0219 Ref C: 2022-11-03T01:42:46Z
date: Thu, 03 Nov 2022 01:42:45 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Size:   11367
Md5:    293ae3e0fc8b0d5c143fdf9d8490228d
Sha1:   3976c659b908e70818a3a1ac71860b497fe2d1a9
Sha256: 04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Ac