trk.fininvestart.com/9bf072fe-6f75-4eed-8a12-a6aca008a663
18.193.209.105200 1.6 kB URL HTTP/1.1 trk.fininvestart.com/9bf072fe-6f75-4eed-8a12-a6aca008a663
IP 18.193.209.105:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1556), with no line terminators
Hash cce1c70624fd8530b9e1286cd838eae5
c1118616d90ff667daa52ba499e33164e3a3b9a1
67ff2028ffb0d357588cc352c3622ee6aa127f3481d8bcf780e541d35eec36a4
GET /9bf072fe-6f75-4eed-8a12-a6aca008a663 HTTP/1.1
Host: trk.fininvestart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Server: nginx
Date: Fri, 03 Feb 2023 10:18:07 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 1556
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Set-Cookie: 9bf072fe-6f75-4eed-8a12-a6aca008a663-v4=un85ZW8ZKfCCSErFB-TeZpIFiQyX_yRz-fdwO0-jv9M; Max-Age=86400; Expires=Sat, 04-Feb-2023 10:18:07 GMT; Domain=trk.fininvestart.com; Path=/; HttpOnly
cc-v4=UNf2DQvQFRUM3mEs9%2F0%2BOAfwmtvcbNR3%2FX0rmTq%2FVzT1DhKdFLGCmvKF1mPOKiTS6kj6KD4%2BuTff3cuMn1z6ph7urU2fPtOHmt%2B%2FXItk5yvKiDXs8GUyIDoZBTvID7iA4xxF%2B7vWBNoYeilanh55oA%3D%3D; Max-Age=31536000; Expires=Sat, 03-Feb-2024 10:18:07 GMT; Domain=trk.fininvestart.com; Path=/; HttpOnly
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4432
Expires: Fri, 03 Feb 2023 11:32:00 GMT
Date: Fri, 03 Feb 2023 10:18:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6583
Expires: Fri, 03 Feb 2023 12:07:51 GMT
Date: Fri, 03 Feb 2023 10:18:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9253
Expires: Fri, 03 Feb 2023 12:52:21 GMT
Date: Fri, 03 Feb 2023 10:18:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 09:43:35 GMT
content-type: application/json
age: 2073
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: U8XdHVdIdG2PQzr7/dOKZQUn8CxB3WSU4u5jnINpgEWtcQsdEybFgFQzBCmLqDAYUCEy6w52B8ia98CFHeaSiQ==
x-amz-request-id: SYXMD9GG18TA0K9C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 09:52:22 GMT
age: 1546
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
trk.fininvestart.com/redirect?target=BASE64aHR0cHM6Ly9vZmZpY2lhbC5vbHltcHRyYWRlLWlkbGFuZHMuY29tL2xhbmRzL0xQTDY0LTAxLTAxaWQvaW5kZXguaHRtbD9yZWY9X2Rlc2smdXRtX21lZGl1bT0mdXRtX3NvdXJjZT1wcm9wZWxsZXJfYWRzJnV0bV9jYW1wYWlnbj0mdXRtX2NvbnRlbnQ9JnV0bV90ZXJtPSZlaWQ9d2p1YWY3dW8waHJkajJjbWkzOG5tYmYyJnN1YmlkMj13anVhZjd1bzBocmRqMmNtaTM4bm1iZjImbGVhZF9wYXJhbT1wb3N0YmFja19zdWJpZDIlM0R3anVhZjd1bzBocmRqMmNtaTM4bm1iZjImcGlkPXByb3BlbGxlcl9hZHMmYz0mYWZfY19pZD0mYWZfc3ViND13anVhZjd1bzBocmRqMmNtaTM4bm1iZjImZ2NsaWQ9d2p1YWY3dW8waHJkajJjbWkzOG5tYmYy&ts=1675419487931&hash=-1Fc0-dMPz_SxO2WKzbjSgmdgbPZ88xJN3qReCzN-OQ&rm=DJ
18.193.209.105200 1.1 kB URL HTTP/1.1 trk.fininvestart.com/redirect?target=BASE64aHR0cHM6Ly9vZmZpY2lhbC5vbHltcHRyYWRlLWlkbGFuZHMuY29tL2xhbmRzL0xQTDY0LTAxLTAxaWQvaW5kZXguaHRtbD9yZWY9X2Rlc2smdXRtX21lZGl1bT0mdXRtX3NvdXJjZT1wcm9wZWxsZXJfYWRzJnV0bV9jYW1wYWlnbj0mdXRtX2NvbnRlbnQ9JnV0bV90ZXJtPSZlaWQ9d2p1YWY3dW8waHJkajJjbWkzOG5tYmYyJnN1YmlkMj13anVhZjd1bzBocmRqMmNtaTM4bm1iZjImbGVhZF9wYXJhbT1wb3N0YmFja19zdWJpZDIlM0R3anVhZjd1bzBocmRqMmNtaTM4bm1iZjImcGlkPXByb3BlbGxlcl9hZHMmYz0mYWZfY19pZD0mYWZfc3ViND13anVhZjd1bzBocmRqMmNtaTM4bm1iZjImZ2NsaWQ9d2p1YWY3dW8waHJkajJjbWkzOG5tYmYy&ts=1675419487931&hash=-1Fc0-dMPz_SxO2WKzbjSgmdgbPZ88xJN3qReCzN-OQ&rm=DJ
IP 18.193.209.105:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1064), with no line terminators
Hash 2e47bd8e35bd90ee8f2d7e1a26329a14
fad3c786eca3ddafb4f79d9df6d54b3f080aaea3
c55cc033967999e039fdb68511051d61427e35867a3dc978cf13d82c617fcd06
GET /redirect?target=BASE64aHR0cHM6Ly9vZmZpY2lhbC5vbHltcHRyYWRlLWlkbGFuZHMuY29tL2xhbmRzL0xQTDY0LTAxLTAxaWQvaW5kZXguaHRtbD9yZWY9X2Rlc2smdXRtX21lZGl1bT0mdXRtX3NvdXJjZT1wcm9wZWxsZXJfYWRzJnV0bV9jYW1wYWlnbj0mdXRtX2NvbnRlbnQ9JnV0bV90ZXJtPSZlaWQ9d2p1YWY3dW8waHJkajJjbWkzOG5tYmYyJnN1YmlkMj13anVhZjd1bzBocmRqMmNtaTM4bm1iZjImbGVhZF9wYXJhbT1wb3N0YmFja19zdWJpZDIlM0R3anVhZjd1bzBocmRqMmNtaTM4bm1iZjImcGlkPXByb3BlbGxlcl9hZHMmYz0mYWZfY19pZD0mYWZfc3ViND13anVhZjd1bzBocmRqMmNtaTM4bm1iZjImZ2NsaWQ9d2p1YWY3dW8waHJkajJjbWkzOG5tYmYy&ts=1675419487931&hash=-1Fc0-dMPz_SxO2WKzbjSgmdgbPZ88xJN3qReCzN-OQ&rm=DJ HTTP/1.1
Host: trk.fininvestart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: 9bf072fe-6f75-4eed-8a12-a6aca008a663-v4=un85ZW8ZKfCCSErFB-TeZpIFiQyX_yRz-fdwO0-jv9M; cc-v4=UNf2DQvQFRUM3mEs9%2F0%2BOAfwmtvcbNR3%2FX0rmTq%2FVzT1DhKdFLGCmvKF1mPOKiTS6kj6KD4%2BuTff3cuMn1z6ph7urU2fPtOHmt%2B%2FXItk5yvKiDXs8GUyIDoZBTvID7iA4xxF%2B7vWBNoYeilanh55oA%3D%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Server: nginx
Date: Fri, 03 Feb 2023 10:18:08 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 1064
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 10:18:08 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 10:07:19 GMT
age: 649
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 17df8c4e3529ab1a8267010a9c4f032f
60d7b5bd27ef42088d5b161e9d57d23e874cace2
0f47c1ecf78caacac8496e7918ea0103f2c7f49de695bbd3879362cb49fc95b4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90796
Date: Fri, 03 Feb 2023 10:18:08 GMT
Etag: "63db9f0c-1d7"
Expires: Sat, 04 Feb 2023 11:31:24 GMT
Last-Modified: Thu, 02 Feb 2023 11:31:24 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RjVr6oxZKmCJfoZr80ySOOXznPCskA0YmhpAzcpmSJ85GfWDyLEOlw==
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5335
Expires: Fri, 03 Feb 2023 11:47:03 GMT
Date: Fri, 03 Feb 2023 10:18:08 GMT
Connection: keep-alive
official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
54.230.111.120200 OK 241 kB URL HTTP/2 official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
IP 54.230.111.120:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14665)
Size 241 kB (241076 bytes)
Hash 84e56255181e11bd1180ffa7d4d7d7b9
cf1005deddb08001e492fe76ed9ef867cb293c0e
4a0f94ae053d8c4cd6da6cbdaf3ceeac7979a9639d4fa483ae362fb2a6e4b992
GET /lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2 HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 241076
last-modified: Mon, 08 Aug 2022 15:19:32 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "84e56255181e11bd1180ffa7d4d7d7b9"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3tgPDx5wRcih7WFQY4a-evvSpYV0BOzj1wFlixbyrYOYpDABtdtSOw==
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.41.153.123101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.153.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XK/HiCnWjrJ1FVUDTuX6mw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 64T1ccUFKTeu4b4AsR36xHIY3Io=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
official.olymptrade-idlands.com/lands/common/scripts/smoothScroll.min.js
54.230.111.120200 OK 291 B URL HTTP/2 official.olymptrade-idlands.com/lands/common/scripts/smoothScroll.min.js
IP 54.230.111.120:0
File type ASCII text, with no line terminators
Hash 50958e2dbbc25cb367de3e5040eb7fc0
cae3fa3cf76df9b20aa6f2759fc29c78d827f6b8
32e3fe4a1555cdff4a55aaa51610d45c7edac831ecccbe9221bac13f149de222
GET /lands/common/scripts/smoothScroll.min.js HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 291
last-modified: Mon, 08 Aug 2022 15:22:47 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "50958e2dbbc25cb367de3e5040eb7fc0"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Qf-cLoqO4CdPeS5fVW_K6XbYn7B-Nv2j2N_l5tBVUY8ED86E6UayLA==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/common/components/logo/build/img/olymp-logo_white.svg
54.230.111.120200 OK 1.1 kB URL HTTP/2 official.olymptrade-idlands.com/lands/common/components/logo/build/img/olymp-logo_white.svg
IP 54.230.111.120:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1136), with no line terminators
Hash 31ea5cd22bf5b130a4c32ee025832789
1befab863480591561858759f30711859368f7e1
2d4510325e78e2ca31e66693fbf7ddb66e69ef7a5b07846c3ef13931fa25b6a6
GET /lands/common/components/logo/build/img/olymp-logo_white.svg HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1136
last-modified: Mon, 08 Aug 2022 15:21:22 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "31ea5cd22bf5b130a4c32ee025832789"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -KoohaFTEJJsI9xukzF1tUIUzvRCBao2w2x6qJGb7XQ1_RoMJWCyrg==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/common/components/promo/build/img/special/tree.webp
54.230.111.120200 OK 5.2 kB URL HTTP/2 official.olymptrade-idlands.com/lands/common/components/promo/build/img/special/tree.webp
IP 54.230.111.120:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a8eac6980e7ff027b6e717d00e51121c
ef37c5b30cf39a8144019146f3670633610c7a3a
138ff8bb0d9a885829ffe6c15b32e2b79c82d61227b26c1412ddb9a96584b614
GET /lands/common/components/promo/build/img/special/tree.webp HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5246
last-modified: Mon, 08 Aug 2022 15:21:55 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "a8eac6980e7ff027b6e717d00e51121c"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pvnm6V_Njcx-0RbxCqXWecbmtSEwtEqjy9WNr_Acrgx5xCK8IiWWuA==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/common/components/promo/build/img/ron.png
54.230.111.120200 OK 29 kB URL HTTP/2 official.olymptrade-idlands.com/lands/common/components/promo/build/img/ron.png
IP 54.230.111.120:0
File type PNG image data, 512 x 290, 8-bit colormap, non-interlaced\012- data
Hash 6c0b2de8658e7ac8b614d11d279b6ce4
29116c6338240a4e806809972f1c2332b62b39d8
40a6b59caa64a471e3713ae591c83d630dcddf4a44282b3adbdb5e0542866b98
GET /lands/common/components/promo/build/img/ron.png HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 28921
last-modified: Mon, 08 Aug 2022 15:21:55 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "6c0b2de8658e7ac8b614d11d279b6ce4"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TnS2ej8AtPxcKqdqLUbMNlMEE8giEWQ23NG48q0XrZpLd1Bwl2lOOQ==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/common/components/game-adaptive/build/js/start.bundle.min.js
54.230.111.120200 OK 14 kB URL HTTP/2 official.olymptrade-idlands.com/lands/common/components/game-adaptive/build/js/start.bundle.min.js
IP 54.230.111.120:0
File type ASCII text, with very long lines (8299)
Hash 623a5164f5fcb3c4ba212c7d8d7de360
3a167a9d94fe11165dfe2e1a0e42d2f3c52227a6
82fae7556358e230f13aa865e4ceb7bfacae6a4b042854445a03c644ecb35798
GET /lands/common/components/game-adaptive/build/js/start.bundle.min.js HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 13911
last-modified: Mon, 08 Aug 2022 15:21:15 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "623a5164f5fcb3c4ba212c7d8d7de360"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uuu6q4JCid8V0d7fEq8KqZYKZGgP4Gs8pHhk0TqXmBYjmFa8_fqwwA==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/common/scripts/loginCheck.min.js
54.230.111.120200 OK 1.2 kB URL HTTP/2 official.olymptrade-idlands.com/lands/common/scripts/loginCheck.min.js
IP 54.230.111.120:0
File type ASCII text, with very long lines (1203), with no line terminators
Hash 2b4d80ab8ff6d3f49295b764920641b0
2184e475c41cbbe409e424cea68d2164a980e3ff
555953e6603d790cb150197dbd2472f72dbc15d65c44d18d3533331b5a5bf0af
GET /lands/common/scripts/loginCheck.min.js HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 1203
last-modified: Mon, 08 Aug 2022 15:22:46 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "2b4d80ab8ff6d3f49295b764920641b0"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mZD1FY9rrxklkEMyIuSnOMCarGqR28cP_kzqFL0jil2gANOlkX2ljQ==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/platforms/platforma_3_mb.webp
54.230.111.120200 OK 11 kB URL HTTP/2 official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/platforms/platforma_3_mb.webp
IP 54.230.111.120:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash edaaf37acda8ed0c2db5876a647a4634
a68187b30f474e70635d4714ea2c973de659682c
e28852e9d640f2aae23dc6eb23c3b6379f2a83ab8a9e9efca61513069950f5ad
Analyzer Verdict Alert fortinet Malware
GET /lands/LPL64-01-01/build/img/platforms/platforma_3_mb.webp HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 11146
last-modified: Mon, 08 Aug 2022 15:19:32 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "edaaf37acda8ed0c2db5876a647a4634"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X5x8Geg09qaO9tNdimpIqneOld4is8i9SaBBizMtJrY3ge6cfqGxIg==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/platforms/platforma_1_mb.webp
54.230.111.120200 OK 12 kB URL HTTP/2 official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/platforms/platforma_1_mb.webp
IP 54.230.111.120:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 79eb043bfdbc188e72a4954131a067e7
768a7af855e8f5f2edcea8a14928ed2b35dfa239
5a1cac8a1ffe55a4b8319b96a9de4d3d6415313dd8585bdc2030cae09da0f85c
Analyzer Verdict Alert fortinet Malware
GET /lands/LPL64-01-01/build/img/platforms/platforma_1_mb.webp HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 11986
last-modified: Mon, 08 Aug 2022 15:19:32 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "79eb043bfdbc188e72a4954131a067e7"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h72xDG5KhMDlCspXbGkQ__RdGbI-VpbI7z1eywnVqzbI2JWmmrH-zA==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/icons/education.svg
54.230.111.120200 OK 1.1 kB URL HTTP/2 official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/icons/education.svg
IP 54.230.111.120:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 2087652455eb4e94240938d7ae159279
18e541ee3c224a5394ebf362e0b53cea835413d7
fd821c306c2877b8b0c92fe53da5d2c9487a1ff5ec6c13f89cc0983516fe2340
Analyzer Verdict Alert fortinet Malware
GET /lands/LPL64-01-01/build/img/icons/education.svg HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1103
last-modified: Mon, 08 Aug 2022 15:19:31 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "2087652455eb4e94240938d7ae159279"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: n3N6AR0YrdrcoljtoS6v_FwChJWU1NDKJmChT9awtoU61CorC2XJag==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/platforms/platforma_6_mb.webp
54.230.111.120200 OK 5.1 kB URL HTTP/2 official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/platforms/platforma_6_mb.webp
IP 54.230.111.120:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f62dcb03b74ca13a1e97075cad13e534
21247684532356b210dc068242ca9ac8632859b1
9c1375fdd02db5716ed76d728cbd5b477c52e1c5bca58638694d378e9440abfe
Analyzer Verdict Alert fortinet Malware
GET /lands/LPL64-01-01/build/img/platforms/platforma_6_mb.webp HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5148
last-modified: Mon, 08 Aug 2022 15:19:31 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "f62dcb03b74ca13a1e97075cad13e534"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kplTP4w7LIRqc5e10CdVOfW2s6_jQkGkRSV2PPaEoAVDCTVj6QXviw==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/common/scripts/detect.js
54.230.111.120200 OK 46 kB URL HTTP/2 official.olymptrade-idlands.com/lands/common/scripts/detect.js
IP 54.230.111.120:0
File type ASCII text, with very long lines (45877), with no line terminators
Hash a03481d91d0dabc58f29147f06da2ea4
1c369b8bf4258bf2e7c7dc5f61b08ef55f6f1998
a7667ae63ebe898f2193b26caba6268fb55ce5e66aa998cd1af8ee7782b3da95
GET /lands/common/scripts/detect.js HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 45877
last-modified: Mon, 08 Aug 2022 15:22:46 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "a03481d91d0dabc58f29147f06da2ea4"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TWXQcloSUOmrezIUnuQYj3t0UWpq_1WCodhrMhQ_c0-8P7EmPXXnfw==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/common/components/game-adaptive/build/js/libs.bundle.min.js
54.230.111.120200 OK 310 kB URL HTTP/2 official.olymptrade-idlands.com/lands/common/components/game-adaptive/build/js/libs.bundle.min.js
IP 54.230.111.120:0
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size 310 kB (310535 bytes)
Hash 1172990003b5fcc67ff5cad0376a2f16
72fc77c8027615c9d217baffb4bc9ae534d0065f
15ec9cce2c5b6076232c02427af84f46750c2b55f86f37dd9f7f184519faaca5
GET /lands/common/components/game-adaptive/build/js/libs.bundle.min.js HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 310535
last-modified: Mon, 08 Aug 2022 15:21:14 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "1172990003b5fcc67ff5cad0376a2f16"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Z7UH1JtcUxD9PZCutqT4ck-bCq8Y5WZobCqp2BodfNBJwczZQNdZtA==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/common/scripts/gtm-3.js
54.230.111.120200 OK 6.8 kB URL HTTP/2 official.olymptrade-idlands.com/lands/common/scripts/gtm-3.js
IP 54.230.111.120:0
File type C source, Unicode text, UTF-8 text, with very long lines (440)
Hash 831a32477d3ff68e31e0e9e6938bdadd
46018d01fab18febd301d7a22a6d124c1a735c99
d1eea4e80a8f34c8737343390da4df4a1242a6756a577f81cbe38dd44eaba01a
GET /lands/common/scripts/gtm-3.js HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 6810
last-modified: Mon, 08 Aug 2022 15:22:46 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "831a32477d3ff68e31e0e9e6938bdadd"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: z5LOgfVFhUf52kSKWb-hoZ1u50OAgZtXKsg-rScqSAPR6Mttl9TwTQ==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/icons/screen_position.svg
54.230.111.120200 OK 976 B URL HTTP/2 official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/icons/screen_position.svg
IP 54.230.111.120:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash a0d6da76a6ccfe2944ff1403f9bb497f
adc09f044671e7ee270e080bb345ab2f34645033
392b2fff27cecfe667aa98a176f37672bfe52a5d8a2223a8a39b43689d03d38d
Analyzer Verdict Alert fortinet Malware
GET /lands/LPL64-01-01/build/img/icons/screen_position.svg HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 976
last-modified: Mon, 08 Aug 2022 15:19:31 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "a0d6da76a6ccfe2944ff1403f9bb497f"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: q4CquvzrUEYoYfP6-zND3MHSH3PXBfBU7BFGcbNF_nOiBTNA4PTK6g==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/icons/money.svg
54.230.111.120200 OK 1.3 kB URL HTTP/2 official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/icons/money.svg
IP 54.230.111.120:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (436)
Hash c0cb1449415d18250de77422c775cc5a
4b71ae9312c3f6352a97f4411b7d5248bf37de47
879bc8737524da06ba7f52aa8bed597bce1953071343678e1982dc92baf84137
Analyzer Verdict Alert fortinet Malware
GET /lands/LPL64-01-01/build/img/icons/money.svg HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1321
last-modified: Mon, 08 Aug 2022 15:19:31 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "c0cb1449415d18250de77422c775cc5a"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xS3S9Rnnznlm8sIjSSFocC1UZvL-Ba8a5-ooKgPWpyLhjz9EdneSaA==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/common/components/promo/build/img/olymp_trade_logo.svg
54.230.111.120200 OK 1.4 kB URL HTTP/2 official.olymptrade-idlands.com/lands/common/components/promo/build/img/olymp_trade_logo.svg
IP 54.230.111.120:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1397), with no line terminators
Hash 7bf26fcbd50ace04c2ba9f36167fa114
6a5fa6e70d4957b97fe708ca619a4deba009ccd7
8d95ab6b4eabd602b252f5d45936abe64f13cd89f7577a91250ccbc3557c22db
GET /lands/common/components/promo/build/img/olymp_trade_logo.svg HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1397
last-modified: Mon, 08 Aug 2022 15:21:55 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "7bf26fcbd50ace04c2ba9f36167fa114"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2bOxLNAxuxNPuTHKeFoR4CuIq2V-GHvmrrFoCpebl0_8HpfeuG8djw==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/common/scripts/GTMAnalytics/common.min.js
54.230.111.120200 OK 7.3 kB URL HTTP/2 official.olymptrade-idlands.com/lands/common/scripts/GTMAnalytics/common.min.js
IP 54.230.111.120:0
File type ASCII text, with very long lines (7306), with no line terminators
Hash f9bbb221b687a84fef075bd3402ced09
afa55f09d4874b3447dff8be74d30cedbe6f01ae
f960d08e4a869195052b9de389293809c84ce3c0a08c6ff61c1945d7638f2dbc
GET /lands/common/scripts/GTMAnalytics/common.min.js HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 7306
last-modified: Mon, 08 Aug 2022 15:22:45 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "f9bbb221b687a84fef075bd3402ced09"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: elDHMfrFNYqwOyTqnIPRCzWbDXIFMkK0TpD08uuWt7aPtZhI-pa1xQ==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/platforms/head-pl-id.webp
54.230.111.120200 OK 22 kB URL HTTP/2 official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/platforms/head-pl-id.webp
IP 54.230.111.120:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash bd7d8337df02e782c45c73ece7192342
9447bd0ae9632204f2b0e006fbc3b818cba6922a
b1a68ddd86b0ca60645ccf8363c214db9fc7d21598ae3fe50a6994ca9ff03138
Analyzer Verdict Alert fortinet Malware
GET /lands/LPL64-01-01/build/img/platforms/head-pl-id.webp HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 21588
last-modified: Mon, 08 Aug 2022 15:19:31 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "bd7d8337df02e782c45c73ece7192342"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vxBxWwJaJa1UMiuccSe_112BxyA1ZN7CGxXOKUviQrkv7PQb34nUzw==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/common/scripts/dateCheck.min.js
54.230.111.120200 OK 699 B URL HTTP/2 official.olymptrade-idlands.com/lands/common/scripts/dateCheck.min.js
IP 54.230.111.120:0
Hash a78258ce5f8a28ba76a017ea2e4128d6
fa3818843e0c057da3f9167c5c0550039e313eb3
9d887d8278655577c929ae6a03679d2d9d69373ae6dbb111b1502f8ce7e4a9b3
GET /lands/common/scripts/dateCheck.min.js HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 699
last-modified: Mon, 08 Aug 2022 15:22:46 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "a78258ce5f8a28ba76a017ea2e4128d6"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RufjG51gOPe1vtCuU8eYBr_sv3s7hXZRBeqdY25bRiEcb6JOXLlALg==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/icons/graph.svg
54.230.111.120200 OK 833 B URL HTTP/2 official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/icons/graph.svg
IP 54.230.111.120:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash b1fc3c257b31035cf8bcb81e5424e15b
bdaf34b67368924809883acc328d2336b53ef490
3f20e815067e5308c9e7f9d8cfdb192f3f8bf0bce007cecedfa795cf9da2370b
Analyzer Verdict Alert fortinet Malware
GET /lands/LPL64-01-01/build/img/icons/graph.svg HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 833
last-modified: Mon, 08 Aug 2022 15:19:31 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "b1fc3c257b31035cf8bcb81e5424e15b"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ed2l3u9782wVsrjelgHaHeilwac4iHqT07-IoKULOVbvoo-POQzj5A==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/common/pixels/traffic/main.js
54.230.111.120200 OK 1.6 kB URL HTTP/2 official.olymptrade-idlands.com/lands/common/pixels/traffic/main.js
IP 54.230.111.120:0
Hash 675489c736e3057d78fc0b92ca71a705
b031c90e30d2ce74b6fade3988bbebac398bde64
cda5e260415556738fcf92b7e47a453478fd91ee1c4837fdf03464d7e30328f9
GET /lands/common/pixels/traffic/main.js HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 1568
last-modified: Mon, 08 Aug 2022 15:22:45 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "675489c736e3057d78fc0b92ca71a705"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 59r_7XOs2TjdtzXxxDRKy4oqfQa1X5eoPAs35BVSFapAp2caWDAlYA==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/common/scripts/lsa.min.js
54.230.111.120200 OK 1.6 kB URL HTTP/2 official.olymptrade-idlands.com/lands/common/scripts/lsa.min.js
IP 54.230.111.120:0
File type C source, ASCII text, with very long lines (1612), with no line terminators
Hash 046d5bbb6bc234d81650512837ec113f
96c6ef57f2b4a834e29d9d3041469bffba990f68
d0a9c0f14b5f25b90745bd19bd095e1dd2f773336813900024b2de5951e309dd
GET /lands/common/scripts/lsa.min.js HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 1612
last-modified: Mon, 08 Aug 2022 15:22:46 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "046d5bbb6bc234d81650512837ec113f"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fjmAZzKfGMraoAQCuZ1fJPJEZlvqjPRTqTu23ZgNTctggSyYnXvnuA==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/common/components/promo/build/img/elements.png
54.230.111.120200 OK 882 B URL HTTP/2 official.olymptrade-idlands.com/lands/common/components/promo/build/img/elements.png
IP 54.230.111.120:0
File type PNG image data, 398 x 128, 4-bit colormap, non-interlaced\012- data
Hash fa3c8651c0a5341431d8870043a21663
11a49115d6d32f47bae5f3ce55690894f4324451
ef1ec91f5324fe96ff264b4c46ee58edd928552e88a9a2fd20fd87446d7635d9
GET /lands/common/components/promo/build/img/elements.png HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 882
last-modified: Mon, 08 Aug 2022 15:21:55 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "fa3c8651c0a5341431d8870043a21663"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: j5-aG3c4haVcJD8Tcspqt2wYjzuuABLXiW-qp9mWs7nsaSiOUu53fA==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/icons/credit-card.svg
54.230.111.120200 OK 799 B URL HTTP/2 official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/icons/credit-card.svg
IP 54.230.111.120:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 4a1fd14b586ef3fe63d572fa4be4380f
a8c57df0f8a3ec3a5dd20fec736978c2b17052bc
265b07298a36a3597ea44eff73146c4b616c756ba1d4a052b1f2a88e1880e871
Analyzer Verdict Alert fortinet Malware
GET /lands/LPL64-01-01/build/img/icons/credit-card.svg HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 799
last-modified: Mon, 08 Aug 2022 15:19:31 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "4a1fd14b586ef3fe63d572fa4be4380f"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: o_9c-NV0ravYtATApsTxfM_euqq-yP3wBZ1CRydwPvVkCIjJSaOqag==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/LPL64-01-01/build/js/app.bundle.min.js
54.230.111.120200 OK 7.1 kB URL HTTP/2 official.olymptrade-idlands.com/lands/LPL64-01-01/build/js/app.bundle.min.js
IP 54.230.111.120:0
File type ASCII text, with very long lines (5560)
Hash 57705c81adb14e1d5d1ab01851b83052
f8daaa0e73f0410e1b8530506d1a88e378d6dd51
bf611e57dc02971234015a9e67d61ab07dec367f2095d17e5a62e913adee4c9d
Analyzer Verdict Alert fortinet Malware
GET /lands/LPL64-01-01/build/js/app.bundle.min.js HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 7096
last-modified: Mon, 08 Aug 2022 15:19:31 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "57705c81adb14e1d5d1ab01851b83052"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: b29LYVlci-1fe5oH-R7tsmKH5kqvp4jfNlx6pawqbW1QyyqjDbS1xw==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/LPL64-01-01/build/css/geo_bundle/id_app.bundle.min.css
54.230.111.120200 OK 29 kB URL HTTP/2 official.olymptrade-idlands.com/lands/LPL64-01-01/build/css/geo_bundle/id_app.bundle.min.css
IP 54.230.111.120:0
File type ASCII text, with very long lines (28638), with no line terminators
Hash e41335c3b295e46d313d742f6256092d
f5e80fd246ea7f1f54825bb26a0521e2634dcaf2
06ef1b416dea1aedcbebc2dccf5105c96f25f564696e60e39d3cdeb28ee902d7
GET /lands/LPL64-01-01/build/css/geo_bundle/id_app.bundle.min.css HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 28638
date: Fri, 03 Feb 2023 10:18:10 GMT
last-modified: Mon, 08 Aug 2022 15:19:30 GMT
etag: "e41335c3b295e46d313d742f6256092d"
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tv_ejw2poPSnJsze_OI7F2cIHaWBP6BFcYvhS884K9twg7rY8nb9bw==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/common/scripts/jquery/3.3.1.min.js
54.230.111.120200 OK 87 kB URL HTTP/2 official.olymptrade-idlands.com/lands/common/scripts/jquery/3.3.1.min.js
IP 54.230.111.120:0
File type ASCII text, with very long lines (65451)
Hash 4b57cf46dc8cb95c4cca54afc85e9540
05e1ad0cc600a057886deaf237ab6e3d4fcdb5ac
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
GET /lands/common/scripts/jquery/3.3.1.min.js HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 86926
last-modified: Mon, 08 Aug 2022 15:22:46 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "4b57cf46dc8cb95c4cca54afc85e9540"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vw4dgquFeeQP8rvb2NPTpi1E5tHA5YYPk-kxHV1LXNs1w4Y1UsN5Rw==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/common/components/game-adaptive/build/js/app.bundle.min.js
54.230.111.120200 OK 16 kB URL HTTP/2 official.olymptrade-idlands.com/lands/common/components/game-adaptive/build/js/app.bundle.min.js
IP 54.230.111.120:0
File type ASCII text, with very long lines (16080), with no line terminators
Hash 77b27e68186845f43f9f5125670593c6
6dcca1561c17872911d58acf1246d46307ec811e
c523f221bffdc6fa1a571971c2d8918a7ec1f1f201421249c0d983eb58a8501f
GET /lands/common/components/game-adaptive/build/js/app.bundle.min.js HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 16080
last-modified: Mon, 08 Aug 2022 15:21:15 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "77b27e68186845f43f9f5125670593c6"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LjIMXYBzJ9c8USLkdspTiqCo2vF09cwUqIMmoH4fJuUUiHysZoFKFw==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/platforms/platforma_2_mb.webp
54.230.111.120200 OK 10 kB URL HTTP/2 official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/platforms/platforma_2_mb.webp
IP 54.230.111.120:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e33c4f79b3d6394f4f4bff49820ebb59
6f71eaf184bf02d1f9f38f0222846805d848d14c
8f30414427355887f7a9824dc9e15984383808b907d7c00fe83260dddb91fd6e
Analyzer Verdict Alert fortinet Malware
GET /lands/LPL64-01-01/build/img/platforms/platforma_2_mb.webp HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 10244
last-modified: Mon, 08 Aug 2022 15:19:32 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "e33c4f79b3d6394f4f4bff49820ebb59"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BZ7cEMwTalIKoD4agr-jFW4ure1L0Fct-6TgHNDkErE3_JXuMHOOHw==
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/platforms/platforma_4_mb.webp
54.230.111.120200 OK 3.8 kB URL HTTP/2 official.olymptrade-idlands.com/lands/LPL64-01-01/build/img/platforms/platforma_4_mb.webp
IP 54.230.111.120:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0ea32fd37de205d372cf8e86f7671930
2b3c9eda62073427302bed0b05c454cb29259c17
4cd3e630698adef4fc46563303d768991484accbb79fe0b38ad02436ab6b3ffe
Analyzer Verdict Alert fortinet Malware
GET /lands/LPL64-01-01/build/img/platforms/platforma_4_mb.webp HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 3768
last-modified: Mon, 08 Aug 2022 15:19:32 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:10 GMT
etag: "0ea32fd37de205d372cf8e86f7671930"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2guMNYkxRYz1SrBK1NQ5lYJ2TB4kDyFlpltT5VjcZPuosZt_9MoWXQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://official.olymptrade-idlands.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 389769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://official.olymptrade-idlands.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 248943
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-M98VLD
142.250.74.168200 OK 100 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M98VLD
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (42873)
Size 100 kB (100327 bytes)
Hash 2b7de04229430475d71f2d9e7357a1fa
68ac44a96aae383a63b774ef859b937cbcaf63e4
397e22f78a27db4bba01fabd1a071ae30741393cb2ef66db697d7c105182095b
GET /gtm.js?id=GTM-M98VLD HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 10:18:09 GMT
expires: Fri, 03 Feb 2023 10:18:09 GMT
cache-control: private, max-age=900
last-modified: Fri, 03 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100327
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://official.olymptrade-idlands.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 07:51:59 GMT
expires: Thu, 01 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 181571
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:wght@100%3b300%3b400%3b500%3b700%3b900&display=swap
142.250.74.138200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@100%3b300%3b400%3b500%3b700%3b900&display=swap
IP 142.250.74.138:0
Hash 8bf435418b5bf04c0fa26cced5b54457
94df6613581d7df500be23e04787453c47e189b6
001ec981c56a06525990f2b42d3e124a60cb9bd7a40d580415b5c0c4d3810024
GET /css2?family=Roboto:wght@100%3b300%3b400%3b500%3b700%3b900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 10:18:09 GMT
date: Fri, 03 Feb 2023 10:18:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
olymptrade-nid.com/p/auth/probe/v1
185.104.210.32200 OK 14 B URL HTTP/1.1 olymptrade-nid.com/p/auth/probe/v1
IP 185.104.210.32:0
ASN #200449 Qrator Labs CZ s.r.o.
File type JSON data\012- , ASCII text, with no line terminators
Hash dfe977a5d016d556e5ac0b813eac66b1
31bc4efc9f4d8c4e86eedf83444ac935546d3c90
7088814156cba446418171c2b509340685dfe0f89c2a7cb366faec0696e3c306
GET /p/auth/probe/v1 HTTP/1.1
Host: olymptrade-nid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://official.olymptrade-idlands.com/
Origin: https://official.olymptrade-idlands.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://official.olymptrade-idlands.com
content-type: application/json; charset=utf-8
vary: Origin
date: Fri, 03 Feb 2023 10:18:10 GMT
content-length: 14
strict-transport-security: max-age=63072000; includeSubdomains; preload
api.olymptrade-nid.com/v3/user/set-session
185.104.210.32200 OK 20 B URL HTTP/1.1 api.olymptrade-nid.com/v3/user/set-session
IP 185.104.210.32:0
ASN #200449 Qrator Labs CZ s.r.o.
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
OPTIONS /v3/user/set-session HTTP/1.1
Host: api.olymptrade-nid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-request-project,x-request-type
Referer: https://official.olymptrade-idlands.com/
Origin: https://official.olymptrade-idlands.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/1.1 200 OK
server: nginx
date: Fri, 03 Feb 2023 10:18:10 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
access-control-allow-origin: https://official.olymptrade-idlands.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-Request-Type, X-Request-Project, X-App-Name, X-App-Version, X-Signature, X-CID-Ver, X-CID-App, X-CID-OS, X-CID-Device
access-control-max-age: 1728000
x-frame-options: SAMEORIGIN
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e05bf32a73d7fe440f81d676fafd3b3d
aa512d825ae2742f3d65de19208e387f9f6d4b6d
13833874c09e05efa6d98ee08afd6a239626cf433efb831e93727d014f3a63e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "13833874C09E05EFA6D98EE08AFD6A239626CF433EFB831E93727D014F3A63E7"
Last-Modified: Fri, 03 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21546
Expires: Fri, 03 Feb 2023 16:17:16 GMT
Date: Fri, 03 Feb 2023 10:18:10 GMT
Connection: keep-alive
olymptrade-nid.com/l/LPL64-01-01id/_desk?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2&pixel=1
185.104.210.32200 OK 0 B URL HTTP/1.1 olymptrade-nid.com/l/LPL64-01-01id/_desk?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2&pixel=1
IP 185.104.210.32:0
ASN #200449 Qrator Labs CZ s.r.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /l/LPL64-01-01id/_desk?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2&pixel=1 HTTP/1.1
Host: olymptrade-nid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: must-revalidate, post-check=0, pre-check=0, private
content-type: text/html; charset=utf-8
expires: 0
pragma: no-cache
set-cookie: checked=1; Path=/; Domain=olymptrade-nid.com; Expires=Sat, 04 Feb 2023 10:18:10 GMT; HttpOnly; Secure; SameSite=None
enterdate=2023-02-03+13%3A18%3A10; Path=/; Domain=olymptrade-nid.com; Expires=Fri, 03 Mar 2023 10:18:10 GMT; HttpOnly; Secure; SameSite=None
guest_id=1063528701444573516223128147221430167541949022472136418001231766; Path=/; Domain=olymptrade-nid.com; Expires=Mon, 31 Jan 2033 10:18:10 GMT; HttpOnly; Secure; SameSite=None
tr_http_referer=https%3A%2F%2Fofficial.olymptrade-idlands.com%2F; Path=/; Domain=olymptrade-nid.com; Expires=Fri, 03 Mar 2023 10:18:10 GMT; HttpOnly; Secure; SameSite=None
tr_request_uri=%2Fl%2FLPL64-01-01id%2F_desk%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26pixel%3D1; Path=/; Domain=olymptrade-nid.com; Expires=Fri, 03 Mar 2023 10:18:10 GMT; HttpOnly; Secure; SameSite=None
tr_traffic=%7B%22created_at%22%3A%222023-02-03+13%3A18%3A10%22%2C%22ref%22%3A%22_desk%22%2C%22ref_channel%22%3A%22other%22%2C%22land%22%3A%22LPL64-01-01id%22%2C%22utm_source%22%3A%22propeller_ads%22%2C%22guest_id%22%3A%221063528701444573516223128147221430167541949022472136418001231766%22%2C%22platform_id%22%3A%22wjuaf7uo0hrdj2cmi38nmbf2%22%7D; Path=/; Domain=olymptrade-nid.com; Expires=Fri, 03 Mar 2023 10:18:10 GMT; HttpOnly; Secure; SameSite=None
x-status-code: 200
date: Fri, 03 Feb 2023 10:18:10 GMT
content-length: 0
strict-transport-security: max-age=63072000; includeSubdomains; preload
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 66597efe3cf7830fce3741285805fcd4
6e98f3e662894097fe14136ca49b7ebf0c777652
8d9fced18a60143f4af615ad91a88ab630d0acc0d1a5047c7cbe08ae61ed47a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D9FCED18A60143F4AF615AD91A88AB630D0ACC0D1A5047C7CBE08AE61ED47A3"
Last-Modified: Fri, 03 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21580
Expires: Fri, 03 Feb 2023 16:17:50 GMT
Date: Fri, 03 Feb 2023 10:18:10 GMT
Connection: keep-alive
api.olymptrade-nid.com/v3/user/set-session
185.104.210.32204 No Content 0 B URL HTTP/1.1 api.olymptrade-nid.com/v3/user/set-session
IP 185.104.210.32:0
ASN #200449 Qrator Labs CZ s.r.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v3/user/set-session HTTP/1.1
Host: api.olymptrade-nid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://official.olymptrade-idlands.com/
Content-Type: application/json; charset=UTF-8
X-Request-Type: Api-Request
X-Request-Project: bo
Origin: https://official.olymptrade-idlands.com
Content-Length: 18
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
server: nginx
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://official.olymptrade-idlands.com
access-control-allow-credentials: true
cache-control: no-cache
set-cookie: lang=id_ID; expires=Mon, 13-Feb-2023 10:18:10 GMT; path=/; domain=.olymptrade-nid.com; secure; httponly; samesite=none
guest_id=1000610722807582581968515326358020167541949023316135316221563650; expires=Mon, 31-Jan-2033 10:18:10 GMT; path=/; domain=.olymptrade-nid.com; secure; httponly; samesite=none
x-app-trace-id: e77c2054-d0b1-b9db-059f-eadce81e65dc
date: Fri, 03 Feb 2023 10:18:10 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubdomains; preload
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e05bf32a73d7fe440f81d676fafd3b3d
aa512d825ae2742f3d65de19208e387f9f6d4b6d
13833874c09e05efa6d98ee08afd6a239626cf433efb831e93727d014f3a63e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "13833874C09E05EFA6D98EE08AFD6A239626CF433EFB831E93727D014F3A63E7"
Last-Modified: Fri, 03 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21557
Expires: Fri, 03 Feb 2023 16:17:27 GMT
Date: Fri, 03 Feb 2023 10:18:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 66597efe3cf7830fce3741285805fcd4
6e98f3e662894097fe14136ca49b7ebf0c777652
8d9fced18a60143f4af615ad91a88ab630d0acc0d1a5047c7cbe08ae61ed47a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D9FCED18A60143F4AF615AD91A88AB630D0ACC0D1A5047C7CBE08AE61ED47A3"
Last-Modified: Fri, 03 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21583
Expires: Fri, 03 Feb 2023 16:17:53 GMT
Date: Fri, 03 Feb 2023 10:18:10 GMT
Connection: keep-alive
api.olymptrade-nid.com/v6/platform/values
185.104.210.32200 OK 20 B URL HTTP/1.1 api.olymptrade-nid.com/v6/platform/values
IP 185.104.210.32:0
ASN #200449 Qrator Labs CZ s.r.o.
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
OPTIONS /v6/platform/values HTTP/1.1
Host: api.olymptrade-nid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-request-project,x-request-type,x-requested-with
Referer: https://official.olymptrade-idlands.com/
Origin: https://official.olymptrade-idlands.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx
date: Fri, 03 Feb 2023 10:18:10 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
access-control-allow-origin: https://official.olymptrade-idlands.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-Request-Type, X-Request-Project, X-App-Name, X-App-Version, X-Signature, X-CID-Ver, X-CID-App, X-CID-OS, X-CID-Device
access-control-max-age: 1728000
x-frame-options: SAMEORIGIN
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
api.olymptrade-nid.com/v7/platform/values
185.104.210.32200 OK 20 B URL HTTP/1.1 api.olymptrade-nid.com/v7/platform/values
IP 185.104.210.32:0
ASN #200449 Qrator Labs CZ s.r.o.
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
OPTIONS /v7/platform/values HTTP/1.1
Host: api.olymptrade-nid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-request-project,x-request-type,x-requested-with
Referer: https://official.olymptrade-idlands.com/
Origin: https://official.olymptrade-idlands.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx
date: Fri, 03 Feb 2023 10:18:10 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
access-control-allow-origin: https://official.olymptrade-idlands.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-Request-Type, X-Request-Project, X-App-Name, X-App-Version, X-Signature, X-CID-Ver, X-CID-App, X-CID-OS, X-CID-Device
access-control-max-age: 1728000
x-frame-options: SAMEORIGIN
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
api.olymptrade-nid.com/v7/platform/values
185.104.210.32200 OK 20 B URL HTTP/1.1 api.olymptrade-nid.com/v7/platform/values
IP 185.104.210.32:0
ASN #200449 Qrator Labs CZ s.r.o.
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
OPTIONS /v7/platform/values HTTP/1.1
Host: api.olymptrade-nid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-request-project,x-request-type,x-requested-with
Referer: https://official.olymptrade-idlands.com/
Origin: https://official.olymptrade-idlands.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx
date: Fri, 03 Feb 2023 10:18:10 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
access-control-allow-origin: https://official.olymptrade-idlands.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-Request-Type, X-Request-Project, X-App-Name, X-App-Version, X-Signature, X-CID-Ver, X-CID-App, X-CID-OS, X-CID-Device
access-control-max-age: 1728000
x-frame-options: SAMEORIGIN
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
api.olymptrade-nid.com/v6/platform/values
185.104.210.32200 OK 258 B URL HTTP/1.1 api.olymptrade-nid.com/v6/platform/values
IP 185.104.210.32:0
ASN #200449 Qrator Labs CZ s.r.o.
File type JSON data\012- , ASCII text, with very long lines (491), with no line terminators
Hash 629142302cb60ad5a10c218d3f40a69d
7512a776902b88e080aa121991f73b27b3464cdd
23790d5ae357636e0bb86c1529ca9900fdfad19bc927d5a93d2b8592a760e1ae
POST /v6/platform/values HTTP/1.1
Host: api.olymptrade-nid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://official.olymptrade-idlands.com/
X-Request-Project: otp
X-Request-Type: Api-Request
X-Requested-With: XMLHttpRequest
Content-Type: text/plain;charset=UTF-8
Origin: https://official.olymptrade-idlands.com
Content-Length: 25
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx
content-type: application/json
transfer-encoding: chunked
access-control-allow-origin: https://official.olymptrade-idlands.com
access-control-allow-credentials: true
cache-control: no-cache
x-app-trace-id: 55a09fe4-6d7d-f1ca-37df-39693e739fe1
set-cookie: guest_id=1000599508670611268357815326358020167541949030604789282072426884; expires=Mon, 31-Jan-2033 10:18:10 GMT; path=/; domain=.olymptrade-nid.com; secure; httponly; samesite=none
date: Fri, 03 Feb 2023 10:18:10 GMT
x-frame-options: SAMEORIGIN
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
api.olymptrade-nid.com/v7/platform/values
185.104.210.32200 OK 359 B URL HTTP/1.1 api.olymptrade-nid.com/v7/platform/values
IP 185.104.210.32:0
ASN #200449 Qrator Labs CZ s.r.o.
File type JSON data\012- , ASCII text, with very long lines (723), with no line terminators
Hash e638c3a97434704a78ca141dfbcb16e3
d98b96c4458a8e5ba6f5f75c901a51ec50a340a4
9eb84e04f3db59de53ebb991981f2ef5d7e00b65ab371ed336b5cafdd9bbc32f
POST /v7/platform/values HTTP/1.1
Host: api.olymptrade-nid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://official.olymptrade-idlands.com/
X-Request-Project: otp
X-Request-Type: Api-Request
X-Requested-With: XMLHttpRequest
Content-Type: text/plain;charset=UTF-8
Origin: https://official.olymptrade-idlands.com
Content-Length: 44
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx
content-type: application/json
transfer-encoding: chunked
access-control-allow-origin: https://official.olymptrade-idlands.com
access-control-allow-credentials: true
cache-control: no-cache
x-app-trace-id: b7ba28ee-4ecf-ea10-47c0-3f42ad3c4ef9
set-cookie: guest_id=1000218613507269386469415326358021675419490314358688766438715348; expires=Mon, 31-Jan-2033 10:18:10 GMT; path=/; domain=.olymptrade-nid.com; secure; httponly; samesite=none
date: Fri, 03 Feb 2023 10:18:10 GMT
x-frame-options: SAMEORIGIN
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
api.olymptrade-nid.com/v7/platform/values
185.104.210.32200 OK 359 B URL HTTP/1.1 api.olymptrade-nid.com/v7/platform/values
IP 185.104.210.32:0
ASN #200449 Qrator Labs CZ s.r.o.
File type JSON data\012- , ASCII text, with very long lines (723), with no line terminators
Hash e638c3a97434704a78ca141dfbcb16e3
d98b96c4458a8e5ba6f5f75c901a51ec50a340a4
9eb84e04f3db59de53ebb991981f2ef5d7e00b65ab371ed336b5cafdd9bbc32f
POST /v7/platform/values HTTP/1.1
Host: api.olymptrade-nid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://official.olymptrade-idlands.com/
X-Request-Project: otp
X-Request-Type: Api-Request
X-Requested-With: XMLHttpRequest
Content-Type: text/plain;charset=UTF-8
Origin: https://official.olymptrade-idlands.com
Content-Length: 44
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx
content-type: application/json
transfer-encoding: chunked
access-control-allow-origin: https://official.olymptrade-idlands.com
access-control-allow-credentials: true
cache-control: no-cache
x-app-trace-id: 80f1d701-cdf9-9911-138c-11168ab7e4f6
set-cookie: guest_id=1000709834893030219705715326358021675419490325126872053660689775; expires=Mon, 31-Jan-2033 10:18:10 GMT; path=/; domain=.olymptrade-nid.com; secure; httponly; samesite=none
date: Fri, 03 Feb 2023 10:18:10 GMT
x-frame-options: SAMEORIGIN
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 636897389814ca4d23aa4009b8fb1458
14394dbd8f0e226b71e1bd35c6da2278828feae4
85bcc6e816cf5ea2028e9dc4862f3de068d0606949b3fef3fcc5b32fab37ad86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 636897389814ca4d23aa4009b8fb1458
14394dbd8f0e226b71e1bd35c6da2278828feae4
85bcc6e816cf5ea2028e9dc4862f3de068d0606949b3fef3fcc5b32fab37ad86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
10411795.fls.doubleclick.net/activityi;src=10411795;type=gtmwg0;cat=gtm_w007;ord=1132573569174;gtm=45He3210;gclaw=wjuaf7uo0hrdj2cmi38nmbf2;auiddc=369470143.1675419521;u26=;u27=b382524097299.1675419520188;~oref=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2?
142.250.74.134200 OK 437 B URL HTTP/2 10411795.fls.doubleclick.net/activityi;src=10411795;type=gtmwg0;cat=gtm_w007;ord=1132573569174;gtm=45He3210;gclaw=wjuaf7uo0hrdj2cmi38nmbf2;auiddc=369470143.1675419521;u26=;u27=b382524097299.1675419520188;~oref=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2?
IP 142.250.74.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (919), with no line terminators
Hash f25c63980e71c5191b1e2ea4296cddc9
f838f15d85e1b35779ea6316e636a35101cde7b2
445f8dcbcc67b7be6a751b4dd3af3c58cd5d8ce8bc1b4a3f8ffe7116aa7e0124
GET /activityi;src=10411795;type=gtmwg0;cat=gtm_w007;ord=1132573569174;gtm=45He3210;gclaw=wjuaf7uo0hrdj2cmi38nmbf2;auiddc=369470143.1675419521;u26=;u27=b382524097299.1675419520188;~oref=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2? HTTP/1.1
Host: 10411795.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:18:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 437
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 10:33:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 03 Feb 2023 09:45:20 GMT
expires: Fri, 03 Feb 2023 11:45:20 GMT
cache-control: public, max-age=7200
age: 1970
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 4cf0ccf2909be74efd7a89dbe4228ffb
b4993da334b48312584d116a3de4be4cd71962cf
e81c8aa45d0707079d9eba798fb447059042453be4834d14467839688ca66f5d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
10411795.fls.doubleclick.net/activityi;src=10411795;type=gtmwg0;cat=gtm_w00;ord=8307105592456;gtm=45He3210;gclaw=wjuaf7uo0hrdj2cmi38nmbf2;auiddc=369470143.1675419521;u27=b382524097299.1675419520188;u26=;~oref=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2?
142.250.74.134200 OK 436 B URL HTTP/2 10411795.fls.doubleclick.net/activityi;src=10411795;type=gtmwg0;cat=gtm_w00;ord=8307105592456;gtm=45He3210;gclaw=wjuaf7uo0hrdj2cmi38nmbf2;auiddc=369470143.1675419521;u27=b382524097299.1675419520188;u26=;~oref=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2?
IP 142.250.74.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (918), with no line terminators
Hash bcb89fe5b81eb121223dcdb4096976b0
2737421b41e63f5821017afa32cf1bc9b172ab25
b42ac054e88c3ffcc168464e80bff3f4e2577f191e21d83ed48c329b95464bc3
GET /activityi;src=10411795;type=gtmwg0;cat=gtm_w00;ord=8307105592456;gtm=45He3210;gclaw=wjuaf7uo0hrdj2cmi38nmbf2;auiddc=369470143.1675419521;u27=b382524097299.1675419520188;u26=;~oref=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2? HTTP/1.1
Host: 10411795.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:18:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 436
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 10:33:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect
142.250.74.46200 OK 35 B URL HTTP/2 www.google-analytics.com/collect
IP 142.250.74.46:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Fri, 03 Feb 2023 09:45:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
age: 1957
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5203
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:10 GMT
Last-Modified: Fri, 03 Feb 2023 08:51:27 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www.google.com/pagead/1p-conversion/852038782/?random=1675419520631&cv=11&fst=1675419520631&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&label=vo1fCPOBhdQBEP6opJYD&hn=www.google.com&frm=0&url=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&value=0&bttype=purchase&gclaw=wjuaf7uo0hrdj2cmi38nmbf2&auid=369470143.1675419521&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
216.58.207.228302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/852038782/?random=1675419520631&cv=11&fst=1675419520631&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&label=vo1fCPOBhdQBEP6opJYD&hn=www.google.com&frm=0&url=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&value=0&bttype=purchase&gclaw=wjuaf7uo0hrdj2cmi38nmbf2&auid=369470143.1675419521&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 216.58.207.228:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/852038782/?random=1675419520631&cv=11&fst=1675419520631&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&label=vo1fCPOBhdQBEP6opJYD&hn=www.google.com&frm=0&url=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&value=0&bttype=purchase&gclaw=wjuaf7uo0hrdj2cmi38nmbf2&auid=369470143.1675419521&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:18:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/852038782/?random=1675419520631&cv=11&fst=1675419520631&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&label=vo1fCPOBhdQBEP6opJYD&hn=www.google.com&frm=0&url=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&value=0&bttype=purchase&gclaw=wjuaf7uo0hrdj2cmi38nmbf2&auid=369470143.1675419521&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/852038782/?random=1675419520628&cv=11&fst=1675419520628&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&auid=369470143.1675419521&rfmt=3&fmt=4
142.250.74.162200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/852038782/?random=1675419520628&cv=11&fst=1675419520628&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&auid=369470143.1675419521&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2517), with no line terminators
Hash 7e8ba4f6e7a5627c9b34859e1698d1c4
639edc779816866f281fc9a3785f6134269e26e6
a030b1f19d41dbd70064ac92ab71d8538292f6ab1d265f58dd411fbb44e2a898
GET /pagead/viewthroughconversion/852038782/?random=1675419520628&cv=11&fst=1675419520628&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&auid=369470143.1675419521&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:18:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1003
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 10:33:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/852038782/?random=1675419520631&cv=11&fst=1675419520631&fmt=3&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&label=vo1fCPOBhdQBEP6opJYD&hn=www.google.com&frm=0&url=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&value=0&bttype=purchase&gclaw=wjuaf7uo0hrdj2cmi38nmbf2&auid=369470143.1675419521&gcp=1&ct_cookie_present=1
142.250.74.162200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/852038782/?random=1675419520631&cv=11&fst=1675419520631&fmt=3&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&label=vo1fCPOBhdQBEP6opJYD&hn=www.google.com&frm=0&url=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&value=0&bttype=purchase&gclaw=wjuaf7uo0hrdj2cmi38nmbf2&auid=369470143.1675419521&gcp=1&ct_cookie_present=1
IP 142.250.74.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/852038782/?random=1675419520631&cv=11&fst=1675419520631&fmt=3&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&label=vo1fCPOBhdQBEP6opJYD&hn=www.google.com&frm=0&url=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&value=0&bttype=purchase&gclaw=wjuaf7uo0hrdj2cmi38nmbf2&auid=369470143.1675419521&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:18:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 10:33:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 636897389814ca4d23aa4009b8fb1458
14394dbd8f0e226b71e1bd35c6da2278828feae4
85bcc6e816cf5ea2028e9dc4862f3de068d0606949b3fef3fcc5b32fab37ad86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
157.240.205.11200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 7h9YjDa7c4CHswUTuLj1/Yntg7cC4Ms/85y3ZySm2430s1KPsEVdqFOHQDeqAmTFv+rPeZ1WhxzRhDLBQDuF4Q==
content-length: 27843
x-fb-trip-id: 1679558926
date: Fri, 03 Feb 2023 10:18:10 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5744
Expires: Fri, 03 Feb 2023 11:53:54 GMT
Date: Fri, 03 Feb 2023 10:18:10 GMT
Connection: keep-alive
www.google.com/pagead/1p-user-list/852038782/?random=1675419520628&cv=11&fst=1675418400000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&fmt=3&is_vtc=1&random=325074019&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/852038782/?random=1675419520628&cv=11&fst=1675418400000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&fmt=3&is_vtc=1&random=325074019&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/852038782/?random=1675419520628&cv=11&fst=1675418400000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&fmt=3&is_vtc=1&random=325074019&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:18:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/common/favicons/favicon-16x16.png
54.230.111.120200 OK 306 B URL HTTP/2 official.olymptrade-idlands.com/lands/common/favicons/favicon-16x16.png
IP 54.230.111.120:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 94529ea680e49f2a6babf4947c585eb8
c74ff5aa9ea96c799e6f700492bf3cb4cfc79ef3
5505dcea9f10c799d139bbaa787f1a731b06a05df4996375235918063b7f25af
GET /lands/common/favicons/favicon-16x16.png HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Cookie: _ga=GA1.2.b382524097299.1675419520188; _gcl_aw=GCL.1675419521.wjuaf7uo0hrdj2cmi38nmbf2; _gcl_au=1.1.369470143.1675419521; 500_hits_counter=1; last_hit_timestamp=1675419520671
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 306
date: Fri, 03 Feb 2023 10:18:11 GMT
last-modified: Mon, 08 Aug 2022 15:22:01 GMT
etag: "94529ea680e49f2a6babf4947c585eb8"
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rE7iF94il-dLfqxA4AB9bEmk4izjlXPNd9FXD73GGcMzIkajJE1r_w==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2bef39ac599211fe23ad884ceacf1c9b
c19b32a600412658c49a3e55d5d8353a5101c31d
0ff4181df99351d3aa3490540d2f19474531fb07e13ee457b9339efab1a47ad9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff49ad64-ed0c-4270-8972-02b93a55c3b8.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff49ad64-ed0c-4270-8972-02b93a55c3b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b67f1de5050f7e32226bb0b279e5f450
058dc594601de546ae391ffa47269b404fee0f02
268b5f2557e4f171f33641cc7923d6cd786cba6e056f6656c82113b49b70a3df
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff49ad64-ed0c-4270-8972-02b93a55c3b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12514
x-amzn-requestid: e5e536fd-15ec-4a9f-a678-c24e6202d0f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_y3HRSoAMFxUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379ab-5137ec566a8ccb4a3628e17a;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:13:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KvaWZ_Re1oRbOGg3MDxp5BKPCMAzYqCfVo4n3rf67ppjVO9Pmey4wg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:56:23 GMT
age: 44507
etag: "058dc594601de546ae391ffa47269b404fee0f02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5744
Expires: Fri, 03 Feb 2023 11:53:54 GMT
Date: Fri, 03 Feb 2023 10:18:10 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XTZJAn0LMAfFtaQ2bN8z58cCsUT5GzxDMnHVB_iw9E_NskHQ-BgbRQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:19:26 GMT
age: 84437
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SN8XZNJ2M7&cid=b382524097299.1675419520188>m=45je3210&aip=1&z=1901862506
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SN8XZNJ2M7&cid=b382524097299.1675419520188>m=45je3210&aip=1&z=1901862506
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SN8XZNJ2M7&cid=b382524097299.1675419520188>m=45je3210&aip=1&z=1901862506 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:18:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5203
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:10 GMT
Last-Modified: Fri, 03 Feb 2023 08:51:27 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02123eef9faa8560ff66b058d4e13a28
decf26282993d7f0b14cf4112d14fa39c97fa89f
28889ff20f1b2fe0b73f8f97e6569f1d68d77fe436eeb47cc06ee4f0822ff239
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9130
x-amzn-requestid: 09ad3fbb-1e71-4455-82df-6e59f65239a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuxiYEkqIAMFVZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2fa8-1dca116e4317f9bd14f6d45a;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:48:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _Bc2svrG-wX63DK9RPUyjh-n6AHVHaQe3QRmEL27L-amwCH2I_f_9g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:38 GMT
age: 44432
etag: "decf26282993d7f0b14cf4112d14fa39c97fa89f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:49 GMT
age: 44421
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 45009
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5314f1087266189144982b464f4aa7a6
438b5a17b9060f6825331348aa3797ab1c15895d
fb7d5ec834d28c99f6430703c002c24a9caf50b7701a369cbd69e51576f1e73c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5898
x-amzn-requestid: 50d6181d-6804-48ab-bc38-9fcaf4da1bc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fZALWF5IIAMFv5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d37a48-2e2e53124ce2f9eb31290ec4;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:16:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9Jus6UYlOGiDdqLBxJ387FMtEAST6THfW-oz6gjgFzKzchCdwUCcvQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 04:09:26 GMT
age: 22124
etag: "438b5a17b9060f6825331348aa3797ab1c15895d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
official.olymptrade-idlands.com/lands/common/favicons/android-chrome-192x192.png
54.230.111.120200 OK 1.9 kB URL HTTP/2 official.olymptrade-idlands.com/lands/common/favicons/android-chrome-192x192.png
IP 54.230.111.120:0
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash 3bcad0571c974ec9aadd7e7e1736d90d
4a13565efd8974b0151c2460409db9bbbd570be5
b822e0296010ae68e7e5943f2790ee909d82d79c6f3717fc71f6429337dee041
GET /lands/common/favicons/android-chrome-192x192.png HTTP/1.1
Host: official.olymptrade-idlands.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/lands/LPL64-01-01id/index.html?ref=_desk&utm_medium=&utm_source=propeller_ads&utm_campaign=&utm_content=&utm_term=&eid=wjuaf7uo0hrdj2cmi38nmbf2&subid2=wjuaf7uo0hrdj2cmi38nmbf2&lead_param=postback_subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2&pid=propeller_ads&c=&af_c_id=&af_sub4=wjuaf7uo0hrdj2cmi38nmbf2&gclid=wjuaf7uo0hrdj2cmi38nmbf2
Cookie: _ga=GA1.2.b382524097299.1675419520188; _gcl_aw=GCL.1675419521.wjuaf7uo0hrdj2cmi38nmbf2; _gcl_au=1.1.369470143.1675419521; 500_hits_counter=1; last_hit_timestamp=1675419520671
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1860
last-modified: Mon, 08 Aug 2022 15:22:01 GMT
server: AmazonS3
date: Fri, 03 Feb 2023 10:18:11 GMT
etag: "3bcad0571c974ec9aadd7e7e1736d90d"
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 453GFw_4UXnsMWESPqhMhK54FkHoNoP83QoG613uMbxLiRuPmvvFuQ==
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-54693962-1&cid=b382524097299.1675419520188&jid=1499075019&gjid=1782789990&_gid=2072218471.1675419521&_u=YCDAgEABAAAAgEAEK~&z=802170536
64.233.164.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-54693962-1&cid=b382524097299.1675419520188&jid=1499075019&gjid=1782789990&_gid=2072218471.1675419521&_u=YCDAgEABAAAAgEAEK~&z=802170536
IP 64.233.164.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-54693962-1&cid=b382524097299.1675419520188&jid=1499075019&gjid=1782789990&_gid=2072218471.1675419521&_u=YCDAgEABAAAAgEAEK~&z=802170536 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://official.olymptrade-idlands.com
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://official.olymptrade-idlands.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 03 Feb 2023 10:18:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/852038782/?random=1675419520631&cv=11&fst=1675419520631&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&label=vo1fCPOBhdQBEP6opJYD&hn=www.google.com&frm=0&url=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&value=0&bttype=purchase&gclaw=wjuaf7uo0hrdj2cmi38nmbf2&auid=369470143.1675419521&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.67200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/852038782/?random=1675419520631&cv=11&fst=1675419520631&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&label=vo1fCPOBhdQBEP6opJYD&hn=www.google.com&frm=0&url=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&value=0&bttype=purchase&gclaw=wjuaf7uo0hrdj2cmi38nmbf2&auid=369470143.1675419521&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.67:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/852038782/?random=1675419520631&cv=11&fst=1675419520631&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&label=vo1fCPOBhdQBEP6opJYD&hn=www.google.com&frm=0&url=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&value=0&bttype=purchase&gclaw=wjuaf7uo0hrdj2cmi38nmbf2&auid=369470143.1675419521&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://official.olymptrade-idlands.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:18:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=10411795;type=gtmwg0;cat=gtm_w00;ord=8307105592456;gtm=45He3210;gclaw=wjuaf7uo0hrdj2cmi38nmbf2;auiddc=369470143.1675419521;u27=b382524097299.1675419520188;u26=;~oref=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2
142.250.74.98200 OK 438 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=10411795;type=gtmwg0;cat=gtm_w00;ord=8307105592456;gtm=45He3210;gclaw=wjuaf7uo0hrdj2cmi38nmbf2;auiddc=369470143.1675419521;u27=b382524097299.1675419520188;u26=;~oref=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (917), with no line terminators
Hash d7788c8c4405381a37513cc6a8c5a629
ac1cf8d1d6e87598ed9a85dfd413899f96e5effb
9b692f747f2468756b722ab9e2b41feece4745f788753a6f09397bf35f37085e
GET /ddm/fls/i/src=10411795;type=gtmwg0;cat=gtm_w00;ord=8307105592456;gtm=45He3210;gclaw=wjuaf7uo0hrdj2cmi38nmbf2;auiddc=369470143.1675419521;u27=b382524097299.1675419520188;u26=;~oref=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10411795.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:18:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 438
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/852038782/?random=1675419520628&cv=11&fst=1675418400000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&fmt=3&is_vtc=1&random=325074019&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/852038782/?random=1675419520628&cv=11&fst=1675418400000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&fmt=3&is_vtc=1&random=325074019&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/852038782/?random=1675419520628&cv=11&fst=1675418400000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&fmt=3&is_vtc=1&random=325074019&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:18:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=10411795;type=gtmwg0;cat=gtm_w007;ord=1132573569174;gtm=45He3210;gclaw=wjuaf7uo0hrdj2cmi38nmbf2;auiddc=369470143.1675419521;u26=;u27=b382524097299.1675419520188;~oref=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2
142.250.74.98200 OK 443 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=10411795;type=gtmwg0;cat=gtm_w007;ord=1132573569174;gtm=45He3210;gclaw=wjuaf7uo0hrdj2cmi38nmbf2;auiddc=369470143.1675419521;u26=;u27=b382524097299.1675419520188;~oref=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (918), with no line terminators
Hash 857a489e8d512042ba77461c0a6fa2ab
b7936547226273a0c7222199e93ef990fab68bb1
fc5e43466c971188c0722ab7c8682eb623bc26548e6a04322a3ae8a326040d0a
GET /ddm/fls/i/src=10411795;type=gtmwg0;cat=gtm_w007;ord=1132573569174;gtm=45He3210;gclaw=wjuaf7uo0hrdj2cmi38nmbf2;auiddc=369470143.1675419521;u26=;u27=b382524097299.1675419520188;~oref=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10411795.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:18:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 443
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2bef39ac599211fe23ad884ceacf1c9b
c19b32a600412658c49a3e55d5d8353a5101c31d
0ff4181df99351d3aa3490540d2f19474531fb07e13ee457b9339efab1a47ad9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=10411795;type=gtmwg0;cat=gtm_w00;ord=8307105592456;gtm=45He3210;gclaw=wjuaf7uo0hrdj2cmi38nmbf2;auiddc=369470143.1675419521;u27=b382524097299.1675419520188;u26=;~oref=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2
172.217.21.162302 Found 0 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=10411795;type=gtmwg0;cat=gtm_w00;ord=8307105592456;gtm=45He3210;gclaw=wjuaf7uo0hrdj2cmi38nmbf2;auiddc=369470143.1675419521;u27=b382524097299.1675419520188;u26=;~oref=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/i/src=10411795;type=gtmwg0;cat=gtm_w00;ord=8307105592456;gtm=45He3210;gclaw=wjuaf7uo0hrdj2cmi38nmbf2;auiddc=369470143.1675419521;u27=b382524097299.1675419520188;u26=;~oref=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:18:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://10411795.fls.doubleclick.net/ddm/fls/r/src=10411795;type=gtmwg0;cat=gtm_w00;ord=8307105592456;gtm=45He3210;gclaw=wjuaf7uo0hrdj2cmi38nmbf2;auiddc=369470143.1675419521;u27=b382524097299.1675419520188;u26=;~oref=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=10411795;type=gtmwg0;cat=gtm_w007;ord=1132573569174;gtm=45He3210;gclaw=wjuaf7uo0hrdj2cmi38nmbf2;auiddc=369470143.1675419521;u26=;u27=b382524097299.1675419520188;~oref=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2
172.217.21.162302 Found 0 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=10411795;type=gtmwg0;cat=gtm_w007;ord=1132573569174;gtm=45He3210;gclaw=wjuaf7uo0hrdj2cmi38nmbf2;auiddc=369470143.1675419521;u26=;u27=b382524097299.1675419520188;~oref=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/i/src=10411795;type=gtmwg0;cat=gtm_w007;ord=1132573569174;gtm=45He3210;gclaw=wjuaf7uo0hrdj2cmi38nmbf2;auiddc=369470143.1675419521;u26=;u27=b382524097299.1675419520188;~oref=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:18:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://10411795.fls.doubleclick.net/ddm/fls/r/src=10411795;type=gtmwg0;cat=gtm_w007;ord=1132573569174;gtm=45He3210;gclaw=wjuaf7uo0hrdj2cmi38nmbf2;auiddc=369470143.1675419521;u26=;u27=b382524097299.1675419520188;~oref=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 97cfde3a30125ed07f6da6d17a2526d1
48b9f38c283c632feb7ced6653f2575e54d0ddec
57e4547b3c87d265cd2bad9caf44f0d3879b40c95920032919a7fdf4391227a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 97cfde3a30125ed07f6da6d17a2526d1
48b9f38c283c632feb7ced6653f2575e54d0ddec
57e4547b3c87d265cd2bad9caf44f0d3879b40c95920032919a7fdf4391227a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion.js
142.250.74.66200 OK 17 kB URL HTTP/2 www.googleadservices.com/pagead/conversion.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (2772)
Hash 671f762c05b34ce8c33acb0f5cc14533
c3ddbfedc40bfb4b1cb4957aee8c287b4f8a2ccb
b21debe44bbe7a05d91851626ce5db58232d817aa2974f826d387da6e4b75618
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10411795.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 03 Feb 2023 10:18:10 GMT
expires: Fri, 03 Feb 2023 10:18:10 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 6388606791587927312
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 16813
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ead5df3e30e38bb1a739ababb3292302
b5986cff7222999bf19e360ced4a445a2202c82c
768a8260af372a1ca06f826c3a3f84b6bc4523130134b32998baf75b64d7de4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion/527240054/?random=1675419521342&cv=9&fst=1675419521342&num=1&npa=1&label=JAkuCP7OruoBEPaWtPsB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&gclaw=wjuaf7uo0hrdj2cmi38nmbf2&frm=2&url=https%3A%2F%2F10411795.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D10411795%3Btype%3Dgtmwg0%3Bcat%3Dgtm_w00%3Bord%3D8307105592456%3Bgtm%3D45He3210%3Bgclaw%3Dwjuaf7uo0hrdj2cmi38nmbf2%3Bauiddc%3D369470143.1675419521%3Bu27%3Db382524097299.1675419520188%3Bu26%3D%3B~oref%3Dhttps%253A%252F%252Fofficial.olymptrade-idlands.com%252Flands%252FLPL64-01-01id%252Findex.html%253Fref%253D_desk%2526utm_medium%253D%2526utm_source%253Dpropeller_ads%2526utm_campaign%253D%2526utm_content%253D%2526utm_term%253D%2526eid%253Dwjuaf7uo0hrdj2cmi38nmbf2%2526subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%2526lead_param%253Dpostback_subid2%25253D&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
142.250.74.66200 OK 1.3 kB URL HTTP/2 www.googleadservices.com/pagead/conversion/527240054/?random=1675419521342&cv=9&fst=1675419521342&num=1&npa=1&label=JAkuCP7OruoBEPaWtPsB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&gclaw=wjuaf7uo0hrdj2cmi38nmbf2&frm=2&url=https%3A%2F%2F10411795.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D10411795%3Btype%3Dgtmwg0%3Bcat%3Dgtm_w00%3Bord%3D8307105592456%3Bgtm%3D45He3210%3Bgclaw%3Dwjuaf7uo0hrdj2cmi38nmbf2%3Bauiddc%3D369470143.1675419521%3Bu27%3Db382524097299.1675419520188%3Bu26%3D%3B~oref%3Dhttps%253A%252F%252Fofficial.olymptrade-idlands.com%252Flands%252FLPL64-01-01id%252Findex.html%253Fref%253D_desk%2526utm_medium%253D%2526utm_source%253Dpropeller_ads%2526utm_campaign%253D%2526utm_content%253D%2526utm_term%253D%2526eid%253Dwjuaf7uo0hrdj2cmi38nmbf2%2526subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%2526lead_param%253Dpostback_subid2%25253D&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (2392), with no line terminators
Hash a4338d9118d56fdedd90c20e5b5f47b5
b1d199c60e48542ada5e432df8bfb11c52b0a287
bf92533c71b0fbf03a2c90d4c1c506cb27a33f7acd42b2c6da9c75cd1bb0e39d
GET /pagead/conversion/527240054/?random=1675419521342&cv=9&fst=1675419521342&num=1&npa=1&label=JAkuCP7OruoBEPaWtPsB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&gclaw=wjuaf7uo0hrdj2cmi38nmbf2&frm=2&url=https%3A%2F%2F10411795.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D10411795%3Btype%3Dgtmwg0%3Bcat%3Dgtm_w00%3Bord%3D8307105592456%3Bgtm%3D45He3210%3Bgclaw%3Dwjuaf7uo0hrdj2cmi38nmbf2%3Bauiddc%3D369470143.1675419521%3Bu27%3Db382524097299.1675419520188%3Bu26%3D%3B~oref%3Dhttps%253A%252F%252Fofficial.olymptrade-idlands.com%252Flands%252FLPL64-01-01id%252Findex.html%253Fref%253D_desk%2526utm_medium%253D%2526utm_source%253Dpropeller_ads%2526utm_campaign%253D%2526utm_content%253D%2526utm_term%253D%2526eid%253Dwjuaf7uo0hrdj2cmi38nmbf2%2526subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%2526lead_param%253Dpostback_subid2%25253D&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10411795.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:18:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1321
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion/527240054/?random=1675419521351&cv=9&fst=1675419521351&num=1&npa=1&label=_jnUCP3_9uoCEPaWtPsB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&gclaw=wjuaf7uo0hrdj2cmi38nmbf2&frm=2&url=https%3A%2F%2F10411795.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D10411795%3Btype%3Dgtmwg0%3Bcat%3Dgtm_w007%3Bord%3D1132573569174%3Bgtm%3D45He3210%3Bgclaw%3Dwjuaf7uo0hrdj2cmi38nmbf2%3Bauiddc%3D369470143.1675419521%3Bu26%3D%3Bu27%3Db382524097299.1675419520188%3B~oref%3Dhttps%253A%252F%252Fofficial.olymptrade-idlands.com%252Flands%252FLPL64-01-01id%252Findex.html%253Fref%253D_desk%2526utm_medium%253D%2526utm_source%253Dpropeller_ads%2526utm_campaign%253D%2526utm_content%253D%2526utm_term%253D%2526eid%253Dwjuaf7uo0hrdj2cmi38nmbf2%2526subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%2526lead_param%253Dpostback_subid2%25253&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
142.250.74.66200 OK 1.3 kB URL HTTP/2 www.googleadservices.com/pagead/conversion/527240054/?random=1675419521351&cv=9&fst=1675419521351&num=1&npa=1&label=_jnUCP3_9uoCEPaWtPsB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&gclaw=wjuaf7uo0hrdj2cmi38nmbf2&frm=2&url=https%3A%2F%2F10411795.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D10411795%3Btype%3Dgtmwg0%3Bcat%3Dgtm_w007%3Bord%3D1132573569174%3Bgtm%3D45He3210%3Bgclaw%3Dwjuaf7uo0hrdj2cmi38nmbf2%3Bauiddc%3D369470143.1675419521%3Bu26%3D%3Bu27%3Db382524097299.1675419520188%3B~oref%3Dhttps%253A%252F%252Fofficial.olymptrade-idlands.com%252Flands%252FLPL64-01-01id%252Findex.html%253Fref%253D_desk%2526utm_medium%253D%2526utm_source%253Dpropeller_ads%2526utm_campaign%253D%2526utm_content%253D%2526utm_term%253D%2526eid%253Dwjuaf7uo0hrdj2cmi38nmbf2%2526subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%2526lead_param%253Dpostback_subid2%25253&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (2388), with no line terminators
Hash 83172e14c89c2ca259f4fabf41f17c3b
1135f47e886b06f36462b747c8860a84044b1a71
786964821869d00612f39bbc983184231f5f8a41ecab75297084beddb9efd6b1
GET /pagead/conversion/527240054/?random=1675419521351&cv=9&fst=1675419521351&num=1&npa=1&label=_jnUCP3_9uoCEPaWtPsB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&gclaw=wjuaf7uo0hrdj2cmi38nmbf2&frm=2&url=https%3A%2F%2F10411795.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D10411795%3Btype%3Dgtmwg0%3Bcat%3Dgtm_w007%3Bord%3D1132573569174%3Bgtm%3D45He3210%3Bgclaw%3Dwjuaf7uo0hrdj2cmi38nmbf2%3Bauiddc%3D369470143.1675419521%3Bu26%3D%3Bu27%3Db382524097299.1675419520188%3B~oref%3Dhttps%253A%252F%252Fofficial.olymptrade-idlands.com%252Flands%252FLPL64-01-01id%252Findex.html%253Fref%253D_desk%2526utm_medium%253D%2526utm_source%253Dpropeller_ads%2526utm_campaign%253D%2526utm_content%253D%2526utm_term%253D%2526eid%253Dwjuaf7uo0hrdj2cmi38nmbf2%2526subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%2526lead_param%253Dpostback_subid2%25253&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10411795.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:18:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-SN8XZNJ2M7>m=45je3210&_p=1931442446&_gaz=1&cid=b382524097299.1675419520188&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675419520&sct=1&seg=0&dl=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&dt=&en=page_view&_fv=1&_ss=2
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-SN8XZNJ2M7>m=45je3210&_p=1931442446&_gaz=1&cid=b382524097299.1675419520188&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675419520&sct=1&seg=0&dl=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&dt=&en=page_view&_fv=1&_ss=2
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-SN8XZNJ2M7>m=45je3210&_p=1931442446&_gaz=1&cid=b382524097299.1675419520188&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675419520&sct=1&seg=0&dl=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&dt=&en=page_view&_fv=1&_ss=2 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://official.olymptrade-idlands.com
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://official.olymptrade-idlands.com
date: Fri, 03 Feb 2023 10:18:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=2234327463447944&ev=PageView&dl=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&rl=&if=false&ts=1675419521447&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1675419521446.803817476&it=1675419520970&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=2234327463447944&ev=PageView&dl=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&rl=&if=false&ts=1675419521447&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1675419521446.803817476&it=1675419520970&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=2234327463447944&ev=PageView&dl=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&rl=&if=false&ts=1675419521447&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1675419521446.803817476&it=1675419520970&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 03 Feb 2023 10:18:11 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 70a42f64f3b9299bc5e8fc0ddee15848
05c709fdd596584a88a0ffdfe0329e8b805b51eb
cf18bec8e3f0325ceb6cc349a4845616fb95c966699c70bab713aa82314b527c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF18BEC8E3F0325CEB6CC349A4845616FB95C966699C70BAB713AA82314B527C"
Last-Modified: Wed, 01 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13034
Expires: Fri, 03 Feb 2023 13:55:25 GMT
Date: Fri, 03 Feb 2023 10:18:11 GMT
Connection: keep-alive
greatfe.tech/pxl?v=1&t=event&tid=UA-54693962-1&cid=b382524097299.1675419520188&uid=undefined&ec=lp_events&ea=userLoginChecked&el=land%2Factive_true>mcb=126317637
3.70.130.102200 OK 0 B URL HTTP/1.1 greatfe.tech/pxl?v=1&t=event&tid=UA-54693962-1&cid=b382524097299.1675419520188&uid=undefined&ec=lp_events&ea=userLoginChecked&el=land%2Factive_true>mcb=126317637
IP 3.70.130.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pxl?v=1&t=event&tid=UA-54693962-1&cid=b382524097299.1675419520188&uid=undefined&ec=lp_events&ea=userLoginChecked&el=land%2Factive_true>mcb=126317637 HTTP/1.1
Host: greatfe.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 10:18:11 GMT
Content-Length: 0
Connection: keep-alive
sc-static.net/scevent.min.js
54.230.82.240200 OK 13 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (30923), with no line terminators
Hash 957d65dfa972893511879b4d2abce54b
a0106f59c171c72c527a88cc3b06263af186a5c4
24cae1a14856e2642826fe9d960b0e61ae60fa45a778ec61f2b7d862dc3af603
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 13270
server: CloudFront
date: Fri, 03 Feb 2023 10:18:11 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Sat, 04 Feb 2023 08:18:24 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dSSQdJyJnkOV0Xvjh4UJcJLRq2meuBbsgq-cYjA6WslVRX2oMnGRVQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/xbW2In3LuUA
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/xbW2In3LuUA
IP 142.250.74.131:0
Hash af5490d2d719978c3138ede5be7f022d
91739f89592de55c7dc36b41f9a336fd88b7991c
b85826182eb4a1317e65745f28f05ccae82649b3a7df2739deccda80ec2f56b2
POST /s/gts1d4/xbW2In3LuUA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.eu1.exponea.com/js/exponea.min.js
35.241.13.32200 OK 96 kB URL HTTP/2 api.eu1.exponea.com/js/exponea.min.js
IP 35.241.13.32:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 6d5833bbc19ee268783da4e451284aa8
537227239631f77dc07483c67a786f14d93971ae
26e91b3f8af9d04cf168f6611224c60596714d78d19d540f82a8ee2724332ac7
GET /js/exponea.min.js HTTP/1.1
Host: api.eu1.exponea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 10:18:11 GMT
content-type: application/javascript
content-length: 95588
last-modified: Thu, 12 Jan 2023 11:53:40 GMT
etag: "63bff4c4-17564"
content-encoding: gzip
expires: Fri, 03 Feb 2023 11:18:11 GMT
cache-control: max-age=3600
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/xbW2In3LuUA
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/xbW2In3LuUA
IP 142.250.74.131:0
Hash af5490d2d719978c3138ede5be7f022d
91739f89592de55c7dc36b41f9a336fd88b7991c
b85826182eb4a1317e65745f28f05ccae82649b3a7df2739deccda80ec2f56b2
POST /s/gts1d4/xbW2In3LuUA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAAANOBC77U1BL87MPLG&lib=ttq
95.101.10.128200 OK 1.1 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAAANOBC77U1BL87MPLG&lib=ttq
IP 95.101.10.128:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2295)
Hash c55fc9d61b022668bfd500ce2076300f
74c747426ff7a7014fe824af4a14300aa007d425
7f524eec03b42b8cde2c6be5f0faa6f22b729e88278bfd69f914dec9e4ee6c05
GET /i18n/pixel/events.js?sdkid=CAAANOBC77U1BL87MPLG&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20230203101811BD4801069AA8B06CB9B0
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb6836556300a6b359d0578e27e900df4ec0a1fce34e16bebcadbd921ed3bc03655992cd3e091410c2237946e4ab55040626c3aa841f775f0e66506c7590baa32d7be4b9a987f5d00d2bd06d7c79f3ce4f67dae9527f18bef4af638bd8308bbaa9a
content-encoding: gzip
content-length: 1130
x-origin-response-time: 7,104.96.220.52
x-akamai-request-id: c533e14.49069744
expires: Fri, 03 Feb 2023 10:18:11 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 03 Feb 2023 10:18:11 GMT
x-cache: TCP_MISS from a95-101-10-124.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2LDxXBjyHwuWOQ9SIrSWuJINlK9; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a104-96-220-52.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=7, inner; dur=3
x-parent-response-time: 98,95.101.10.124
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3dc6e258fc83d07cbca03d0774670dc0
e800ba5425f2c48b4d17aa2e51ffd1d92509114e
e775242d430166a832ee4c4f85e96345e24ecaf099dd5dae836ec4ca423fe266
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2229
Cache-Control: max-age=162489
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:11 GMT
Etag: "63dcae67-1d7"
Expires: Sun, 05 Feb 2023 07:26:20 GMT
Last-Modified: Fri, 03 Feb 2023 06:49:11 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3dc6e258fc83d07cbca03d0774670dc0
e800ba5425f2c48b4d17aa2e51ffd1d92509114e
e775242d430166a832ee4c4f85e96345e24ecaf099dd5dae836ec4ca423fe266
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2229
Cache-Control: max-age=162489
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:11 GMT
Etag: "63dcae67-1d7"
Expires: Sun, 05 Feb 2023 07:26:20 GMT
Last-Modified: Fri, 03 Feb 2023 06:49:11 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMA.js
95.101.10.128200 OK 68 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMA.js
IP 95.101.10.128:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21891)
Hash 0124d7d5e989c270f40d9802f0732fd8
1e6e3eda854acb2f92faad41cc39ed1b1baff7d8
828d1a595277d3b5aa0c72690a79a46306468f88ed16054e59e721dfde2253a6
GET /i18n/pixel/static/main.MWE2YWY2YTgzMA.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Cookie: _ttp=2LDxXBjyHwuWOQ9SIrSWuJINlK9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 202301121758356AC605B348667A840430
x-tt-trace-host: 01814bbe4def86411beeb30373d8a0a1078f6d8d03190a3ce90a20922b9aace6a6925fe29dc6bed8d3832c2d873443cc0251bca2c5a97bb333427eee117429af43184bae223d82a747b6fe9ca6f355277d642babeee153884a939461620437b9bc
content-encoding: gzip
content-length: 68082
date: Fri, 03 Feb 2023 10:18:11 GMT
x-cache: TCP_HIT from a95-101-10-124.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
x-akamai-request-id: 490697ca
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3dc6e258fc83d07cbca03d0774670dc0
e800ba5425f2c48b4d17aa2e51ffd1d92509114e
e775242d430166a832ee4c4f85e96345e24ecaf099dd5dae836ec4ca423fe266
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2229
Cache-Control: max-age=162489
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:11 GMT
Etag: "63dcae67-1d7"
Expires: Sun, 05 Feb 2023 07:26:20 GMT
Last-Modified: Fri, 03 Feb 2023 06:49:11 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
tr.snapchat.com/p
35.190.43.134200 OK 68 B IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
POST /p HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 785
Origin: https://official.olymptrade-idlands.com
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:18:11 GMT
access-control-allow-origin: https://official.olymptrade-idlands.com
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQkAMQgDwIkE89iI43yoTuHwvRPOBEemmrTwbvtdMuTXl7dJYhfME6gorD+F/aGIMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 4
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/cm/i?pid=6f652967-68c0-4b51-856e-73764e7ec56a&u_scsid=2b268054-d55c-4d63-b081-6af3f6de865c&u_sclid=82e810a2-4b91-4f13-aab4-371dca7f1d36
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=6f652967-68c0-4b51-856e-73764e7ec56a&u_scsid=2b268054-d55c-4d63-b081-6af3f6de865c&u_sclid=82e810a2-4b91-4f13-aab4-371dca7f1d36
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=6f652967-68c0-4b51-856e-73764e7ec56a&u_scsid=2b268054-d55c-4d63-b081-6af3f6de865c&u_sclid=82e810a2-4b91-4f13-aab4-371dca7f1d36 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:18:11 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 37
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3dc6e258fc83d07cbca03d0774670dc0
e800ba5425f2c48b4d17aa2e51ffd1d92509114e
e775242d430166a832ee4c4f85e96345e24ecaf099dd5dae836ec4ca423fe266
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2229
Cache-Control: max-age=162489
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:11 GMT
Etag: "63dcae67-1d7"
Expires: Sun, 05 Feb 2023 07:26:20 GMT
Last-Modified: Fri, 03 Feb 2023 06:49:11 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
95.101.10.128200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
IP 95.101.10.128:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash e35cd3aeb48075134b13d5d593e609af
b967aced0b33616a54a9b7d5d3d092f28b9cca81
e25f7cb45c4d46dc9ebcf4cbe5209c87765cb94c15384780899eee7d888273e6
GET /i18n/pixel/static/identify_c4832.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Cookie: _ttp=2LDxXBjyHwuWOQ9SIrSWuJINlK9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175825795F92399DF9E7BC6845
x-tt-trace-host: 01213c9428e1dc2e706424a5e4830ae2753a9403fe7ed2020932fc61a3c47c96784adda24a6c56428140d39df42ee71252f6133830581f45dad09e0f84f6c427e5570f8f5241c1349d3294ee56c52eab748dbda5cfd0ecad2a022e79233890d27b
content-encoding: gzip
date: Fri, 03 Feb 2023 10:18:11 GMT
content-length: 30930
x-cache: TCP_MEM_HIT from a95-101-10-124.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
x-akamai-request-id: 49069846
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
95.101.10.128200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 95.101.10.128:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1102
Origin: https://official.olymptrade-idlands.com
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Cookie: _ttp=2LDxXBjyHwuWOQ9SIrSWuJINlK9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20230203101811BD4801069AA8B06CB9B9
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb6836556300a6b359d0578e27e900df4ec0a1fce34e16bebcadbd921ed3bc03655992cd3e091410c2237946e4ab5504062b991c80271ff1d23b8102f0ccdf2fd765bde3f440e640657b181525fd2e42d296a08f9613eb05ec65bf275ec65839c92
x-origin-response-time: 18,104.96.220.52
x-akamai-request-id: c533f3b.49069860
expires: Fri, 03 Feb 2023 10:18:11 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 03 Feb 2023 10:18:11 GMT
x-cache: TCP_MISS from a95-101-10-124.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a104-96-220-52.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=18, inner; dur=16
x-parent-response-time: 109,95.101.10.124
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
95.101.10.128200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 95.101.10.128:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1104
Origin: https://official.olymptrade-idlands.com
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Cookie: _ttp=2LDxXBjyHwuWOQ9SIrSWuJINlK9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20230203101811C3B2EAF9B68E81603769
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb6836556300a6b359d0578e27e900df4ec0a1fce34e16bebcadbd921ed3bc036553cbe45bda92856aa768746d0e390c1e061222b4131474540d9536d1963a50d03eb4a032f4825a0929a94d2f44ca4f59162a11eb9148e8d9c65e9444ae7574db2
x-origin-response-time: 19,104.96.220.52
x-akamai-request-id: c533f60.4906985c
expires: Fri, 03 Feb 2023 10:18:11 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 03 Feb 2023 10:18:11 GMT
x-cache: TCP_MISS from a95-101-10-124.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a104-96-220-52.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=111, origin; dur=19, inner; dur=16
x-parent-response-time: 123,95.101.10.124
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Fri, 03 Feb 2023 10:18:12 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash c8466829b243d76ac68a75886578d3f6
974cc2b8ac36664dd671272960c66a4b2fde5c52
e365290aff381411a728c9a8b94091a0761d74b4c4e43e8d3ccdc19c38db66ee
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 10:18:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 07 Feb 2023 06:30:17 GMT
ETag: "974cc2b8ac36664dd671272960c66a4b2fde5c52"
Last-Modified: Fri, 03 Feb 2023 06:30:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2537
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793a6bd1dae0b51d-OSL
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 3729d8445019ddf0cb6e03e7cdbe643a
b513f16d0106e68311b09addade6d44894e3537b
1e38f04f29641215a4d0476be900b37b8819d929db7ef6d4deab15a361e46f1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2982
Cache-Control: max-age=95166
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:12 GMT
Etag: "63dba47c-139"
Expires: Sat, 04 Feb 2023 12:44:18 GMT
Last-Modified: Thu, 02 Feb 2023 11:54:36 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
tr.snapchat.com/config/com/6f652967-68c0-4b51-856e-73764e7ec56a.js
35.190.43.134200 OK 463 B URL HTTP/2 tr.snapchat.com/config/com/6f652967-68c0-4b51-856e-73764e7ec56a.js
IP 35.190.43.134:0
Hash aceed7bef18b16c613378513c68ad9d1
e4f3882fc4d1e6fa73865a843ba89067444d2806
395e9d39dee016ab61074b6598a8bd8e36a0cd87f53a85362113925062ad1a41
GET /config/com/6f652967-68c0-4b51-856e-73764e7ec56a.js HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://official.olymptrade-idlands.com
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:18:11 GMT
access-control-allow-origin: https://official.olymptrade-idlands.com
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 13
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=414260076515165032&lib=kwaiq
101.33.29.225200 OK 49 kB URL HTTP/1.1 s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=414260076515165032&lib=kwaiq
IP 101.33.29.225:0
File type Unicode text, UTF-8 text, with very long lines (64894)
Hash 85f7bfa61174ec17f87d85cdcfd115f2
71a7d3cb966d0800ca5ac0916b90c73a2f06c9ea
78215cc7c06bd1a20cbbe6ada7a279b19ef13ceaf2509f4367e03d3c033edf40
GET /kos/s101/nlav11187/pixel/events.js?sdkid=414260076515165032&lib=kwaiq HTTP/1.1
Host: s1.kwai.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 05 Jan 2023 10:50:28 GMT
Content-Encoding: gzip
Etag: "08a9aa724c73ceffccb45637b9b7b2c2"
Content-Type: application/javascript
Date: Mon, 30 Jan 2023 05:54:54 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 12670142515171396409
x-cos-request-id: NjNkNzViYWVfODg3NWI3MDlfMTIyM2ZfYjlkOTNiNA==
Content-Length: 48594
Accept-Ranges: bytes
X-NWS-LOG-UUID: 8392243198469298555
Connection: keep-alive
X-Cache-Lookup: Cache Hit
x-ks-client-ip: 91.90.42.154
X-Ks-Request-ID: 8392243198469298555
X-Ks-Cache: Hit from 101.33.29.225
kwaisign: NULL
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control: max-age=2592000
t.co/i/adsct?bci=3&eci=2&event_id=92b72f9d-0d67-44f3-bb00-1b22bb355a51&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=82aff5aa-cb7f-4235-a706-b069be81d27b&tw_document_href=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9ceh&type=javascript&version=2.3.29
104.244.42.197200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=92b72f9d-0d67-44f3-bb00-1b22bb355a51&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=82aff5aa-cb7f-4235-a706-b069be81d27b&tw_document_href=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9ceh&type=javascript&version=2.3.29
IP 104.244.42.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=92b72f9d-0d67-44f3-bb00-1b22bb355a51&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=82aff5aa-cb7f-4235-a706-b069be81d27b&tw_document_href=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9ceh&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:18:11 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=62ef9dee-d53d-4e56-b933-db1a11a88013; Max-Age=63072000; Expires=Sun, 02 Feb 2025 10:18:12 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 47772e95731b96e7
strict-transport-security: max-age=0
x-response-time: 116
x-connection-hash: b3f0bed3a9650145c6382ab236f38c866eb701a879bf844a532af72668fe2412
X-Firefox-Spdy: h2
t.co/i/adsct?bci=3&eci=2&event_id=6f2bb2dc-e526-49b2-b9d2-db890b308c03&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=82aff5aa-cb7f-4235-a706-b069be81d27b&tw_document_href=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o549a&type=javascript&version=2.3.29
104.244.42.197200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=6f2bb2dc-e526-49b2-b9d2-db890b308c03&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=82aff5aa-cb7f-4235-a706-b069be81d27b&tw_document_href=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o549a&type=javascript&version=2.3.29
IP 104.244.42.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=6f2bb2dc-e526-49b2-b9d2-db890b308c03&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=82aff5aa-cb7f-4235-a706-b069be81d27b&tw_document_href=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o549a&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:18:11 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=0e76165d-1b77-4ad3-8ba5-a7bc07199de4; Max-Age=63072000; Expires=Sun, 02 Feb 2025 10:18:12 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: d8038e8182cf0575
strict-transport-security: max-age=0
x-response-time: 107
x-connection-hash: b3f0bed3a9650145c6382ab236f38c866eb701a879bf844a532af72668fe2412
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash d748dcaaec947b38996a2f987e98b2b9
7e018ab7e9f0c73d53379d1698a06177b0643687
2ef4873c62fe3cfbc33e7a8f0ab428ab78676b1d01c2aee8bc16d50fafe756d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2774
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:12 GMT
Last-Modified: Fri, 03 Feb 2023 09:31:58 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash d748dcaaec947b38996a2f987e98b2b9
7e018ab7e9f0c73d53379d1698a06177b0643687
2ef4873c62fe3cfbc33e7a8f0ab428ab78676b1d01c2aee8bc16d50fafe756d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3245
Cache-Control: max-age=136466
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:18:12 GMT
Etag: "63dc44c9-139"
Expires: Sun, 05 Feb 2023 00:12:38 GMT
Last-Modified: Thu, 02 Feb 2023 23:18:33 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6f2bb2dc-e526-49b2-b9d2-db890b308c03&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=82aff5aa-cb7f-4235-a706-b069be81d27b&tw_document_href=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o549a&type=javascript&version=2.3.29
104.244.42.131200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6f2bb2dc-e526-49b2-b9d2-db890b308c03&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=82aff5aa-cb7f-4235-a706-b069be81d27b&tw_document_href=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o549a&type=javascript&version=2.3.29
IP 104.244.42.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=6f2bb2dc-e526-49b2-b9d2-db890b308c03&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=82aff5aa-cb7f-4235-a706-b069be81d27b&tw_document_href=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o549a&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:18:12 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_BjA1F11AmbfTZAhCVcPfuQ=="; Max-Age=63072000; Expires=Sun, 02 Feb 2025 10:18:12 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 26766bfece78ad02
strict-transport-security: max-age=631138519
x-response-time: 106
x-connection-hash: c09444e38cfed1e4bdb061444634c381e81fde04040444299265717ea7bc08aa
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=92b72f9d-0d67-44f3-bb00-1b22bb355a51&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=82aff5aa-cb7f-4235-a706-b069be81d27b&tw_document_href=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9ceh&type=javascript&version=2.3.29
104.244.42.131200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=92b72f9d-0d67-44f3-bb00-1b22bb355a51&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=82aff5aa-cb7f-4235-a706-b069be81d27b&tw_document_href=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9ceh&type=javascript&version=2.3.29
IP 104.244.42.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=92b72f9d-0d67-44f3-bb00-1b22bb355a51&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=82aff5aa-cb7f-4235-a706-b069be81d27b&tw_document_href=https%3A%2F%2Fofficial.olymptrade-idlands.com%2Flands%2FLPL64-01-01id%2Findex.html%3Fref%3D_desk%26utm_medium%3D%26utm_source%3Dpropeller_ads%26utm_campaign%3D%26utm_content%3D%26utm_term%3D%26eid%3Dwjuaf7uo0hrdj2cmi38nmbf2%26subid2%3Dwjuaf7uo0hrdj2cmi38nmbf2%26lead_param%3Dpostback_subid2%253Dwjuaf7uo0hrdj2cmi38nmbf2%26pid%3Dpropeller_ads%26c%3D%26af_c_id%3D%26af_sub4%3Dwjuaf7uo0hrdj2cmi38nmbf2%26gclid%3Dwjuaf7uo0hrdj2cmi38nmbf2&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9ceh&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:18:11 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_DRTZfkBoO5glH+fB9Hl+mQ=="; Max-Age=63072000; Expires=Sun, 02 Feb 2025 10:18:12 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 80179a5a435a1ce9
strict-transport-security: max-age=631138519
x-response-time: 105
x-connection-hash: c09444e38cfed1e4bdb061444634c381e81fde04040444299265717ea7bc08aa
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 1492ac3e5aee025ae1e3add242655647
f147ad9031888e5802ae2a1c8eeb32fbc803036b
c58179d38bf9ef283e838d50c2110ce96fa0832bdd02137fb1097c68099af5d3
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 10:18:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 07 Feb 2023 07:51:21 GMT
ETag: "f147ad9031888e5802ae2a1c8eeb32fbc803036b"
Last-Modified: Fri, 03 Feb 2023 07:51:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2817
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793a6bd5afe1b51d-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 1492ac3e5aee025ae1e3add242655647
f147ad9031888e5802ae2a1c8eeb32fbc803036b
c58179d38bf9ef283e838d50c2110ce96fa0832bdd02137fb1097c68099af5d3
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 10:18:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 07 Feb 2023 07:51:21 GMT
ETag: "f147ad9031888e5802ae2a1c8eeb32fbc803036b"
Last-Modified: Fri, 03 Feb 2023 07:51:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2818
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793a6bd7eac0b51d-OSL
connect.facebook.net/signals/config/2234327463447944?v=2.9.95&r=stable
157.240.205.11200 OK 0 B URL HTTP/2 connect.facebook.net/signals/config/2234327463447944?v=2.9.95&r=stable
IP 157.240.205.11:0
GET /signals/config/2234327463447944?v=2.9.95&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ZoBXfiJCJqyqfeK2sFG8kFsSvae+089ya1AvJafdU75TBXMs6DSyzyuzum038yTroSXN0DnODU/GtqxhX1mq6A==
x-fb-trip-id: 1679558926
date: Fri, 03 Feb 2023 10:18:10 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
api.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=414260076515165032
35.227.215.158200 OK 0 B URL HTTP/2 api.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=414260076515165032
IP 35.227.215.158:0
GET /rest/n/adintl/ad/getPixelConfig?pixelId=414260076515165032 HTTP/1.1
Host: api.mythad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://official.olymptrade-idlands.com
Connection: keep-alive
Referer: https://official.olymptrade-idlands.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:18:12 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://official.olymptrade-idlands.com
access-control-allow-credentials: true
x-kslogid: 675419492914471478
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2