rouonixon.com/4/5359943/
139.45.197.238200 OK 7.1 kB IP 139.45.197.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8753)
Hash e3611fd9750db7fad2eb4eea07ab7fa7
fe9c7efc69ecc2a935328ad75d61ab470ee37714
f8b0f96133c7e650c636af782f7ad2140a4210f95a0bc667ab49c48e4e286b95
Analyzer Verdict Alert fortinet Malware
GET /4/5359943/ HTTP/1.1
Host: rouonixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 17:43:19 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 68e5c7535d779084095d99cb3e2c4ba3
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=0c5b6af04f114e0585915d156d68c7ea; expires=Mon, 25 Sep 2023 17:43:19 GMT; path=/
oaidts=1664127799; expires=Mon, 25 Sep 2023 17:43:19 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 17:15:02 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 10gEECi9vnJB0q7b0y6ycKpyvWOZwvv6B05UOlBFU2Tkfj6nLliUiA==
Age: 1698
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17862
Expires: Sun, 25 Sep 2022 22:41:02 GMT
Date: Sun, 25 Sep 2022 17:43:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b3e81b5bd7bd8e12288a8159e44ceb3f
977945964ffcbf49ac78f840db9da822c50c82f0
4721814da286852318f7ebf9857bd4bf01f0beea2c9eb7ddb9f290e3fa472232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4721814DA286852318F7EBF9857BD4BF01F0BEEA2C9EB7DDB9F290E3FA472232"
Last-Modified: Fri, 23 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13699
Expires: Sun, 25 Sep 2022 21:31:39 GMT
Date: Sun, 25 Sep 2022 17:43:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: fQcYR2xQ5W4RoPWwRfevXFLNfKcP0KBhCPuJpHbu8v0z9QnaqUthoP1AORRQ4DEffKjBz4gFLpkVqpl4UIupvg==
x-amz-request-id: XJCENVQ2KJJ7M2EE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 25 Sep 2022 16:45:51 GMT
age: 3449
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 17:43:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash af56ebb29d27fb6a049680fe85c8828b
235a3579a72192a6a1fc0366d6d8671e2630b9f5
68454f522f57ca84315459fbf178251544804533512e9bebb8a6e3f3bce12895
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 17:43:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=347520,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75058fc0580cb4eb-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash f29a678b472b135eeec39af31d5114dc
3081b9afbbad4b726fc48a7b78255ee1081b7135
0a1f4757bf58c7492ce995087886375fb50f0872e626b5bd5d8749cb13b5f95d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 17:43:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 16:52:35 GMT
Expires: Thu, 29 Sep 2022 16:52:34 GMT
Etag: "3081b9afbbad4b726fc48a7b78255ee1081b7135"
Cache-Control: max-age=341953,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75058fc06e701bfe-OSL
my.rtmark.net/img.gif?f=merge&userId=0c5b6af04f114e0585915d156d68c7ea
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=0c5b6af04f114e0585915d156d68c7ea
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=0c5b6af04f114e0585915d156d68c7ea HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rouonixon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 17:43:20 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0c5b6af04f114e0585915d156d68c7ea; expires=Mon, 25 Sep 2023 17:43:20 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
datatechone.com/log/add?cid=88506ad5-50e6-43b5-b450-2c5482f39314
139.45.195.253200 OK 2 B URL HTTP/1.1 datatechone.com/log/add?cid=88506ad5-50e6-43b5-b450-2c5482f39314
IP 139.45.195.253:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=88506ad5-50e6-43b5-b450-2c5482f39314 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 453
Origin: http://rouonixon.com
Connection: keep-alive
Referer: http://rouonixon.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 25 Sep 2022 17:43:20 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: http://rouonixon.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
rouonixon.com/favicon.ico
139.45.197.238204 No Content 0 B URL HTTP/1.1 rouonixon.com/favicon.ico
IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: rouonixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rouonixon.com/4/5359943/
Cookie: OAID=0c5b6af04f114e0585915d156d68c7ea; oaidts=1664127799
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 25 Sep 2022 17:43:20 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
rouonixon.com/?z=5359943&syncedCookie=true&rhd=false
139.45.197.238302 Found 0 B URL HTTP/1.1 rouonixon.com/?z=5359943&syncedCookie=true&rhd=false
IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?z=5359943&syncedCookie=true&rhd=false HTTP/1.1
Host: rouonixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 427
Origin: http://rouonixon.com
Connection: keep-alive
Referer: http://rouonixon.com/afu.php?zoneid=5359943&var=5359943&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false
Cookie: OAID=0c5b6af04f114e0585915d156d68c7ea; oaidts=1664127799
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 25 Sep 2022 17:43:20 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: bb6c011425d9cb374e37a26d6e9b2fea
Link: <https://toapodazoay.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://toapodazoay.com/?l=qCqekRDLtEBTXwP&s=597957937608265902&z=5359943&g=NO&svar=1664127800&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1664127800&ssk=fa40768e9fc8251e3929b749b730f954&svarok=1&b=79056&oaid=0c5b6af04f114e0585915d156d68c7ea&rdk=rk3
Access-Control-Allow-Origin: http://rouonixon.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=0c5b6af04f114e0585915d156d68c7ea; expires=Mon, 25 Sep 2023 17:43:20 GMT; path=/
oaidts=1664127799; expires=Mon, 25 Sep 2023 17:43:20 GMT; path=/
syncedCookie=true; expires=Sun, 02 Oct 2022 17:43:20 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcb855a852f524b276e8153b6eddfa69
21305f4b1f4754d25eb54652193923b2b06bfad3
f48df8e1b1f06379faa7d088ca3acd499467be3978c525007b925d828a4cd54a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F48DF8E1B1F06379FAA7D088CA3ACD499467BE3978C525007B925D828A4CD54A"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11310
Expires: Sun, 25 Sep 2022 20:51:50 GMT
Date: Sun, 25 Sep 2022 17:43:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 25 Sep 2022 17:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 25 Sep 2022 17:17:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xPwgEfDbQFPcNYGXamDdqd4-Xh2-4QlLUaJO4oWpRRi-kjY8NEW-0w==
Age: 2343
toapodazoay.com/?l=qCqekRDLtEBTXwP&s=597957937608265902&z=5359943&g=NO&svar=1664127800&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1664127800&ssk=fa40768e9fc8251e3929b749b730f954&svarok=1&b=79056&oaid=0c5b6af04f114e0585915d156d68c7ea&rdk=rk3&mprtr=1
139.45.197.152200 OK 525 B URL HTTP/2 toapodazoay.com/?l=qCqekRDLtEBTXwP&s=597957937608265902&z=5359943&g=NO&svar=1664127800&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1664127800&ssk=fa40768e9fc8251e3929b749b730f954&svarok=1&b=79056&oaid=0c5b6af04f114e0585915d156d68c7ea&rdk=rk3&mprtr=1
IP 139.45.197.152:0
Hash 42e5fafb6c18db725e936cad68c4c628
e269a075af694668a183cd66a37c34d14d48590f
8933ba74e0dafcc1cf3db4dfb1e56d8b405e7a10d612ec009c677e58c7ec5856
POST /?l=qCqekRDLtEBTXwP&s=597957937608265902&z=5359943&g=NO&svar=1664127800&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1664127800&ssk=fa40768e9fc8251e3929b749b730f954&svarok=1&b=79056&oaid=0c5b6af04f114e0585915d156d68c7ea&rdk=rk3&mprtr=1 HTTP/1.1
Host: toapodazoay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://toapodazoay.com
Connection: keep-alive
Referer: https://toapodazoay.com/?rzi=5359943&rsz=5359943&rid=
Cookie: reverse=-5dE98nNMlWw2G8jJEZrupGGoD9GdItSuEXSt4ArAVE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 17:43:20 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.24
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d3ea37777b24ad3132f8bc92164c608e
5701e444a0be8384b9e5e6e04b0c53d5753f638a
167cf989b2eb81bfcba5079d5216c0d83a019938bf47c8b67cbf633fc0070e4b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "167CF989B2EB81BFCBA5079D5216C0D83A019938BF47C8B67CBF633FC0070E4B"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5767
Expires: Sun, 25 Sep 2022 19:19:27 GMT
Date: Sun, 25 Sep 2022 17:43:20 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5589
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:43:21 GMT
Last-Modified: Sun, 25 Sep 2022 16:10:12 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
unphionetor.com/fv.js?t=56193&cb=1149137058
139.45.197.236200 OK 2.2 kB URL HTTP/2 unphionetor.com/fv.js?t=56193&cb=1149137058
IP 139.45.197.236:0
Hash 9327ce7b467381349c23152b56a8242f
6ddf33c1a7ebe61235b572959cb3ea806ac109bc
e01a0c4905f48e81db9a5ccae95420abce9f38faf1ee9596de3b1712df2505b7
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=56193&cb=1149137058 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toapodazoay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 17:43:21 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 1d28b65d75f71f9279fec388da739fff
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
toapodazoay.com/favicon.ico
139.45.197.152204 No Content 0 B URL HTTP/2 toapodazoay.com/favicon.ico
IP 139.45.197.152:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: toapodazoay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toapodazoay.com/?rzi=5359943&rsz=5359943&rid=
Cookie: reverse=-5dE98nNMlWw2G8jJEZrupGGoD9GdItSuEXSt4ArAVE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 25 Sep 2022 17:43:21 GMT
strict-transport-security: max-age=60
x-content-type-options: nosniff
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=56193&bid=79056&aid=597957937608265902
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=56193&bid=79056&aid=597957937608265902
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=56193&bid=79056&aid=597957937608265902 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://toapodazoay.com
Connection: keep-alive
Referer: https://toapodazoay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 25 Sep 2022 17:43:21 GMT
access-control-allow-origin: https://toapodazoay.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: add84efb50d31b0293779f19c09a3fbf
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.70.239.215101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.239.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1grcja82KAzkeJ/QNMLyAg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GmyExItzQMqAuNNnPM9CAA1tgHk=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10149
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 17:43:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10149
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 17:43:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10149
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 17:43:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa43fecfd-7ebd-4a19-85fe-29bd0f3c5033.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa43fecfd-7ebd-4a19-85fe-29bd0f3c5033.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca8f8393365641de380e9443b37a8581
2fde9899cf74129d7df8868008b323a527dc1170
dbcc05dcbbbf4b89bf0f10999c0f5679e822cce6f9e3437f2cafb913606bd8c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa43fecfd-7ebd-4a19-85fe-29bd0f3c5033.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9042
x-amzn-requestid: 8c2e6356-2b43-4162-94b9-efd45249047c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PmHRtIAMFwaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-034b1944694141f04debec31;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k1hcUfebiQMb8IRsmeAOkyI02F1vUvh7J9GxgU4qO8Ebp3TQUC2fQQ==
via: 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:24:40 GMT
age: 69522
etag: "2fde9899cf74129d7df8868008b323a527dc1170"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d4989e-b390-4a8b-be36-820e0256c211.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d4989e-b390-4a8b-be36-820e0256c211.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b247d936b6e75a5075e09d9d2f7c3b1
7d3650b77b7f501d2f94592b8a4c0e02a75feb70
165d5ef729be431744228c7f1791141536db476811a3e9c7ab5958c6e38a781a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d4989e-b390-4a8b-be36-820e0256c211.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7977
x-amzn-requestid: 6d6cbdf9-91f4-4fb5-8afe-cb8dea476e8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EoFjtIAMFjcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7883-5681f08725a5ce7e36c27d75;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:07 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0H0AT4oKoQUzJWzgfJuK9M_bisrd4bhX6jVfbj3VZ5IPp8u2opEuOA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:25 GMT
etag: "7d3650b77b7f501d2f94592b8a4c0e02a75feb70"
content-type: image/jpeg
age: 72237
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a89e7161745036637a66e8ab5b7efdf9
79c83cc27996b2339bd63764dbb2ae9744db6d70
13b990c3c6a9bee6def25d007e14628c52e427b6f4c718895b1817d5e8e59760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8715
x-amzn-requestid: d5e237f4-4c0e-4e3b-b3ae-ea1eb5b7cafc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JmTEAwIAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d22f4-48a975a866edc1755858600f;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sm6N8Un8XKHtGGZwxLd1aYygBns1l8siRvcc2w_9V2imJopvt8Ockw==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 07:09:15 GMT
age: 38047
etag: "79c83cc27996b2339bd63764dbb2ae9744db6d70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5CzA52-o7GYViSJ4lna7ptv9dycJCUL-NLWOk-iCW-ZxDU_FQH_OoQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:51:18 GMT
age: 71524
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d59e1bbd58ff8c5fe5faecb58149601
ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd
c16a2adaeaabbe45801ab5d12ceaeab587b525b4959933f53a9c8dcdb12aec68
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7757
x-amzn-requestid: 3092c81c-f703-403a-b718-e18f035f9464
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJQFUWIAMF7Pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-565f665c7e34294079703141;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hc0cpj1kMbAQqcM0ooSgEdS8nPP0m4FJD1bHdY7jN2OENNsJF_gluA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 08:16:33 GMT
age: 34009
etag: "ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 72363
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
go.ad2upapp.com/afu.php?id=792658&rt=1
139.45.197.237302 Moved Temporarily 138 B URL HTTP/1.1 go.ad2upapp.com/afu.php?id=792658&rt=1
IP 139.45.197.237:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /afu.php?id=792658&rt=1 HTTP/1.1
Host: go.ad2upapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sun, 25 Sep 2022 17:43:22 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: http://go.deliverymodo.com/afu.php?id=792658&rt=1
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
go.deliverymodo.com/afu.php?id=792658&rt=1
139.45.197.236200 OK 896 B URL HTTP/1.1 go.deliverymodo.com/afu.php?id=792658&rt=1
IP 139.45.197.236:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (443)
Hash b12b7f0aff7c68e726669f655165e51d
f59c906c6a35e9f1f184482504ffdd82d752ad34
fcf26ac61a05d4c766909ec18bf4d99205c4d4e881106f9a6e8795e168da36d1
GET /afu.php?id=792658&rt=1 HTTP/1.1
Host: go.deliverymodo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 17:43:22 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: fd297e20e27334ab84cc12c85a75dbee
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://engingrepare.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=1be22795434a428d90ac154318680613; expires=Mon, 25 Sep 2023 17:43:22 GMT; path=/
oaidts=1664127802; expires=Mon, 25 Sep 2023 17:43:22 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
unphionetor.com/vb?t=56193&bid=79056&aid=597957937608265902&tp=2016
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vb?t=56193&bid=79056&aid=597957937608265902&tp=2016
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vb?t=56193&bid=79056&aid=597957937608265902&tp=2016 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://toapodazoay.com
Connection: keep-alive
Referer: https://toapodazoay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 25 Sep 2022 17:43:22 GMT
access-control-allow-origin: https://toapodazoay.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: bf7fbbdc172fe8a321401f29d7cd140b
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
engingrepare.com/b68fbfec-7b24-433b-9c67-97b9b84e7421?zoneid=792658&bannerid=14968261&browser=firefox&os=linux&device=desktop®ion=03&isp=blix%20group%20as&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:96.0)%20Gecko/20100101%20Firefox/96.0&language=en&connectiontype=broadband&cost=0.000131&visitor_id=597957943832617943&rdk=rk1
3.123.187.149302 Found 0 B URL HTTP/2 engingrepare.com/b68fbfec-7b24-433b-9c67-97b9b84e7421?zoneid=792658&bannerid=14968261&browser=firefox&os=linux&device=desktop®ion=03&isp=blix%20group%20as&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:96.0)%20Gecko/20100101%20Firefox/96.0&language=en&connectiontype=broadband&cost=0.000131&visitor_id=597957943832617943&rdk=rk1
IP 3.123.187.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b68fbfec-7b24-433b-9c67-97b9b84e7421?zoneid=792658&bannerid=14968261&browser=firefox&os=linux&device=desktop®ion=03&isp=blix%20group%20as&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:96.0)%20Gecko/20100101%20Firefox/96.0&language=en&connectiontype=broadband&cost=0.000131&visitor_id=597957943832617943&rdk=rk1 HTTP/1.1
Host: engingrepare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sun, 25 Sep 2022 17:43:22 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.roifxtrader.com/
pragma: no-cache
set-cookie: b68fbfec-7b24-433b-9c67-97b9b84e7421-v4=eumoKfTWtXarZW3G9ih_TjHdsVQ4fnUlOBhKFkkIFG0; Max-Age=86400; Expires=Mon, 26-Sep-2022 17:43:22 GMT; Domain=engingrepare.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=aHwUnQwDfk1olONKBn4LxbdEvtjg8wcepXQZMrWCfClsdVYy9oCqxyzOsQQbfKm0aeqqMbB1A6tMzL%2FCzgpYDnOAsUpACPri1dGQh4dpV3gpzfS4HzCI2fWrbZAfi3LhO%2B9NzZFPBo08nSOFKd5KTg%3D%3D; Max-Age=31536000; Expires=Mon, 25-Sep-2023 17:43:22 GMT; Domain=engingrepare.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f4ecef68b145f30ca45883d43f390792
23c49c65141663371bb08fa052d84c694398ea93
06880a2f2fae6b34240e8787c9f2087a3aeb86b747698fd96af0a14776bbba34
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "06880A2F2FAE6B34240E8787C9F2087A3AEB86B747698FD96AF0A14776BBBA34"
Last-Modified: Sat, 24 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3735
Expires: Sun, 25 Sep 2022 18:45:37 GMT
Date: Sun, 25 Sep 2022 17:43:22 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash af56ebb29d27fb6a049680fe85c8828b
235a3579a72192a6a1fc0366d6d8671e2630b9f5
68454f522f57ca84315459fbf178251544804533512e9bebb8a6e3f3bce12895
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 17:43:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=347518,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75058fcede151bfe-OSL
my.rtmark.net/img.gif?f=merge&userId=1be22795434a428d90ac154318680613
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=1be22795434a428d90ac154318680613
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=1be22795434a428d90ac154318680613 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 17:43:22 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=1be22795434a428d90ac154318680613; expires=Mon, 25 Sep 2023 17:43:22 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
go.deliverymodo.com/favicon.ico
139.45.197.236204 No Content 0 B URL HTTP/1.1 go.deliverymodo.com/favicon.ico
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: go.deliverymodo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=1be22795434a428d90ac154318680613; oaidts=1664127802
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 25 Sep 2022 17:43:22 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f4ecef68b145f30ca45883d43f390792
23c49c65141663371bb08fa052d84c694398ea93
06880a2f2fae6b34240e8787c9f2087a3aeb86b747698fd96af0a14776bbba34
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "06880A2F2FAE6B34240E8787C9F2087A3AEB86B747698FD96AF0A14776BBBA34"
Last-Modified: Sat, 24 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3735
Expires: Sun, 25 Sep 2022 18:45:37 GMT
Date: Sun, 25 Sep 2022 17:43:22 GMT
Connection: keep-alive
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.101200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.101:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sat, 24 Sep 2022 21:03:08 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tnTvtsh5uw8Mczj5O4oIcfmFYykpS7YVetW5up0SaZq2bBq7zfO-5w==
age: 74415
X-Firefox-Spdy: h2
s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
54.230.111.32200 OK 11 kB URL HTTP/2 s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
IP 54.230.111.32:0
File type ASCII text, with very long lines (3066)
Hash ec810cf189244421fbba88a8fb7661b4
71ddd06a5ea0b748663403dbb2ef53e553b0297c
bb51d1e5236e0daeb078e0df8e945e5a0afc06e83e0ed54281d9af4877f58df0
GET /external-embedding/embed-widget-ticker-tape.js HTTP/1.1
Host: s3.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 10745
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 23 Sep 2022 10:20:02 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 10:20:07 GMT
etag: "ec810cf189244421fbba88a8fb7661b4"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XEy6hdYhicnVNIMFb0-9e0cir2sABiAO7XjIIzi6MA-5MOPqB9JjSQ==
age: 26596
X-Firefox-Spdy: h2
s3.tradingview.com/external-embedding/embed-widget-market-quotes.js
54.230.111.32200 OK 10 kB URL HTTP/2 s3.tradingview.com/external-embedding/embed-widget-market-quotes.js
IP 54.230.111.32:0
File type ASCII text, with very long lines (3066)
Hash 3da96dfe346bd193547af675cb8b60ca
cbc8dd58b58e3f636bddb08f37e29a1f973697d0
77e23a8619b5ba9fb57c11cc6b5460b80760e5664ed380403b6a283828187cd8
GET /external-embedding/embed-widget-market-quotes.js HTTP/1.1
Host: s3.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 10057
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 23 Sep 2022 10:19:58 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 10:20:09 GMT
etag: "3da96dfe346bd193547af675cb8b60ca"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: l9gu8uGiDwl16I3GJngKt43sOxXgHhrzzdpZ9Cd_E1262Bq8Gnn5hg==
age: 26594
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 8.8 kB IP 142.250.74.3:0
Hash 5b06679da461ef2e04ca395539446586
7a136954769b0cb034a6ee0c5e873821798cfc9d
c5f302e9274aa1583d0ce9df3d8c46c07b471f57eaa254b9b62fb28b2e07bf55
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:43:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 6.8 kB IP 142.250.74.3:0
Hash b916f3c20060504af3e2f4c75267bb59
40cf8f00917725e081234eb0637797ea5239726f
346e340c5d5f7d7516c9c50637ae988ac8161fab92e461f9fff080e68882b1d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:43:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
flagicons.lipis.dev/flags/4x3/gb.svg
185.199.108.153200 OK 331 B URL HTTP/2 flagicons.lipis.dev/flags/4x3/gb.svg
IP 185.199.108.153:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash e6143f617b44e68d423bed136fce8949
c7154e49ce9d9e64f4c1daab47373e0c5f92b7ad
b17b64bb7a109117a3492996551dbbab45fd8f44521b00295a6ca7717871d4ad
GET /flags/4x3/gb.svg HTTP/1.1
Host: flagicons.lipis.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Sun, 11 Sep 2022 10:36:31 GMT
access-control-allow-origin: *
etag: W/"631dba2f-217"
expires: Sun, 25 Sep 2022 01:52:37 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 3A74:1967:138144E:1BE579D:632FB20D
accept-ranges: bytes
date: Sun, 25 Sep 2022 17:43:23 GMT
via: 1.1 varnish
age: 322
x-served-by: cache-bma1661-BMA
x-cache: HIT
x-cache-hits: 20
x-timer: S1664127803.016156,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: d4e95a9a850933334e09344e84fedcc6937257c2
content-length: 331
X-Firefox-Spdy: h2
flagicons.lipis.dev/flags/4x3/it.svg
185.199.108.153200 OK 208 B URL HTTP/2 flagicons.lipis.dev/flags/4x3/it.svg
IP 185.199.108.153:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash c08a2da07f2c5a52da29268db93d165b
f87a1da0d5fe1524463fb90a7dafd2588bb75043
d012f6255909efae4049381abf5aea7890f8c5f3f9d12cc4a8bb41ce67309997
GET /flags/4x3/it.svg HTTP/1.1
Host: flagicons.lipis.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Sun, 11 Sep 2022 10:36:31 GMT
access-control-allow-origin: *
etag: W/"631dba2f-121"
expires: Sat, 24 Sep 2022 12:22:57 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: 446E:A797:1934D29:1A0D781:632EF485
accept-ranges: bytes
date: Sun, 25 Sep 2022 17:43:23 GMT
via: 1.1 varnish
age: 367
x-served-by: cache-bma1661-BMA
x-cache: HIT
x-cache-hits: 20
x-timer: S1664127803.016179,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 13185f4050cb1d86a07baa55eaaa5239572c20a4
content-length: 208
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-1CZCP7MM89
142.250.74.72200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-1CZCP7MM89
IP 142.250.74.72:0
File type ASCII text, with very long lines (20189)
Hash b10f67fd5fa3073d612984e17e5c9ef7
49aae8c32862ecf222098c0d6e15fd3b2ff25955
6846c475f36a7bee89b1b3184cd893d0ec769637a489efd71257c671104740e2
GET /gtag/js?id=G-1CZCP7MM89 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 25 Sep 2022 17:43:23 GMT
expires: Sun, 25 Sep 2022 17:43:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75084
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 950 B IP 142.250.74.3:0
Hash 9b29fd4aedd77289844feeffe16d77e2
94ab11af9c05b21896bb9f239be85e8fa9f5df66
e5ac0633e966f26e994a57a3d286cb542461ab15dbd0106528d6c20dac0df5b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:43:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:43:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s3.tradingview.com/external-embedding/embed-widget-market-quotes.js
54.230.111.32304 Not Modified 12 kB URL HTTP/2 s3.tradingview.com/external-embedding/embed-widget-market-quotes.js
IP 54.230.111.32:0
Hash 55df9e647957970a3c478f990919805a
625a420108e8fd4cfeafb801c383078561edf2e7
912793b72d26244a87411492f6c2b4071c05d44d52c432cead1cd88b2c84a559
GET /external-embedding/embed-widget-market-quotes.js HTTP/1.1
Host: s3.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 23 Sep 2022 10:19:58 GMT
If-None-Match: "3da96dfe346bd193547af675cb8b60ca"
TE: trailers
HTTP/2 304 Not Modified
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 23 Sep 2022 10:19:58 GMT
server: AmazonS3
date: Sun, 25 Sep 2022 10:20:09 GMT
etag: "3da96dfe346bd193547af675cb8b60ca"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Kfhn7TciP9zU0_bZuzvb38dtI5iP7LK9mhtI8PIw80FFf_9DhOX3tw==
age: 26595
X-Firefox-Spdy: h2
s3.tradingview.com/external-embedding/embed-widget-market-quotes.js
54.230.111.32304 Not Modified 0 B URL HTTP/2 s3.tradingview.com/external-embedding/embed-widget-market-quotes.js
IP 54.230.111.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /external-embedding/embed-widget-market-quotes.js HTTP/1.1
Host: s3.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 23 Sep 2022 10:19:58 GMT
If-None-Match: "3da96dfe346bd193547af675cb8b60ca"
TE: trailers
HTTP/2 304 Not Modified
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 23 Sep 2022 10:19:58 GMT
server: AmazonS3
date: Sun, 25 Sep 2022 10:20:09 GMT
etag: "3da96dfe346bd193547af675cb8b60ca"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gkqqnV4n9Wi8lUVcLK6-rArWPil6wVI3jEJrxqqGwxfPE0oZXU8axw==
age: 26595
X-Firefox-Spdy: h2
s3.tradingview.com/external-embedding/embed-widget-market-quotes.js
54.230.111.32304 Not Modified 0 B URL HTTP/2 s3.tradingview.com/external-embedding/embed-widget-market-quotes.js
IP 54.230.111.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /external-embedding/embed-widget-market-quotes.js HTTP/1.1
Host: s3.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 23 Sep 2022 10:19:58 GMT
If-None-Match: "3da96dfe346bd193547af675cb8b60ca"
TE: trailers
HTTP/2 304 Not Modified
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 23 Sep 2022 10:19:58 GMT
server: AmazonS3
date: Sun, 25 Sep 2022 10:20:09 GMT
etag: "3da96dfe346bd193547af675cb8b60ca"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uP26kknSePd-V0RgYCjv7X8Z7FhMlskDWenpjpbT-vIDRCFVszQLkQ==
age: 26595
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:43:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 32 kB IP 142.250.74.3:0
Hash 941d8f667a76958e19adb87dc9f6cb4d
6f414f48c36572d7474915fdcf8b8db8f3fbc1e7
545bce09a55a4cad940c8553d4c5fd4b2837b600f1304f79349907e23a5c483f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:43:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:43:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
engingrepare.com/d/.js?oref=&ourl=https%3A%2F%2Fwww.roifxtrader.com%2F&opt=ROIFX%20Trader%20%E2%80%93%20Trading%20in%20Forex%2C%20Cryptocurrencies%20and%20Stocks&vtm=1664127801593
3.123.187.149400 Bad Request 152 B URL HTTP/2 engingrepare.com/d/.js?oref=&ourl=https%3A%2F%2Fwww.roifxtrader.com%2F&opt=ROIFX%20Trader%20%E2%80%93%20Trading%20in%20Forex%2C%20Cryptocurrencies%20and%20Stocks&vtm=1664127801593
IP 3.123.187.149:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash d9bacc468aa23334526933389545e120
e26288b4bada404ce340ca72989f9f1193dc649c
0605685efb44dd3decd77517436c575731b61f807247587de67080c579ffa2d4
GET /d/.js?oref=&ourl=https%3A%2F%2Fwww.roifxtrader.com%2F&opt=ROIFX%20Trader%20%E2%80%93%20Trading%20in%20Forex%2C%20Cryptocurrencies%20and%20Stocks&vtm=1664127801593 HTTP/1.1
Host: engingrepare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
server: nginx
date: Sun, 25 Sep 2022 17:43:23 GMT
content-type: text/html
content-length: 152
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2
142.250.74.163200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 26304, version 1.0\012- data
Hash 29404b5009a74d47f2a7923da5741fd5
c8c7a68af3f7e4f92d932203efda0c38e4d170ab
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
GET /s/jost/v14/92zatBhPNqw73oTd4g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26304
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 02:52:18 GMT
expires: Tue, 19 Sep 2023 02:52:18 GMT
cache-control: public, max-age=31536000
age: 571865
last-modified: Mon, 11 Jul 2022 20:29:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 309 kB IP 142.250.74.3:0
Size 309 kB (309316 bytes)
Hash c4a8fb86e8cc6c9be57f3e083c2cd8ad
873d81eb82888e0afd938005dd8f091bd2904cd2
a891543f82c18b2fd1fd3c86365d2285ea5095676a4303a7e6c92e964c0ca01f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:43:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.tradingview.com/static/localization/translations/en.39dbf21df23abce9.js
54.230.111.84200 OK 69 kB URL HTTP/2 static.tradingview.com/static/localization/translations/en.39dbf21df23abce9.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (65504), with no line terminators
Hash 9f4ec2c9c1570b883418ce5c1d4e080b
259e92455a809a614b2b1443976d5dad7022b8ba
59a9f5992973a5e7c8c8d843ad4106f4dddef335c60c775e3e43a2de16e058cd
GET /static/localization/translations/en.39dbf21df23abce9.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 69437
date: Fri, 23 Sep 2022 10:21:05 GMT
last-modified: Fri, 23 Sep 2022 08:31:25 GMT
etag: "632d6edd-10f3d"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: agAX2u64oEcw0mAjWbR0U3lhAOz88RPC0Gxom2iQasQbxm1s43ttmw==
age: 199337
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/5735.c773d84ae2dfa00f5f7e.css
54.230.111.84200 OK 458 B URL HTTP/2 static.tradingview.com/static/bundles/embed/5735.c773d84ae2dfa00f5f7e.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (1649), with no line terminators
Hash 7497343e286bffb0f77343a72c52c807
a0b16b6844fec13e7e4f05c5ec1dff354a843128
f775ccacb10b864665283b42df806044d4c07d2b103c4a3d15fc6fa967890a87
GET /static/bundles/embed/5735.c773d84ae2dfa00f5f7e.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 458
date: Tue, 06 Sep 2022 10:02:17 GMT
last-modified: Tue, 06 Sep 2022 09:02:06 GMT
etag: "63170c8e-1ca"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kzMXrGPfB3iiVpUb4jipY4EfI-Iy23SlOPsaf8Uvs-Qga6aKlqVITA==
age: 1669266
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/22641.c7183a76dc0599de9f42.css
54.230.111.84200 OK 566 B URL HTTP/2 static.tradingview.com/static/bundles/embed/22641.c7183a76dc0599de9f42.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (3872), with no line terminators
Hash 6e6b52d09836b19a082054796f9fbadf
47f855654aca16bb3d22b0a261028c07bfbf3ac1
b66836dc4dcb259fd7f709598dc05417bc69fe1c7f6382e3be864e124f711186
GET /static/bundles/embed/22641.c7183a76dc0599de9f42.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 566
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
etag: "62fdfacb-236"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wJNrpmuD14AAjNkjMUO-GzCigvbHw5ixJbccR8EvtoOaV3ZNs6unFw==
age: 3309917
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/59349.06c5af95e99eb360e0d3.js
54.230.111.84200 OK 4.5 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/59349.06c5af95e99eb360e0d3.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (3036)
Hash 222668586f47e46b73c5c28e18e2f785
9613ae8405a964b43dfa22e4bd8ffb835981970a
7cadd0fb593df958580a40f6e191e5b5b007a50a731ed48f384605748f01d53a
GET /static/bundles/embed/59349.06c5af95e99eb360e0d3.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 4541
date: Wed, 07 Sep 2022 10:11:06 GMT
last-modified: Wed, 07 Sep 2022 08:33:52 GMT
etag: "63185770-11bd"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ECx8AHf7H8KrAEvkMswzQImMVOr47aKZzGx0wm3VuXOA9Ha-FLrnCA==
age: 1582337
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/49859.57ed1f0e14de0ce7dcbb.css
54.230.111.84200 OK 275 B URL HTTP/2 static.tradingview.com/static/bundles/embed/49859.57ed1f0e14de0ce7dcbb.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (868), with no line terminators
Hash baa8242f859530e38f8b32a9c0615593
c883ab6d475cbd4fea077661f25bbca065950a08
c7b10129b6beba6afdd65d4b6079e7952447d0a79c094ee6a850c7a583fb7406
GET /static/bundles/embed/49859.57ed1f0e14de0ce7dcbb.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 275
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
etag: "62fdfacb-113"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9udLGPTpGm97MSj4ufaukYWNdo2Oj8Mokei1D-zF-TNgxxApCpz3aQ==
age: 3309917
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/95170.8c229ea611144b3d939d.js
54.230.111.84200 OK 8.9 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/95170.8c229ea611144b3d939d.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (3072)
Hash fbdc997c1e2881ef8bb545eb7c1f2bdb
8b4bb8fee879ef2ef0d720d8d3096740bab8a106
0f0fed29649e13d5b891443c4f819050dfb7e42c58d2c0f9170af36e5da7d495
GET /static/bundles/embed/95170.8c229ea611144b3d939d.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 8938
date: Sat, 30 Jul 2022 06:28:07 GMT
last-modified: Fri, 29 Jul 2022 13:14:57 GMT
etag: "62e3dd51-22ea"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LoqiPLp4xBraR0a1i-kDXiq0JVu5MluPyX9O5lGCTUmQSB4kvTSrMw==
age: 4965316
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/47872.b614638f482af661b1f9.js
54.230.111.84200 OK 19 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/47872.b614638f482af661b1f9.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (3072)
Hash bc31af672be65f56e0e123800b74486d
a30c94ad36729c1cb7c1982f20c2567a6dc2cf83
6234758d8c4d5e7e9d7738c97f7a4c06861e0c596e1347c69de7e1ff14c05ec4
GET /static/bundles/embed/47872.b614638f482af661b1f9.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 18927
date: Wed, 21 Sep 2022 10:20:06 GMT
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
etag: "632ace12-49ef"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tM19vxHU9azYB6fcqTUM-Fo5OGC_XCIavo2ZBiSi_GDV5lOyljnxyw==
age: 372197
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/73405.648367a46b4e83b8a5ea.js
54.230.111.84200 OK 19 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/73405.648367a46b4e83b8a5ea.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 865d6e5627ab5b7044bd020b52a22c35
a8508a11d760f645703e9f8bca248a978a338f2a
c5d0415e548f24e100cb842f7fd046d70794ad9caede3fb007b55db57ada0734
GET /static/bundles/embed/73405.648367a46b4e83b8a5ea.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 8882
date: Wed, 21 Sep 2022 10:20:06 GMT
last-modified: Wed, 21 Sep 2022 08:40:49 GMT
etag: "632ace11-22b2"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: anDXC8J7ChbqSj5NgT9aorXilwi8n5Hnn-1CrWzO00e7Hp3kk0L7hg==
age: 372197
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/6373.cbf79a416472d97ee266.js
54.230.111.84200 OK 8.9 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/6373.cbf79a416472d97ee266.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (3071)
Hash 2bb2f6ec14e1b7033a1efb7bfd636f22
36218963433e51d8c95ecf68abdbf37fff1c7b24
71ea00c5c9d3ce9cbe2faede0ca2dfef8c741de04257d8a9b2ab1c14518621e6
GET /static/bundles/embed/6373.cbf79a416472d97ee266.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 8861
date: Wed, 21 Sep 2022 10:20:06 GMT
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
etag: "632ace12-229d"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: F8QjnGg6JR8zBV7XlgXdL-UibksrOpv5A1t7RvgCwMQwlh08a2KNGw==
age: 372196
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/21629.59ea3f34e1413a77f290.js
54.230.111.84200 OK 11 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/21629.59ea3f34e1413a77f290.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (15650)
Hash b3a404cb516ade1695c0705696d97ad1
e63067338645699570f486a7a13f126f16944156
30eddd13db49b8c00d8e64e7bb79266f0ff8b1f76e7699842e60a05ed317fdb4
GET /static/bundles/embed/21629.59ea3f34e1413a77f290.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 11131
date: Thu, 15 Sep 2022 10:58:07 GMT
last-modified: Thu, 15 Sep 2022 08:58:09 GMT
etag: "6322e921-2b7b"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: q5yLqEElG0z0NfYHAvqQ6wopKXYALWU8eZkYqXHjzPo6SbWMAReBkA==
age: 888316
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/61165.669f518fb3ca12a08781.js
54.230.111.84200 OK 9.6 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/61165.669f518fb3ca12a08781.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (3071)
Hash 5d9570cd52c8c73b9e1a2e9865429c3e
eb47e79aebf1eb741a9018b31d22c7c10de0e7fd
4729a1722a0cc609a32e59ee76174287c4711b72cde258d0441014f43991b4ee
GET /static/bundles/embed/61165.669f518fb3ca12a08781.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 9641
date: Tue, 30 Aug 2022 10:48:07 GMT
last-modified: Tue, 30 Aug 2022 10:04:54 GMT
etag: "630de0c6-25a9"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: c9l2Qz9ia5wlGGH5zbJWpJkAZIpTILzcNug1-mGDaVt5ep2VZZqy0w==
age: 2271316
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/9610.4b9f8462aa3659c59d53.css
54.230.111.84200 OK 613 B URL HTTP/2 static.tradingview.com/static/bundles/embed/9610.4b9f8462aa3659c59d53.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (1510), with no line terminators
Hash 2ed39ab10b595276b053cddd1eb97895
681c53e78e44ed13467fecce18ea2601876c4928
0b15d02d18e4d0166410d14ed6b9a4c0dabebc4c6216ff6a449a8d16c2666aea
GET /static/bundles/embed/9610.4b9f8462aa3659c59d53.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 613
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
etag: "62fdfacb-265"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: R_KJANx3x3m9de1lqgFfVqTFZaQ-9tq3VFBhQfMKgQcABdmTAredZQ==
age: 3309917
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/3086.0d1fcc5f4fdd633672c7.css
54.230.111.84200 OK 275 B URL HTTP/2 static.tradingview.com/static/bundles/embed/3086.0d1fcc5f4fdd633672c7.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (948), with no line terminators
Hash fed499f0b2313d63adf3417b0bae8e27
a8541f56b888a27d47cbd2f298bd0ba024831be9
ea584321e666a290e526cb885982143175d4324dc21947a9c53b58dc60b56f1e
GET /static/bundles/embed/3086.0d1fcc5f4fdd633672c7.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 275
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:37 GMT
etag: "62fdfac9-113"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NUBFHTdHuS4x7TtoxR-dd3Ob1Vrwc9Bfv3k32Pt5I5YALZA1HmqHUg==
age: 3309917
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/72066.f1aaa4b56bfc5daefd58.css
54.230.111.84200 OK 272 B URL HTTP/2 static.tradingview.com/static/bundles/embed/72066.f1aaa4b56bfc5daefd58.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (1187), with no line terminators
Hash 2c94a40a0cdaab30536f9ff9aac30780
13e3a1701670362dc0356126be21982f8a371247
12b841c633c6498d1604f4d6dc199c8d61b22a45abb7b2d4aacbc364d16c21b6
GET /static/bundles/embed/72066.f1aaa4b56bfc5daefd58.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 272
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:38 GMT
etag: "62fdfaca-110"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: b9tJ-EN1wzh3TemQpAygWthvTDzsW2t3UGqm7rU1gp_pdQhUKeupzw==
age: 3309917
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/93419.83330e98cd0f13f52e0f.css
54.230.111.84200 OK 1.3 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/93419.83330e98cd0f13f52e0f.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (9662), with no line terminators
Hash 1590890d2b95e5dd26b6619078fc3716
7f099065b77017303b41d575174d0506404c2422
0f2d89b30ed40c9645acec4a6708531eb2489aff5aca6f0639d92e6de208c97b
GET /static/bundles/embed/93419.83330e98cd0f13f52e0f.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 1254
date: Tue, 06 Sep 2022 10:02:46 GMT
last-modified: Tue, 06 Sep 2022 09:02:07 GMT
etag: "63170c8f-4e6"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 00sv1NEskvwnNJHgMY2BC1cjx98hzgmwOF1qiJ1_3-4KfvGHI5-Dhg==
age: 1669237
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/4704.721cbfb1a5d6784e3109.css
54.230.111.84200 OK 482 B URL HTTP/2 static.tradingview.com/static/bundles/embed/4704.721cbfb1a5d6784e3109.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (2185), with no line terminators
Hash 58cbe331cf45c85a52eb02587adc9fef
13f08c64e54a3f211e26f97b80af35abd49b670b
53adcb676377768d48af24466b08fb38f141ede6a9e84b20d72ed3c209aaf647
GET /static/bundles/embed/4704.721cbfb1a5d6784e3109.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 482
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
etag: "62fdfacb-1e2"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8lnOd8S7rgMRTCdzgMbR4a0YGL032sraBp7aV4uGY0KUCk4PN9oZFg==
age: 3309917
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/41848.a819f80182db62e2c3b6.css
54.230.111.84200 OK 1.1 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/41848.a819f80182db62e2c3b6.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (6539), with no line terminators
Hash 314a88cb707c312d3d20310eb6e16b27
06a733bacfaa9706a6b3fff13a8aa9325f464ca9
92824d9ce9a58e064ff1b14673fc316221dea9f55122b027e58ea4470e9b3233
GET /static/bundles/embed/41848.a819f80182db62e2c3b6.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 1102
date: Tue, 06 Sep 2022 10:02:30 GMT
last-modified: Tue, 06 Sep 2022 09:02:09 GMT
etag: "63170c91-44e"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vPnclTGSFYeUsbKvSi5f70KeUwpjIYxbQD_LVTODVNqnSdCdWlbzlA==
age: 1669252
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/runtime.4bcbc047b131d88cea00.js
54.230.111.84200 OK 21 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/runtime.4bcbc047b131d88cea00.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (3068)
Hash 0169f69b573225f4d9bc3562eebfd087
7bf2019684dbceac5757d356b99b436fa1e83fba
7dea9a4c6044d4f82ff83c28031843b8ddb5f0f92b2b11c02e1d45c4f5eea2f0
GET /static/bundles/embed/runtime.4bcbc047b131d88cea00.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 20747
date: Fri, 23 Sep 2022 10:21:05 GMT
last-modified: Fri, 23 Sep 2022 08:31:49 GMT
etag: "632d6ef5-510b"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3uPr364v_AfyBb-mp4NlbQ6fR8bnHR2sWmkM0cFY-B2l1LfHtBQ1CQ==
age: 199337
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/72369.9291747e1fab1074d523.js
54.230.111.84200 OK 33 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/72369.9291747e1fab1074d523.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (3072)
Hash 9c9774810a51f9f1b3a727876d3583f3
3901e2ff90220d4364bd0a65037f0bd219115069
ba0aa991398b2bcd70e58c5706503f3735dbee5750a63bfcfa2903271a0820c0
GET /static/bundles/embed/72369.9291747e1fab1074d523.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 33014
date: Tue, 30 Aug 2022 10:48:07 GMT
last-modified: Tue, 30 Aug 2022 10:04:53 GMT
etag: "630de0c5-80f6"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2VTl79Nn_mZJjspZJVhSDktK6nysiivHkwhNLcGEzLefwO0n6h5MCw==
age: 2271316
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/9594.68f7335652cbfdf7e67c.js
54.230.111.84200 OK 7.2 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/9594.68f7335652cbfdf7e67c.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (5750)
Hash 6d25a025eb6edd164ef789ea89e7c814
d9df16238f5e4ef4619b5eeb2f391af629df9ce2
a6aeb8f1eec4623d7f42086e7f76a241b24a43d044c377a0663dff3b23ba2fc6
GET /static/bundles/embed/9594.68f7335652cbfdf7e67c.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 7197
date: Wed, 21 Sep 2022 10:20:26 GMT
last-modified: Wed, 21 Sep 2022 08:40:49 GMT
etag: "632ace11-1c1d"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ye26h_uUF3zq52NFGntHa2RMcCLxryFmpNHvqfOT7ahnmOzBOt9K1A==
age: 372177
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/embed_market_quotes_widget.075f77fa1afd167026d2.js
54.230.111.84200 OK 12 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/embed_market_quotes_widget.075f77fa1afd167026d2.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (15650)
Hash 80b4d79fd5b0d5b2227c5e37244d6e1b
13cb4488a6aab85b9ccfa5a3e35c408bd6911eca
a11c6f63b551ddcaf446d1ddb38f7d496afcfe9d98d91b44cb9a878c471bc6e0
GET /static/bundles/embed/embed_market_quotes_widget.075f77fa1afd167026d2.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 12044
date: Wed, 21 Sep 2022 10:20:26 GMT
last-modified: Wed, 21 Sep 2022 08:40:49 GMT
etag: "632ace11-2f0c"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6N5FBgTq4U9s9zyps3VazfKWnhw7htG8tjcSgCt20uF8FHXQLfDjUg==
age: 372177
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/97029.aec87eec8d0ca240b268.css
54.230.111.84200 OK 1.1 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/97029.aec87eec8d0ca240b268.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (6181), with no line terminators
Hash 36c5de656ee5ac6c3687030dae4ac897
c4cdf0cf6f8996a6bb2bb3d275c19113ed350953
e3a85219b604b7535c69f1ae7ef8d9d4df795997954b6174ef8344d1ec0023c7
GET /static/bundles/embed/97029.aec87eec8d0ca240b268.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 1080
date: Thu, 18 Aug 2022 10:18:24 GMT
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
etag: "62fdfacb-438"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nIejd-zwylfp_Z_VFBfYVb9-QyC2uIZYwfYIKItrfiHqS_DeGcmPNg==
age: 3309899
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=62bc0c115fe9507ba430b5ef
143.204.55.101200 OK 2.0 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=62bc0c115fe9507ba430b5ef
IP 143.204.55.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6390)
Hash 31a9b5fa35e99cbb958f8facd1967e11
5885c836b1be01370bed43fbb96278e2fc0e40f9
b2a7e35547d699bc046c22f88eadb882a55c67e89408cc7a61cdc0c443384fa4
GET /trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=62bc0c115fe9507ba430b5ef HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 2028
last-modified: Tue, 16 Aug 2022 12:42:13 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sun, 25 Sep 2022 03:46:10 GMT
cache-control: max-age=86400
etag: "31a9b5fa35e99cbb958f8facd1967e11"
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dcMwL3PaD_maa_UYJlZbrZr01HQyaZUaU4cg6GxuAVMlI253XwYkSg==
age: 50234
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-1CZCP7MM89>m=2oe9l0&_p=610028783&cid=243281619.1664127802&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664127801&sct=1&seg=0&dl=https%3A%2F%2Fwww.roifxtrader.com%2F&dt=ROIFX%20Trader%20%E2%80%93%20Trading%20in%20Forex%2C%20Cryptocurrencies%20and%20Stocks&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-1CZCP7MM89>m=2oe9l0&_p=610028783&cid=243281619.1664127802&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664127801&sct=1&seg=0&dl=https%3A%2F%2Fwww.roifxtrader.com%2F&dt=ROIFX%20Trader%20%E2%80%93%20Trading%20in%20Forex%2C%20Cryptocurrencies%20and%20Stocks&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-1CZCP7MM89>m=2oe9l0&_p=610028783&cid=243281619.1664127802&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664127801&sct=1&seg=0&dl=https%3A%2F%2Fwww.roifxtrader.com%2F&dt=ROIFX%20Trader%20%E2%80%93%20Trading%20in%20Forex%2C%20Cryptocurrencies%20and%20Stocks&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.roifxtrader.com
date: Sun, 25 Sep 2022 17:43:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/28903.415109541489380d12f6.css
54.230.111.84200 OK 219 B URL HTTP/2 static.tradingview.com/static/bundles/embed/28903.415109541489380d12f6.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (801), with no line terminators
Hash 97f7a20e8f5b5aab89e7323c3f952f93
0a86a43d70147185f1f356ac3061d461f498a0af
51e40ba29ca9c9b7f89f255331a616a93beb9fb033c029e058a6a45483c0209c
GET /static/bundles/embed/28903.415109541489380d12f6.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 219
date: Tue, 06 Sep 2022 10:02:46 GMT
last-modified: Tue, 06 Sep 2022 09:02:06 GMT
etag: "63170c8e-db"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YGCuQl2iRbCPc9-u_d267BqmZIWuEX0Nl9k79l3ZMBWcjNcFKBtd4w==
age: 1669238
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.8fddca2ccd8456d34a10.js
54.230.111.84200 OK 2.1 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.8fddca2ccd8456d34a10.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (3332)
Hash e6796590284ab6cfb534e922a2ebca47
a18fcd51aab7f7a2510583126f25f33f94bf1626
fa3c19b48ad254a9cd1bc6753b098c4db439979efae0b12705e89087a1541da9
GET /static/bundles/embed/tradingview-copyright-data-impl.8fddca2ccd8456d34a10.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 2082
date: Tue, 06 Sep 2022 10:03:06 GMT
last-modified: Tue, 06 Sep 2022 09:02:07 GMT
etag: "63170c8f-822"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CvyjJMWtdP05xou6d43OeTwR5HqVtROmzYTnGlH_ALnzuUFqtiMxxg==
age: 1669218
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fticker-tape%2F&date=2022_09_23-11_39
23.82.31.221101 Switching Protocols 0 B URL HTTP/1.1 widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fticker-tape%2F&date=2022_09_23-11_39
IP 23.82.31.221:0
ASN #7203 LEASEWEB-USA-SFO-12
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/websocket?from=embed-widget%2Fticker-tape%2F&date=2022_09_23-11_39 HTTP/1.1
Host: widgetdata.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Hh7P2lTwaORZYCjeNabNNA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sun, 25 Sep 2022 17:43:24 GMT
Connection: upgrade
sec-websocket-accept: /1JTLMcwoXeLa7PMds9ETlkbcus=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv
widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js
143.204.55.101200 OK 18 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js
IP 143.204.55.101:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (58329)
Hash a935a0a0daf8a792b6f622a79037eb14
ce630181500fec9f5805e83f6a8ff08bf94d915f
3a4186a7ce71e0e3c50edade71422496a78db2317f107e953c5aa6dee8f683c7
GET /trustboxes/5419b6a8b0d04a076446a9ad/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=62bc0c115fe9507ba430b5ef
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 17866
last-modified: Tue, 16 Aug 2022 12:42:15 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sun, 25 Sep 2022 01:46:16 GMT
cache-control: max-age=86400
etag: "a935a0a0daf8a792b6f622a79037eb14"
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xwWlUahYQW29Lsj_DNGwNZsUE0lNkuamHKUDuil37tiW-Rm1BuIJkQ==
age: 57429
X-Firefox-Spdy: h2
widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_23-11_39
23.82.31.221101 Switching Protocols 0 B URL HTTP/1.1 widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_23-11_39
IP 23.82.31.221:0
ASN #7203 LEASEWEB-USA-SFO-12
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_23-11_39 HTTP/1.1
Host: widgetdata.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oa2+nEF4NGXIayIC3uKKjg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sun, 25 Sep 2022 17:43:24 GMT
Connection: upgrade
sec-websocket-accept: vY6UG3GS6z28n/xBi0/YeI/q5tQ=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.tradingview.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sun, 25 Sep 2022 16:41:09 GMT
expires: Sun, 25 Sep 2022 18:41:09 GMT
cache-control: public, max-age=7200
age: 3735
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-vendors.js
172.67.38.66200 OK 63 kB URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-vendors.js
IP 172.67.38.66:0
File type Unicode text, UTF-8 text, with very long lines (65464)
Hash 0ae6926a7ea584507c5314128c055415
068bcfe49844c6a14b0f0e9464012ef4ce77b56a
bbb3323f3fd3c54efc94f9503e8b48629585c053f774d892050b202e1819eef1
GET /_s/v4/app/63258f417d7/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 17:43:24 GMT
content-type: application/javascript
age: 1734
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"81c2642aac0b88b6b237d279f5f8ce67"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75058fdc5b700b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=light&minReviewCount=10&withoutReviewsPreferredStringId=1&url=https%3A%2F%2Fwww.roifxtrader.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=62bc0c115fe9507ba430b5ef&widgetId=5419b6a8b0d04a076446a9ad
143.204.55.101204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=light&minReviewCount=10&withoutReviewsPreferredStringId=1&url=https%3A%2F%2Fwww.roifxtrader.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=62bc0c115fe9507ba430b5ef&widgetId=5419b6a8b0d04a076446a9ad
IP 143.204.55.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=light&minReviewCount=10&withoutReviewsPreferredStringId=1&url=https%3A%2F%2Fwww.roifxtrader.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=62bc0c115fe9507ba430b5ef&widgetId=5419b6a8b0d04a076446a9ad HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=62bc0c115fe9507ba430b5ef
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Sun, 25 Sep 2022 17:43:24 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: okoQWOdNgDoHaer8ureOSJfy7dDYXX0JMtiHjGGSNOewKmzG_JQt0w==
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-main.js
172.67.38.66200 OK 129 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-main.js
IP 172.67.38.66:0
File type ASCII text, with no line terminators
Hash 5ad275fd56346077032e99586bff675c
ac71e60ef2429695047e91e543ca2a2fb3288fbc
ff7c90a4004517bb00d4bc540b8eb876159af92feb483d70e973a8c77e5ab497
GET /_s/v4/app/63258f417d7/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 17:43:24 GMT
content-type: application/javascript
age: 1734
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75058fdc4b5b0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/indices/nasdaq-100.svg
143.204.55.21200 OK 777 B URL HTTP/2 s3-symbol-logo.tradingview.com/indices/nasdaq-100.svg
IP 143.204.55.21:0
File type exported SGML document, ASCII text, with very long lines (777), with no line terminators
Hash fe60c6206a39b7984b1ebb2b8234c5ab
ec9c1ff626f97b55d2196a86ccb44fce9bdadbd2
425b69d42c6b0731fb094a37cbe1600ea1bfd57d2020094ecd0478e4d5720fa4
GET /indices/nasdaq-100.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 777
last-modified: Thu, 26 May 2022 07:17:23 GMT
x-amz-meta-hash: fe60c6206a39b7984b1ebb2b8234c5ab
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 17:22:11 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "fe60c6206a39b7984b1ebb2b8234c5ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ebmBh8f5Ov1EwtptaaJRDigali4eVd0tw25scMZmuBeVQrNhz-d0bg==
age: 1279
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
143.204.55.21200 OK 801 B URL HTTP/2 s3-symbol-logo.tradingview.com/crypto/XTVCBTC.svg
IP 143.204.55.21:0
File type exported SGML document, ASCII text, with very long lines (801), with no line terminators
Hash 107060b925841745f310697bd9f1f83d
40a2e01da20c164a3c3f774a72f3feadf17cafa2
4dfca512e957e14f05da07751a96061cf4bfd5df438504f65287fa0a8c3cadb6
GET /crypto/XTVCBTC.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 801
last-modified: Wed, 08 Sep 2021 09:03:52 GMT
x-amz-meta-hash: 107060b925841745f310697bd9f1f83d
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 17:26:46 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "107060b925841745f310697bd9f1f83d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CNR7pB5sVQ7X3NdY4AZfm6BzZAocahYc9G3FenSFZOxgXNZESiheUg==
age: 1000
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/country/EU.svg
143.204.55.21200 OK 2.6 kB URL HTTP/2 s3-symbol-logo.tradingview.com/country/EU.svg
IP 143.204.55.21:0
Hash e07e00ce72385e56ad52548050ae4b5d
4f2d3c509c16c2f6c2e9f78db81ea212a2307a53
3cea2f962c4bf047be703b2e541b9ef9412f6d589a3dea37c82e924e8b7ac7bf
GET /country/EU.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 870
last-modified: Wed, 08 Sep 2021 09:01:40 GMT
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 17:41:13 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "e9173ef4613c3da43c45885ea39c4b96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CH10AKrR-47UzVYjq0395EDMbhd4N6KE0AI8OQOG7zXsYqe0faKd1Q==
age: 137
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
143.204.55.21200 OK 523 B URL HTTP/2 s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
IP 143.204.55.21:0
File type exported SGML document, ASCII text, with very long lines (523), with no line terminators
Hash 4542d4ecd73f04c73affa787a4522596
6e7129a5417dac4d4547b375e8b23d5a7dc5b714
955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774
GET /crypto/XTVCETH.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 523
last-modified: Wed, 08 Sep 2021 09:05:18 GMT
x-amz-meta-hash: 4542d4ecd73f04c73affa787a4522596
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 17:36:30 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "4542d4ecd73f04c73affa787a4522596"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: x3Sp_U_XSkvt85l40Aee-ztO0T5BYaoOeHN77s0Do-oYT7LcoAgP5Q==
age: 416
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/country/CA.svg
143.204.55.21200 OK 298 B URL HTTP/2 s3-symbol-logo.tradingview.com/country/CA.svg
IP 143.204.55.21:0
File type exported SGML document, ASCII text, with no line terminators
Hash f0b4af400bc4e1017e56de16550915a8
60ab455990aa7f8bdbb54ecac4641202792e590e
47b7b7098df6ea46fb0d3d1fe816b196262ef4fe1378b227056a4075eb50e0f7
GET /country/CA.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 298
last-modified: Wed, 08 Sep 2021 09:02:24 GMT
x-amz-meta-hash: f0b4af400bc4e1017e56de16550915a8
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 16:46:45 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "f0b4af400bc4e1017e56de16550915a8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mTU2KA3qLhjDKl_MpEpTNNU0hoUjH5q-XEfbhpCZCsZ54gjzGEpDPQ==
age: 3494
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/country/AU.svg
143.204.55.21200 OK 937 B URL HTTP/2 s3-symbol-logo.tradingview.com/country/AU.svg
IP 143.204.55.21:0
File type exported SGML document, ASCII text, with very long lines (937), with no line terminators
Hash ffaa89557725b51eb58753956db0a148
af4c43200c5a85ad2d525412bf83e55e90138bd3
27c815d48181359be416f858593d35e363b546bf3f237e0458cccf01fefbdf30
GET /country/AU.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 937
last-modified: Wed, 08 Sep 2021 09:02:00 GMT
x-amz-meta-hash: ffaa89557725b51eb58753956db0a148
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 17:04:23 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "ffaa89557725b51eb58753956db0a148"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VlM_VAkv_hfmIs7b_jYUJUUR5ys2MUI8Nm3BVqVlx-j3nVQj3E3qoA==
age: 2348
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/country/CH.svg
143.204.55.21200 OK 236 B URL HTTP/2 s3-symbol-logo.tradingview.com/country/CH.svg
IP 143.204.55.21:0
File type exported SGML document, ASCII text, with no line terminators
Hash 2390cb6eb08128c8300b6a29c41f2842
de96debc38e1b541ef81692120f1099d1f1e9d20
3b66ebe14df724fa1f4efc29bf7b8658975e89be92202238d75fad8badc68d36
GET /country/CH.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 236
last-modified: Wed, 08 Sep 2021 09:01:10 GMT
x-amz-meta-hash: 2390cb6eb08128c8300b6a29c41f2842
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 17:30:01 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "2390cb6eb08128c8300b6a29c41f2842"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 81vWgZzKOzE_TtJVGZJmvznYt2_jQJbGQTP5IhvzGJScVdfSiFJ41w==
age: 807
X-Firefox-Spdy: h2
widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_23-11_39
23.82.31.221101 Switching Protocols 0 B URL HTTP/1.1 widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_23-11_39
IP 23.82.31.221:0
ASN #7203 LEASEWEB-USA-SFO-12
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_23-11_39 HTTP/1.1
Host: widgetdata.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Rih/e5QxNdwS1jzvSUGRJg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sun, 25 Sep 2022 17:43:25 GMT
Connection: upgrade
sec-websocket-accept: tD84rWEt29s1ADKxnbHBd4vbo/o=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv
s3-symbol-logo.tradingview.com/country/JP.svg
143.204.55.21200 OK 215 B URL HTTP/2 s3-symbol-logo.tradingview.com/country/JP.svg
IP 143.204.55.21:0
File type exported SGML document, ASCII text, with no line terminators
Hash dd1bc2f51b952d5c3421a69d6febe6ce
b501eef8705cc2c8e9d8b9a9ce431d70e1ef0f71
147aa1297638071607ef5cf0d722c1953c6716e61ef32f58e3fb7fd132ce84ee
GET /country/JP.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 215
last-modified: Wed, 08 Sep 2021 09:00:59 GMT
x-amz-meta-hash: dd1bc2f51b952d5c3421a69d6febe6ce
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 17:07:14 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "dd1bc2f51b952d5c3421a69d6febe6ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HtQkIw5xjPC0mnS1hudCjCCd9fWP4LoAWUSmP9UcunP6zn1Fh4dhGw==
age: 2197
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/country/GB.svg
143.204.55.21200 OK 468 B URL HTTP/2 s3-symbol-logo.tradingview.com/country/GB.svg
IP 143.204.55.21:0
File type exported SGML document, ASCII text, with very long lines (468), with no line terminators
Hash 09bfac5408302ee8c52fa2ed008c4f13
ec2b53eba8ec1a31fc6745cd9c4fc09518db1c2f
b3e463d925abc879f5b76428144c0da44bc02fae2188f71bc9e7aa7ab6f46037
GET /country/GB.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 468
last-modified: Wed, 08 Sep 2021 09:01:59 GMT
x-amz-meta-hash: 09bfac5408302ee8c52fa2ed008c4f13
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 17:04:23 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "09bfac5408302ee8c52fa2ed008c4f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: amFShDm2cMqppCyW8IwhwD5wm0t2SwmSEAn26UcEFQZkser4QERoag==
age: 2352
X-Firefox-Spdy: h2
cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
151.101.85.229200 OK 70 kB URL HTTP/2 cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
IP 151.101.85.229:0
Hash 322573ed532b2c70b4680ae46f41f3db
4f357ed987e6517f70f58ecc8b2d93a5f0e094bd
f5eaab8c8c2538ad611947fc1f4bbc40acb79bae63aee417556643236fe97a6b
GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Sep 2022 17:43:25 GMT
age: 16274162
x-served-by: cache-fra19156-FRA, cache-bma1625-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53889
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/advanced-micro-devices.svg
143.204.55.21200 OK 889 B URL HTTP/2 s3-symbol-logo.tradingview.com/advanced-micro-devices.svg
IP 143.204.55.21:0
Hash 96086d14acfed113e9bce2b95a903a3f
69f9a576684084751dbbad602320a824b2c4a95e
d0b2fcdb176f8baa32befd594abb1564aefc648bac85f6bf9ba8b4fc4c4b94dd
GET /advanced-micro-devices.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 449
last-modified: Wed, 08 Sep 2021 08:53:21 GMT
x-amz-meta-hash: bdbf1c6c85e6683de21dc199c4419970
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 17:06:23 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "bdbf1c6c85e6683de21dc199c4419970"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eQr9vdF1e2lXSPDhPT7Gjhhr87NfkSko1nNi6uECYEiy52LUeYIpqg==
age: 2293
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/netflix.svg
143.204.55.21200 OK 453 B URL HTTP/2 s3-symbol-logo.tradingview.com/netflix.svg
IP 143.204.55.21:0
File type exported SGML document, ASCII text, with very long lines (453), with no line terminators
Hash 088f20cd1f479350f02d9aada3709050
114bd591e902fc05d93e966453b74b252b88dd58
c5f5b9304726376ee2b8f6b47ad85c5c7509c14e10fca4c4b1ebda33e76983e6
GET /netflix.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 453
last-modified: Wed, 08 Sep 2021 08:53:57 GMT
x-amz-meta-hash: 088f20cd1f479350f02d9aada3709050
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 17:21:24 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "088f20cd1f479350f02d9aada3709050"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0O9tZLRBibTJOJSC45srP_b5VjGP6_gubgWMenbp2hF2xYHiG-NL7w==
age: 1325
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash d55bcef6ba9c51e180322105308ab412
f684af29c75efba6c23f286c030c8551deaa9006
667471a85d73693e75c7c96bac5890d9b6fbd9f297db726826d1776a24efea42
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 17:43:25 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "8625210D735204161FE0AFC199834D4B118C3527"
Expires: Mon, 26 Sep 2022 04:00:00 GMT
Last-Modified: Sun, 25 Sep 2022 16:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2924
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75058fe1995e0b51-OSL
s3-symbol-logo.tradingview.com/spdr-sandp500-etf-tr.svg
143.204.55.21200 OK 548 B URL HTTP/2 s3-symbol-logo.tradingview.com/spdr-sandp500-etf-tr.svg
IP 143.204.55.21:0
File type exported SGML document, ASCII text, with very long lines (548), with no line terminators
Hash 739b8a1d4950ef3e563a4527ba38d111
5bb4b592092552384154d47e64a8c65216969b7b
cad088efc0978bf886800020a056e4eb07359385addebd54ad4422991689b844
GET /spdr-sandp500-etf-tr.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 548
last-modified: Wed, 15 Jun 2022 10:23:36 GMT
x-amz-meta-hash: 739b8a1d4950ef3e563a4527ba38d111
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 16:59:28 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "739b8a1d4950ef3e563a4527ba38d111"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5_iEsPSPluQgwcWhuiqVSZMIhiLDz_48UaeWYGCeVE9X7W1bNq4xrg==
age: 2721
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/meta-platforms.svg
143.204.55.21200 OK 786 B URL HTTP/2 s3-symbol-logo.tradingview.com/meta-platforms.svg
IP 143.204.55.21:0
File type exported SGML document, ASCII text, with very long lines (786), with no line terminators
Hash cafd1d7d717ad67e5dbe45b88fa3d47b
0e858c59cd7a560d09b0792bf34621446fc4cf4b
293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643
GET /meta-platforms.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 786
last-modified: Fri, 05 Nov 2021 11:07:13 GMT
x-amz-meta-hash: cafd1d7d717ad67e5dbe45b88fa3d47b
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 17:26:00 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "cafd1d7d717ad67e5dbe45b88fa3d47b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CohQdVIgmagD7CLGxNTMh3WQQpozJVIRC_9-6AdnJrCj75ag3shV-A==
age: 1047
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/microsoft.svg
143.204.55.21200 OK 304 B URL HTTP/2 s3-symbol-logo.tradingview.com/microsoft.svg
IP 143.204.55.21:0
File type exported SGML document, ASCII text, with very long lines (304), with no line terminators
Hash 074d127e2f9fd8c2e79c01a5f002979c
a180afde05902cdc100a83180fa387201f992401
6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85
GET /microsoft.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 304
last-modified: Wed, 08 Sep 2021 09:00:12 GMT
x-amz-meta-hash: 074d127e2f9fd8c2e79c01a5f002979c
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 17:25:32 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "074d127e2f9fd8c2e79c01a5f002979c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4KLfMlmhEu2s2hWiiXSOpdlEi1zY6WMsLrzSrByzyaPMrp7X57TfMw==
age: 1077
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/tesla.svg
143.204.55.21200 OK 508 B URL HTTP/2 s3-symbol-logo.tradingview.com/tesla.svg
IP 143.204.55.21:0
File type exported SGML document, ASCII text, with very long lines (508), with no line terminators
Hash 3b7c34c4a74ed2a5415d26d40df1b84a
e069a067efe5513c212569aaeeb30338b69cdd1c
338db12bc3e137ec430f9ba84de55c1a85c3185b98025de7ec213b042813238d
GET /tesla.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 508
last-modified: Wed, 08 Sep 2021 09:01:16 GMT
x-amz-meta-hash: 3b7c34c4a74ed2a5415d26d40df1b84a
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 17:41:43 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "3b7c34c4a74ed2a5415d26d40df1b84a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: spijIBsITynKQy_XdpfAIgMdeJYOTxkiPFB-MSc1GGQqlBfv5fEdag==
age: 109
X-Firefox-Spdy: h2
widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_23-11_39
23.82.31.221101 Switching Protocols 0 B URL HTTP/1.1 widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_23-11_39
IP 23.82.31.221:0
ASN #7203 LEASEWEB-USA-SFO-12
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_23-11_39 HTTP/1.1
Host: widgetdata.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vaOnRJccIypOecV5aFYMSA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sun, 25 Sep 2022 17:43:25 GMT
Connection: upgrade
sec-websocket-accept: 9ZGaimoU0Y6qi+geWQ8FgiE4P/4=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv
vsa6.tawk.to/s/?k=6330933d2197f171f6c9fab4&cver=0&pop=false&asver=107&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MjgxYjZmZjdiOTY3YjExNzk4ZjdkNzciLCJ2aWQiOiJhOWMxYjljYzU1Nzk2YjUyNWI0MzhjNjFhMWExMTI3OTgyMTJiM2Y0MDE1NDI5YTRkYzQwNTY4ZmEwMjMxZWQ4Iiwic2lkIjoiNjMzMDkzM2QyMTk3ZjE3MWY2YzlmYWI0IiwiaWF0IjoxNjY0MTI3ODA1LCJleHAiOjE2NjQxMjk2MDUsImp0aSI6Ik9LWnBiNGJiR0l6MVFXTzM2TWZUaiJ9.numZCMqppPiesT2MeRVSnnPANFWfNcPGngCmTinhZDjqWIi8gCrJHLpVFthshLcIDEeaySi7defLKkUoHMJvEg&EIO=3&transport=websocket&__t=ODrlo8z
104.22.25.131101 Switching Protocols 1.4 kB URL HTTP/1.1 vsa6.tawk.to/s/?k=6330933d2197f171f6c9fab4&cver=0&pop=false&asver=107&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MjgxYjZmZjdiOTY3YjExNzk4ZjdkNzciLCJ2aWQiOiJhOWMxYjljYzU1Nzk2YjUyNWI0MzhjNjFhMWExMTI3OTgyMTJiM2Y0MDE1NDI5YTRkYzQwNTY4ZmEwMjMxZWQ4Iiwic2lkIjoiNjMzMDkzM2QyMTk3ZjE3MWY2YzlmYWI0IiwiaWF0IjoxNjY0MTI3ODA1LCJleHAiOjE2NjQxMjk2MDUsImp0aSI6Ik9LWnBiNGJiR0l6MVFXTzM2TWZUaiJ9.numZCMqppPiesT2MeRVSnnPANFWfNcPGngCmTinhZDjqWIi8gCrJHLpVFthshLcIDEeaySi7defLKkUoHMJvEg&EIO=3&transport=websocket&__t=ODrlo8z
IP 104.22.25.131:0
Hash 55c943036633a9d1fa373e431d318bfd
a9815f4ce6faabbee19030af0784818a5bc6ba0e
e6fbba7cc5c32405ac287875229f0727e2fdb9f2bc56846dfcf88f304b949a91
GET /s/?k=6330933d2197f171f6c9fab4&cver=0&pop=false&asver=107&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MjgxYjZmZjdiOTY3YjExNzk4ZjdkNzciLCJ2aWQiOiJhOWMxYjljYzU1Nzk2YjUyNWI0MzhjNjFhMWExMTI3OTgyMTJiM2Y0MDE1NDI5YTRkYzQwNTY4ZmEwMjMxZWQ4Iiwic2lkIjoiNjMzMDkzM2QyMTk3ZjE3MWY2YzlmYWI0IiwiaWF0IjoxNjY0MTI3ODA1LCJleHAiOjE2NjQxMjk2MDUsImp0aSI6Ik9LWnBiNGJiR0l6MVFXTzM2TWZUaiJ9.numZCMqppPiesT2MeRVSnnPANFWfNcPGngCmTinhZDjqWIi8gCrJHLpVFthshLcIDEeaySi7defLKkUoHMJvEg&EIO=3&transport=websocket&__t=ODrlo8z HTTP/1.1
Host: vsa6.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.roifxtrader.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q5HoxS+ej0gBVFIZd2GlrQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sun, 25 Sep 2022 17:43:26 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: /Wbqrz+xQxKj7BhJ9Btqu1xwlVw=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 75058fe088350b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
s3-symbol-logo.tradingview.com/crypto/XTVCLTC.svg
143.204.55.21200 OK 291 B URL HTTP/2 s3-symbol-logo.tradingview.com/crypto/XTVCLTC.svg
IP 143.204.55.21:0
File type exported SGML document, ASCII text, with no line terminators
Hash 135fed0ba41e2cc6f0be38d91f6d4327
4cf7a4ad00909e8b92e5c9a428f71721481a78b0
fea85b7101beb79844d8b4396a6df981f4757c150cdf3f61bc59453dd2f440ba
GET /crypto/XTVCLTC.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 291
last-modified: Wed, 08 Sep 2021 09:03:49 GMT
x-amz-meta-hash: 135fed0ba41e2cc6f0be38d91f6d4327
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 17:00:41 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "135fed0ba41e2cc6f0be38d91f6d4327"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mOBTIdzKZEPNNu7XOx6-tOGhij9rPKG1bOrAgpjrosoSLuI20f6hIQ==
age: 2662
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/crypto/XTVCEOS.svg
143.204.55.21200 OK 942 B URL HTTP/2 s3-symbol-logo.tradingview.com/crypto/XTVCEOS.svg
IP 143.204.55.21:0
Hash e73f0b734a6da54937e116c743fadaed
7f271eeb142a01eb7f4b1444a339a808c4b6fe41
a81be36c1ea2c1645341019d0c5864bd916fc17a27802dac993f1f43011e76f7
GET /crypto/XTVCEOS.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 08 Sep 2021 09:04:44 GMT
x-amz-meta-hash: b5bb09f3f95c87ffa9a07fc8c225f1bd
server: AmazonS3
content-encoding: gzip
date: Sun, 25 Sep 2022 17:38:08 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: W/"b5bb09f3f95c87ffa9a07fc8c225f1bd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xP5dwtUVI0QgZtg28RJ0bn4Lvv6IYeqQL97s6ar5lfP31FrIishUtg==
age: 320
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
172.67.38.66200 OK 42 kB URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
IP 172.67.38.66:0
File type ASCII text, with very long lines (65466)
Hash 08406bc5cb851b76cdd05489d7761b14
6ee4fcfb8c50b2c42236ab414fab8c8dbe93b8ce
c692d0610fd3c51edfff527b03a57b502664670a80246889083e0bfa6e044c1b
GET /_s/v4/app/63258f417d7/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 17:43:24 GMT
content-type: application/javascript
age: 1734
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"c262969ff89da8a8b3994883a0f57085"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75058fdc5b710b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/alibaba.svg
143.204.55.21200 OK 1.8 kB URL HTTP/2 s3-symbol-logo.tradingview.com/alibaba.svg
IP 143.204.55.21:0
Hash a36b4994e43db1279e732e004817d203
df2c3b13a92ad2aae8999fba2012f4e9f62f29a8
ba32d4c743168d9c7035b815645ea8586da9b87271181d5a672cd12873d8932a
GET /alibaba.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 08 Sep 2021 08:59:49 GMT
x-amz-meta-hash: 1e02f7771eeb782b8bbdec389debc8a8
server: AmazonS3
content-encoding: gzip
date: Sun, 25 Sep 2022 17:10:10 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: W/"1e02f7771eeb782b8bbdec389debc8a8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: USf2R7mBna0OhAtiZOSHheBpOSbMOS80B5h_KhShG6kJKD7TPfUL2w==
age: 2182
X-Firefox-Spdy: h2
widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_23-11_39
23.82.31.221101 Switching Protocols 0 B URL HTTP/1.1 widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_23-11_39
IP 23.82.31.221:0
ASN #7203 LEASEWEB-USA-SFO-12
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_23-11_39 HTTP/1.1
Host: widgetdata.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: V1Xy9OGBFQlTYElS5f2xUw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sun, 25 Sep 2022 17:43:26 GMT
Connection: upgrade
sec-websocket-accept: OcHhHcoPQajkxMKWIrmndnQrEYE=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv
s3-symbol-logo.tradingview.com/crude-oil.svg
143.204.55.21200 OK 443 B URL HTTP/2 s3-symbol-logo.tradingview.com/crude-oil.svg
IP 143.204.55.21:0
File type exported SGML document, ASCII text, with very long lines (443), with no line terminators
Hash 5e4e832aa47ec693a3c1de44c8b222b5
2d5947bfa54cf87422a3d02c46de823d55613400
106132134d99b813f417630a48b4ad75f75423f05cf1ecca333928d67e2e9aaa
GET /crude-oil.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 443
last-modified: Wed, 08 Sep 2021 08:59:22 GMT
x-amz-meta-hash: 5e4e832aa47ec693a3c1de44c8b222b5
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 16:55:56 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "5e4e832aa47ec693a3c1de44c8b222b5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: d8EqFBHplJ2cL_nT7tmjYMRv--nnYdO-rWrrkt63oBqmBTT-SVZHOQ==
age: 2851
X-Firefox-Spdy: h2
s.tradingview.com/embed-widget/market-quotes/?locale=en
54.230.111.26200 OK 0 B URL HTTP/2 s.tradingview.com/embed-widget/market-quotes/?locale=en
IP 54.230.111.26:0
GET /embed-widget/market-quotes/?locale=en HTTP/1.1
Host: s.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Sun, 25 Sep 2022 17:43:20 GMT
expires: Sun, 25 Sep 2022 17:45:20 GMT
cache-control: max-age=120
content-security-policy: base-uri 'none'; default-src 'self' https: data: blob: wss: 'unsafe-inline'; object-src 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-ixsuU+JfvXgK1gTY8U9ASg=='
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HEiBknrbUypRjHeRbX01N3kFiRNv7cFG_q_kLByC_yWCdiN77oORBg==
age: 3
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/country/US.svg
143.204.55.21200 OK 0 B URL HTTP/2 s3-symbol-logo.tradingview.com/country/US.svg
IP 143.204.55.21:0
GET /country/US.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 08 Sep 2021 09:01:07 GMT
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
server: AmazonS3
content-encoding: gzip
date: Sun, 25 Sep 2022 17:42:02 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JBv4JbLjm0h3Xk8WyjOMtkGC4ELxVpNLti8kO_m1V0jzigNhaXPJ3g==
age: 84
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/apple.svg
143.204.55.21200 OK 0 B URL HTTP/2 s3-symbol-logo.tradingview.com/apple.svg
IP 143.204.55.21:0
GET /apple.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 08 Sep 2021 08:59:47 GMT
x-amz-meta-hash: 725d4f188fecc7d857c5a8e668ec4dac
server: AmazonS3
content-encoding: gzip
date: Sun, 25 Sep 2022 17:32:48 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: W/"725d4f188fecc7d857c5a8e668ec4dac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JoID8I4FkK2iqeLcEKY5C9rNIeLAdnax5inKGTqLWNwVgFh_YXzgGg==
age: 641
X-Firefox-Spdy: h2
ptauxofi.net/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/3683319&var=qCqekRDLtEBTXwP&z=3683319
139.45.197.250200 OK 0 B URL HTTP/2 ptauxofi.net/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/3683319&var=qCqekRDLtEBTXwP&z=3683319
IP 139.45.197.250:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/micro.tag.min.js?sw=/sw-check-permissions/3683319&var=qCqekRDLtEBTXwP&z=3683319 HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toapodazoay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 17:43:21 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-1a407"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/87461.aa126d16f4609615d7a4.js
54.230.111.84200 OK 0 B URL HTTP/2 static.tradingview.com/static/bundles/embed/87461.aa126d16f4609615d7a4.js
IP 54.230.111.84:0
GET /static/bundles/embed/87461.aa126d16f4609615d7a4.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Sep 2022 10:11:07 GMT
last-modified: Wed, 07 Sep 2022 08:33:53 GMT
etag: W/"63185771-1518"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ha3y9cYLInkwRIGP2Hn65j3RsSks22r_Bg0LL_u7SIWgs41mtJ0-FA==
age: 1582336
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/75932.cd4f83e4607134502a66.js
54.230.111.84200 OK 0 B URL HTTP/2 static.tradingview.com/static/bundles/embed/75932.cd4f83e4607134502a66.js
IP 54.230.111.84:0
GET /static/bundles/embed/75932.cd4f83e4607134502a66.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 12665
date: Tue, 16 Aug 2022 10:42:05 GMT
last-modified: Tue, 16 Aug 2022 09:48:59 GMT
etag: "62fb680b-3179"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YoJO6xvZEBtp8w8hAEqUAv1_LGCiijm0fbnH7DuBXyEbvVRipPuM2w==
age: 3481278
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-vendor.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-vendor.js
IP 172.67.38.66:0
GET /_s/v4/app/63258f417d7/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 17:43:24 GMT
content-type: application/javascript
age: 1734
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75058fdc5b630b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-app.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-app.js
IP 172.67.38.66:0
GET /_s/v4/app/63258f417d7/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 17:43:24 GMT
content-type: application/javascript
age: 1734
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75058fdc6b780b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
toapodazoay.com/?l=qCqekRDLtEBTXwP&s=597957937608265902&z=5359943&g=NO&svar=1664127800&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1664127800&ssk=fa40768e9fc8251e3929b749b730f954&svarok=1&b=79056&oaid=0c5b6af04f114e0585915d156d68c7ea&rdk=rk3
139.45.197.152200 OK 0 B URL HTTP/2 toapodazoay.com/?l=qCqekRDLtEBTXwP&s=597957937608265902&z=5359943&g=NO&svar=1664127800&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1664127800&ssk=fa40768e9fc8251e3929b749b730f954&svarok=1&b=79056&oaid=0c5b6af04f114e0585915d156d68c7ea&rdk=rk3
IP 139.45.197.152:0
GET /?l=qCqekRDLtEBTXwP&s=597957937608265902&z=5359943&g=NO&svar=1664127800&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1664127800&ssk=fa40768e9fc8251e3929b749b730f954&svarok=1&b=79056&oaid=0c5b6af04f114e0585915d156d68c7ea&rdk=rk3 HTTP/1.1
Host: toapodazoay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 17:43:20 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.24
set-cookie: reverse=-5dE98nNMlWw2G8jJEZrupGGoD9GdItSuEXSt4ArAVE; expires=Sun, 25-Sep-2022 18:43:20 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2
s.tradingview.com/embed-widget/ticker-tape/?locale=en
54.230.111.26200 OK 0 B URL HTTP/2 s.tradingview.com/embed-widget/ticker-tape/?locale=en
IP 54.230.111.26:0
GET /embed-widget/ticker-tape/?locale=en HTTP/1.1
Host: s.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Sun, 25 Sep 2022 17:41:28 GMT
expires: Sun, 25 Sep 2022 17:43:28 GMT
cache-control: max-age=120
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline'; object-src 'none'; base-uri 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-xuaaY4hnfDeV8ZAu0k343g=='
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LNgq9Kg4EBjoOx7jRtJF9wLstJsYOEN4se_YRU7YuUXsPXIqXRFK4w==
age: 115
X-Firefox-Spdy: h2
s.tradingview.com/embed-widget/market-quotes/?locale=en
54.230.111.26200 OK 0 B URL HTTP/2 s.tradingview.com/embed-widget/market-quotes/?locale=en
IP 54.230.111.26:0
GET /embed-widget/market-quotes/?locale=en HTTP/1.1
Host: s.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Sun, 25 Sep 2022 17:43:20 GMT
expires: Sun, 25 Sep 2022 17:45:20 GMT
cache-control: max-age=120
content-security-policy: base-uri 'none'; default-src 'self' https: data: blob: wss: 'unsafe-inline'; object-src 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-ixsuU+JfvXgK1gTY8U9ASg=='
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MBrjKim47CFMsw9JRYdluQpPz_u-2435H-7IfdxiDvsnmUMaWQVQ6w==
age: 3
X-Firefox-Spdy: h2
s.tradingview.com/embed-widget/market-quotes/?locale=en
54.230.111.26200 OK 0 B URL HTTP/2 s.tradingview.com/embed-widget/market-quotes/?locale=en
IP 54.230.111.26:0
GET /embed-widget/market-quotes/?locale=en HTTP/1.1
Host: s.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Sun, 25 Sep 2022 17:43:20 GMT
expires: Sun, 25 Sep 2022 17:45:20 GMT
cache-control: max-age=120
content-security-policy: base-uri 'none'; default-src 'self' https: data: blob: wss: 'unsafe-inline'; object-src 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-ixsuU+JfvXgK1gTY8U9ASg=='
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TyHVh9l9TeHaqcNCHI0CjUOXipPEQp9knP-8KqFszYUzRosDslzGDg==
age: 3
X-Firefox-Spdy: h2
embed.tawk.to/6281b6ff7b967b11798f7d77/1g35b5lj0
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/6281b6ff7b967b11798f7d77/1g35b5lj0
IP 172.67.38.66:0
GET /6281b6ff7b967b11798f7d77/1g35b5lj0 HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 17:43:23 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-63258f417d7"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 1756
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75058fd31fc50b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.530a55e441c55d6c8446.js
54.230.111.84200 OK 0 B URL HTTP/2 static.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.530a55e441c55d6c8446.js
IP 54.230.111.84:0
GET /static/bundles/embed/embed_ticker_tape_widget.530a55e441c55d6c8446.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 21 Sep 2022 10:20:18 GMT
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
etag: W/"632ace12-1b8a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qa-l_kiHAMcTKGrYT09I3tE8p10WarcDGmShkXwubCHm65keLfZiag==
age: 372185
X-Firefox-Spdy: h2
www.roifxtrader.com/
104.21.81.185200 OK 0 B IP 104.21.81.185:0
GET / HTTP/1.1
Host: www.roifxtrader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 17:43:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://www.roifxtrader.com/wp-json/>; rel="https://api.w.org/", <https://www.roifxtrader.com/wp-json/wp/v2/pages/6635>; rel="alternate"; type="application/json", <https://www.roifxtrader.com/>; rel=shortlink
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgjWnM2CfiMUZoMhIx4iVodfszqdH76TgotDJCpDpi7C4KdMowgxBH5aqxXni69s91ai2%2FEO4vYPOWLq9zcT3lEhfX1c5I%2Bk%2FMU3jpshO4wdsFaOzkFnZoGX5Qdnvk%2BRymrlygrs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75058fcf1fc51c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Jost%3A600%2C400%2C700&display=swap&ver=6.0.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Jost%3A600%2C400%2C700&display=swap&ver=6.0.2
IP 142.250.74.10:0
GET /css?family=Jost%3A600%2C400%2C700&display=swap&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 25 Sep 2022 17:43:23 GMT
date: Sun, 25 Sep 2022 17:43:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.tradingview.com/embed-widget/market-quotes/?locale=en
54.230.111.26200 OK 0 B URL HTTP/2 s.tradingview.com/embed-widget/market-quotes/?locale=en
IP 54.230.111.26:0
GET /embed-widget/market-quotes/?locale=en HTTP/1.1
Host: s.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Sun, 25 Sep 2022 17:43:20 GMT
expires: Sun, 25 Sep 2022 17:45:20 GMT
cache-control: max-age=120
content-security-policy: base-uri 'none'; default-src 'self' https: data: blob: wss: 'unsafe-inline'; object-src 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-ixsuU+JfvXgK1gTY8U9ASg=='
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _vdiPLs5rmhHy4uI7CowaZXpZ7Q5UQNY-9YOjpBCD2GgLFHY0wKuIg==
age: 3
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/28055.7fe079f819bb507d3dec.js
54.230.111.84200 OK 0 B URL HTTP/2 static.tradingview.com/static/bundles/embed/28055.7fe079f819bb507d3dec.js
IP 54.230.111.84:0
GET /static/bundles/embed/28055.7fe079f819bb507d3dec.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 21 Sep 2022 10:20:18 GMT
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
etag: W/"632ace12-85a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7jLn9oQ6nEYTH5saTigtAT1FHnWaCFV9_Leq8fqPOHDFreyoB5RSzw==
age: 372185
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
IP 172.67.38.66:0
GET /_s/v4/app/63258f417d7/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 17:43:24 GMT
content-type: application/javascript
age: 1734
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"31ca85b2b61bb42db4e40c2e9429f7dc"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75058fdc6b770b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2