Overview

URL67.us.blowingwind.xyz/feed/?link=true&tid=67&subid=67.jp.android&ref=t5.lowtid.com&s1=6376b9eed808f23961709bea
IP 23.235.251.114 (United States)
ASN#19437 SS-ASH
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-17 22:47:39 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (62)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
acsbapp.com (1) 5220 2020-08-14 05:49:08 UTC 2022-11-17 09:03:27 UTC 138.128.247.123
challenges.cloudflare.com (1) 0 2021-10-20 05:02:03 UTC 2022-11-17 13:24:39 UTC 104.18.7.185 Domain (cloudflare.com) ranked at: 342
vc.hotjar.io (1) 2334 No data No data 99.84.9.107
status.thawte.com (1) 5123 2019-03-13 17:00:46 UTC 2020-04-10 08:00:21 UTC 93.184.220.29
connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2020-02-17 13:26:09 UTC 31.13.72.12
bam.nr-data.net (1) 630 2015-02-10 00:06:27 UTC 2022-05-19 12:27:58 UTC 162.247.241.14
go.money616.xyz (1) 0 No data No data 18.184.197.212 Unknown ranking
etorologsapi.etoro.com (2) 54636 2015-02-05 06:25:55 UTC 2019-11-21 07:10:20 UTC 20.54.209.212
zero.pointlessplay.com (1) 0 2022-05-04 08:00:48 UTC 2022-11-17 15:22:17 UTC 18.172.153.14 Unknown ranking
privacyportal-de.onetrust.com (1) 8687 2018-05-25 09:58:46 UTC 2022-11-17 21:52:48 UTC 104.18.27.85
static.hotjar.com (1) 641 2014-11-01 05:14:27 UTC 2020-04-26 08:32:02 UTC 13.224.245.61
adspredictiv.com (2) 160243 2015-04-30 21:27:53 UTC 2022-11-17 09:47:19 UTC 35.190.38.40
ocsp.digicert.com (15) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
pages.etoro.com (2) 137606 2015-03-22 08:50:22 UTC 2020-04-17 00:59:48 UTC 104.18.35.149
www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-11-17 14:53:28 UTC 142.250.74.35
one.pointlessplay.com (1) 0 2021-08-13 12:07:31 UTC 2022-11-17 15:22:18 UTC 3.227.190.204 Unknown ranking
cloudflare.hcaptcha.com (1) 0 2022-02-23 15:28:14 UTC 2022-11-17 13:11:39 UTC 104.18.18.132 Domain (hcaptcha.com) ranked at: 5458
r3.o.lencr.org (10) 344 No data No data 23.36.77.32
cdn.fonts.net (1) 62966 2018-07-06 16:36:26 UTC 2022-11-17 13:34:33 UTC 104.17.224.78
9944765.fls.doubleclick.net (1) 125024 No data No data 142.250.74.70
adservice.google.com (1) 76 2021-02-20 16:10:48 UTC 2022-11-17 17:42:25 UTC 142.250.74.130
bat.bing.com (1) 387 2014-04-08 09:23:16 UTC 2020-04-20 20:17:24 UTC 204.79.197.200
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-17 05:55:30 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
t2.lowtid.com (1) 0 2022-08-03 13:42:14 UTC 2022-11-16 13:25:20 UTC 51.161.115.163 Unknown ranking
ocsp.pki.goog (12) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
snap.licdn.com (1) 1044 2014-10-06 08:43:45 UTC 2020-04-10 04:11:37 UTC 23.36.76.121
s.yimg.com (2) 375 2012-05-21 13:25:46 UTC 2020-03-08 23:51:03 UTC 188.125.94.206
cdn.cookielaw.org (8) 502 2014-05-20 23:23:17 UTC 2022-11-17 07:24:12 UTC 104.16.148.64
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-11-17 06:17:39 UTC 216.239.32.36 Domain (google-analytics.com) ranked at: 8401
cdn.acsbapp.com (2) 5589 2020-08-16 06:12:24 UTC 2020-11-08 12:35:22 UTC 147.185.239.229
amplify.outbrain.com (1) 2255 2018-06-20 02:16:23 UTC 2021-09-19 09:57:40 UTC 23.38.201.81
goosebomb.com (1) 96435 2021-08-27 13:00:38 UTC 2022-11-16 14:24:34 UTC 172.67.144.202
ron.trffclb.com (2) 0 2022-09-30 13:04:48 UTC 2022-11-17 20:19:06 UTC 51.83.143.92 Unknown ranking
marketing.etorostatic.com (37) 82505 2015-09-24 17:03:19 UTC 2019-11-14 02:05:56 UTC 23.38.201.117
tr.snapchat.com (2) 978 2017-04-26 06:25:03 UTC 2022-05-17 21:54:32 UTC 35.190.43.134
static.ads-twitter.com (1) 614 2018-06-23 22:08:39 UTC 2020-04-02 08:58:40 UTC 151.101.84.157
stats.g.doubleclick.net (1) 96 2013-06-10 20:21:11 UTC 2022-11-17 18:22:14 UTC 142.250.150.155
www.googletagmanager.com (2) 75 2013-05-22 02:07:37 UTC 2022-11-17 14:41:03 UTC 142.250.74.168
67.us.blowingwind.xyz (1) 0 2022-10-20 12:32:42 UTC 2022-11-16 07:13:59 UTC 23.235.251.114 Unknown ranking
js.adsrvr.org (1) 1664 2014-10-28 22:25:15 UTC 2020-02-11 15:39:45 UTC 99.86.116.119
cdn.linkedin.oribi.io (2) 0 2022-10-19 14:36:39 UTC 2022-11-17 21:53:44 UTC 108.156.28.36 Domain (oribi.io) ranked at: 21988
pritha-ner.com (1) 141698 2020-05-04 08:37:59 UTC 2022-11-14 05:21:03 UTC 3.212.50.125
js-agent.newrelic.com (7) 378 2018-06-22 04:15:37 UTC 2020-05-01 11:44:04 UTC 151.101.86.137
region1.analytics.google.com (1) 0 2022-03-17 11:26:33 UTC 2022-11-17 07:21:51 UTC 216.239.34.36 Domain (google.com) ranked at: 1
dx.steelhousemedia.com (1) 8530 2013-09-26 09:54:29 UTC 2022-11-17 09:41:59 UTC 44.236.199.214
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-17 05:55:20 UTC 34.117.237.239
redir.tealwinds.xyz (1) 0 2022-07-28 05:22:11 UTC 2022-11-17 16:56:45 UTC 198.211.113.186 Domain (tealwinds.xyz) ranked at: 178693
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
ocsp.sectigo.com (2) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
vars.hotjar.com (1) 1014 2020-11-05 10:13:14 UTC 2022-11-17 19:53:36 UTC 143.204.68.26
c0.adalyser.com (2) 26110 2018-08-22 06:21:53 UTC 2020-04-21 04:24:50 UTC 54.77.147.26
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-17 17:40:59 UTC 142.250.74.174
cdn.taboola.com (1) 1040 2013-07-19 23:48:03 UTC 2020-04-10 11:29:57 UTC 151.101.85.44
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.215.94.42
med.etoro.com (3) 45781 No data No data 23.32.86.79
geolocation.onetrust.com (1) 802 2018-09-01 13:33:45 UTC 2022-11-17 08:22:39 UTC 104.18.26.85
script.hotjar.com (1) 887 2020-11-24 18:52:39 UTC 2022-11-17 20:40:25 UTC 18.165.227.27
web1.acsbapp.com (1) 37191 2021-03-10 09:46:33 UTC 2022-11-17 09:03:28 UTC 138.128.247.123
sc-static.net (1) 1183 2022-01-24 20:13:30 UTC 2022-11-17 17:33:48 UTC 99.84.0.246
ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2020-05-02 20:58:10 UTC 192.124.249.36
insight.adsrvr.org (1) 631 2014-03-25 22:33:59 UTC 2022-11-17 11:55:36 UTC 35.71.131.137

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-17 2 trffclb.com Sinkholed
2022-11-17 2 trffclb.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 23.235.251.114
Date UQ / IDS / BL URL IP
2023-02-05 11:22:44 +0000 0 - 0 - 2 4.us.silverwinds.xyz/feed/?link=true&tid=4&su (...) 23.235.251.114
2023-02-03 20:22:48 +0000 0 - 0 - 2 8.us.tealwinds.xyz/feed/?link=true&tid=8&subi (...) 23.235.251.114
2023-01-29 16:07:50 +0000 0 - 2 - 2 66.us.tealwinds.xyz/feed/?link=true&tid=66&su (...) 23.235.251.114
2023-01-25 06:47:03 +0000 0 - 0 - 1 21.us.tealwinds.xyz/feed/?link=true&tid=21&su (...) 23.235.251.114
2023-01-19 15:47:03 +0000 0 - 0 - 2 60.us.tealwinds.xyz/feed/?link=true&tid=60&su (...) 23.235.251.114


Last 5 reports on ASN: SS-ASH
Date UQ / IDS / BL URL IP
2023-02-05 11:22:44 +0000 0 - 0 - 2 4.us.silverwinds.xyz/feed/?link=true&tid=4&su (...) 23.235.251.114
2023-02-03 20:22:48 +0000 0 - 0 - 2 8.us.tealwinds.xyz/feed/?link=true&tid=8&subi (...) 23.235.251.114
2023-02-01 20:53:46 +0000 0 - 0 - 22 www.montereycountyclinicservices.org/ 131.153.100.222
2023-01-31 07:05:58 +0000 0 - 0 - 4 www.afamag.com/ 131.153.100.9
2023-01-29 16:07:50 +0000 0 - 2 - 2 66.us.tealwinds.xyz/feed/?link=true&tid=66&su (...) 23.235.251.114


Last 5 reports on domain: blowingwind.xyz
Date UQ / IDS / BL URL IP
2023-01-29 04:36:00 +0000 0 - 0 - 1 redir.blowingwind.xyz/feed/click/?t1=128&tid= (...) 198.211.113.186
2023-01-27 09:05:59 +0000 0 - 2 - 7 redir.blowingwind.xyz/feed/click/?t1=128&tid= (...) 198.211.113.186
2023-01-26 08:11:31 +0000 0 - 0 - 9 redir.blowingwind.xyz/feed/click/?t1=128&tid= (...) 198.211.113.186
2023-01-09 02:02:27 +0000 0 - 2 - 2 redir.blowingwind.xyz/click/invalid/?tid=8&su (...) 198.211.113.186
2023-01-07 15:55:50 +0000 0 - 2 - 3 redir.blowingwind.xyz/feed/click/?t1=128&tid= (...) 198.211.113.186


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-15 20:11:14 +0000 0 - 1 - 1 w4x0i.bemobtrcks.com/go/db5076e0-b753-4adf-be (...) 3.70.16.242
2023-01-15 16:14:58 +0000 0 - 1 - 0 camp.purchase-shop.com/3967415d-e788-42c8-80d (...) 18.192.108.151
2023-01-14 21:58:08 +0000 0 - 1 - 2 inoradde.com/4/4326573/ 139.45.197.238
2023-01-13 22:53:19 +0000 0 - 1 - 2 inoradde.com/4/4326573/ 139.45.197.238
2023-01-12 16:00:12 +0000 0 - 1 - 0 h.youractualjournal.com/4/3735494/ 188.114.96.1

JavaScript

Executed Scripts (80)

Executed Evals (7)
#1 JavaScript::Eval (size: 4) - SHA256: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
true
#2 JavaScript::Eval (size: 25) - SHA256: b62262aeb7ee1694f40152af828f0d72a6ac6572f9db8ffa1ab16784c7532878
(function() {
    return !0
})();
#3 JavaScript::Eval (size: 62) - SHA256: 6477acf082d26199b6ce8346b93149b1b999233d9fe76b0340ebf43317cf98f8
typeof 1 n === "bigint" && BigInt(1) === 1 n && Number(1 n) === 1
#4 JavaScript::Eval (size: 7) - SHA256: 53e5f34ac520035c7f124076d1e68c70a85c83cf68a339fa713b872b54126148
() => !!1
#5 JavaScript::Eval (size: 25) - SHA256: d72255f7e5ea4dfdf9821df800356367d0bc7df07ecd103bb660018cb1e4f400
3.141592653589793 * * -100
#6 JavaScript::Eval (size: 0) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
#7 JavaScript::Eval (size: 83) - SHA256: 16546b79ed36a9ca2495b23fbef53975fd6d324b4b03a379a09a22cf788ba32c
(function() {
    var b = 3;
    return function(a) {
        a.set("dimension" + b, a.get("clientId"))
    }
})();

Executed Writes (0)


HTTP Transactions (165)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6BCFA518476658128C1FB4EA2435C4E58531454CF97138DCE7ECE9DEF589AEAD"
Last-Modified: Wed, 16 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4809
Expires: Fri, 18 Nov 2022 00:07:34 GMT
Date: Thu, 17 Nov 2022 22:47:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2332
Cache-Control: max-age=130970
Date: Thu, 17 Nov 2022 22:47:25 GMT
Etag: "63760d7b-1d7"
Expires: Sat, 19 Nov 2022 11:10:15 GMT
Last-Modified: Thu, 17 Nov 2022 10:31:23 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6235
Expires: Fri, 18 Nov 2022 00:31:20 GMT
Date: Thu, 17 Nov 2022 22:47:25 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 17 Nov 2022 22:44:45 GMT
cache-control: public,max-age=3600
age: 160
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: U1gPDKE/5PKWBG5suvnhHyKNokqGJ/5HNoBScZvg1lNMympizux6RDJ++8Srm4wC3x0xbmqV8cE=
x-amz-request-id: CF0HNYXQXSE8NBMQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 17 Nov 2022 22:15:19 GMT
age: 1926
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 17 Nov 2022 22:47:25 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 17 Nov 2022 22:44:49 GMT
cache-control: public,max-age=3600
age: 157
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1996
Cache-Control: max-age=125565
Date: Thu, 17 Nov 2022 22:47:26 GMT
Etag: "6375f9af-1d7"
Expires: Sat, 19 Nov 2022 09:40:11 GMT
Last-Modified: Thu, 17 Nov 2022 09:06:55 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8BDdUb6LI93PwQbwrRAKkA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.215.94.42
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yJU77wl5rXwcDFmSM2coTpwBUBQ=

                                        
                                            GET /feed/?link=true&tid=67&subid=67.jp.android&ref=t5.lowtid.com&s1=6376b9eed808f23961709bea HTTP/1.1 
Host: 67.us.blowingwind.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         23.235.251.114
HTTP/1.1 301 Moved Permanently
                                        
Cache-Control: no-cache
Location: https://redir.tealwinds.xyz/click/invalid/?tid=67&subid=67.jp.android
Date: Thu, 17 Nov 2022 22:47:27 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E0D4505969F5F127B6C219BBA211A55056EBE434256CA4A58EB0D85A44F3CE99"
Last-Modified: Wed, 16 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12855
Expires: Fri, 18 Nov 2022 02:21:42 GMT
Date: Thu, 17 Nov 2022 22:47:27 GMT
Connection: keep-alive

                                        
                                            GET /click/invalid/?tid=67&subid=67.jp.android HTTP/1.1 
Host: redir.tealwinds.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         198.211.113.186
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
X-Powered-By: Express
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: 0
Location: https://t2.lowtid.com/l.php?p=c:1ighcayppnss2p5b2&d=63526ec4faf797126b433250&s=67p
Vary: Accept
Content-Length: 224
Date: Thu, 17 Nov 2022 22:47:27 GMT
Connection: keep-alive
Keep-Alive: timeout=5


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   224
Md5:    585810573a1a686b9cd3c49ef3d3e912
Sha1:   d5b8220a03ba07d2bee9346ae06e074f4285675c
Sha256: a004b5fe2cfc5d4163625c61ce2c66699b52d0956b14bff1f18f21f71487a755
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4534
Expires: Fri, 18 Nov 2022 00:03:02 GMT
Date: Thu, 17 Nov 2022 22:47:28 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4534
Expires: Fri, 18 Nov 2022 00:03:02 GMT
Date: Thu, 17 Nov 2022 22:47:28 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4534
Expires: Fri, 18 Nov 2022 00:03:02 GMT
Date: Thu, 17 Nov 2022 22:47:28 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4534
Expires: Fri, 18 Nov 2022 00:03:02 GMT
Date: Thu, 17 Nov 2022 22:47:28 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F591858fd-bcb1-4a79-bff2-51b044b4fbb0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8108
x-amzn-requestid: b0579a2a-5b57-40cb-9ab5-1ed1a58ca1fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-MNGLUIAMFp7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa4d-6aeb306b0e99303639416188;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D4wOoPonIvKX3I2cZNfRmhzJCCTTvVJ6lIttSFsG8jB2hUXQ_AO9Ig==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:04:41 GMT
age: 2567
etag: "c90e73a1a1ecf67e5e0bd374ae37d04caa3bb1c1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8108
Md5:    58e93b8944e96f1c5cd61caa7829ca96
Sha1:   c90e73a1a1ecf67e5e0bd374ae37d04caa3bb1c1
Sha256: b38ee82e01744e77f69be21470d7a864a366a9c94c6c8dd9adf1877ad99199ab
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4724f84-de93-48d7-8d33-1427f27e15a0.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7539
x-amzn-requestid: 96d0ad29-0b25-4e4b-93ea-da9fde83aa8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw9V5E2boAMFbiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376a8f2-33f7f4592f8574486987e233;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: r1X3PUyrso5VkyphYHqBQdYo6lmmIvTQdA_kPA5I-lds8qn9RtEIpw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:05:52 GMT
etag: "31935f7d11269f0f4177a48d2c166e09fec1f377"
age: 2496
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7539
Md5:    55801be30fc7e7d24ba2418d00ce4ca2
Sha1:   31935f7d11269f0f4177a48d2c166e09fec1f377
Sha256: 05e58892cab261aca3abe7e29ff482b51f5f7e4261b8579e7b9f85487f53eeda
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84053cb2-edec-465e-8700-6af61bae8236.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8155
x-amzn-requestid: 5650af50-eb93-47d9-8322-8a2e263e12ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-7vFU5IAMFYGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7e-759bbd5b5a22e07c1c181c0a;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XzJcm_AlMH4hb2urV7RORAjz7LR7NXZ2pAMEhx1foW2VJgj4mxVxJw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:05:52 GMT
age: 2496
etag: "cbdc425467a5d41aba5e8e5c54354b4f03cd194a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8155
Md5:    676b1603008690786aa36dc3113b7581
Sha1:   cbdc425467a5d41aba5e8e5c54354b4f03cd194a
Sha256: 7e5e7bf695ff31df6c97e502a44f4fa9197c6579b0c7a7c590457ea067d1cf1e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29c72a34-350b-448d-b69f-b0adfe74dc64.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14762
x-amzn-requestid: f60d1de2-407f-4e2f-bbb0-750f77d42878
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw9VRGlUoAMFSqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376a8ee-1ef9573e23c7774435cbc843;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:34:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: q7BJuj9zJGgpNjNWlzye-YAQ6zJrH2_SmycSmPt3YQNCtF8bDPBM3Q==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:04:39 GMT
age: 2569
etag: "9051be78c17480c8e5128836c2cda0c6b96b0261"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14762
Md5:    8c96e8dc581a03b62c5f0a7c8ac49916
Sha1:   9051be78c17480c8e5128836c2cda0c6b96b0261
Sha256: 99c330ef89dbe0ac0b957e419e85c2c7de20bb74e6437961f60779410f70ba0e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10349
x-amzn-requestid: fc85e078-a81a-4fed-899e-15249961f59c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-7tHGLIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7d-4224d193517794684fcdc0ad;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UK-XD_8EcfPwfLb-QVwfLr8aG-sqVBoUJcbPb5hKAlQS68eOxdgM5g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:05:52 GMT
age: 2496
etag: "fa7c5c9a1d16355859196271f3d13f3850931888"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10349
Md5:    7d16e5ff718353c095d266b080fe547f
Sha1:   fa7c5c9a1d16355859196271f3d13f3850931888
Sha256: 9a94d8eb20cc56d0898b1e2b80c0006ebbef75c15ad94e907050c5be4e19a960
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5zDWKjYmvVLCemXw5Swm2qkhw1mQtD5c07Fl7Krydo_XR5FFyHDu4Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 07:15:37 GMT
age: 55911
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11667
Md5:    032386e5c9dffff1ba1ee5e8a322d438
Sha1:   dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
Sha256: 0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BADC51EC9601F23B394411355FAE622841A328A563831F1C922F3339CFEACDC5"
Last-Modified: Wed, 16 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4692
Expires: Fri, 18 Nov 2022 00:05:40 GMT
Date: Thu, 17 Nov 2022 22:47:28 GMT
Connection: keep-alive

                                        
                                            GET /l.php?p=c:1ighcayppnss2p5b2&d=63526ec4faf797126b433250&s=67p HTTP/1.1 
Host: t2.lowtid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         51.161.115.163
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 17 Nov 2022 22:47:28 GMT
Content-Length: 0
Connection: keep-alive
Round: 1217p3t0dz
Raund: 1yh
Location: https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_67p

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4DC7F6DBC81D59F0BAAA06E1680E3C71DD074CE0B764914DA101904EB2C18EC4"
Last-Modified: Wed, 16 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12120
Expires: Fri, 18 Nov 2022 02:09:28 GMT
Date: Thu, 17 Nov 2022 22:47:28 GMT
Connection: keep-alive

                                        
                                            GET /f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_67p HTTP/1.1 
Host: ron.trffclb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         51.83.143.92
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 17 Nov 2022 22:47:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: bt-603611c5b7eaf46891533240=6376ba000e02a55dd675cfd1; expires=Sun, 20-Nov-2022 22:47:28 GMT; Max-Age=259200; path=/; domain=ron.trffclb.com; HttpOnly
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (537)
Size:   491
Md5:    bf6b4628f3ab314dc73962773fd8d6de
Sha1:   03a05b6e1774a8d3e260fcd125c2f5482f3ef49d
Sha256: 28220b227cedb268feacce9461c84e2448abd2cb5cc013b18bd5e59cc52e77aa

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_67p&bv=1 HTTP/1.1 
Host: ron.trffclb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_67p
Cookie: bt-603611c5b7eaf46891533240=6376ba000e02a55dd675cfd1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

search
                                         51.83.143.92
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 17 Nov 2022 22:47:28 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: bt-603611c5b7eaf46891533240=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=ron.trffclb.com; HttpOnly
Round: 11kgq037yu
Raund: 2g2
Location: https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6389
Cache-Control: max-age=122401
Date: Thu, 17 Nov 2022 22:47:28 GMT
Etag: "6375dc2c-116"
Expires: Sat, 19 Nov 2022 08:47:29 GMT
Last-Modified: Thu, 17 Nov 2022 07:01:00 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /0646614100?adTagId=20111650-aa5d-11e6-a4a9-0e855f2e0669&fallbackUrl=https://popmyads.com/return/30 HTTP/1.1 
Host: pritha-ner.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         3.212.50.125
HTTP/1.1 302
                                        
Date: Thu, 17 Nov 2022 22:47:28 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Location: https://go.money616.xyz/X15?sub1=chartreuse-ox&sub2=whiskey-seg-4l0ult0cv
Server: UETLtVTH

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FCCAF4EDA8F56FB2FBB4E1D8D72603725017D954F7762921D9C88D168082B7A6"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4942
Expires: Fri, 18 Nov 2022 00:09:51 GMT
Date: Thu, 17 Nov 2022 22:47:29 GMT
Connection: keep-alive

                                        
                                            GET /X15?sub1=chartreuse-ox&sub2=whiskey-seg-4l0ult0cv HTTP/1.1 
Host: go.money616.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         18.184.197.212
HTTP/1.1 302 Found
content-type: text/html; charset=utf-8
                                        
connection: close
x-content-type-options: nosniff
x-powered-by: Short.io link shortener
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
location: https://adspredictiv.com/jump/next.php?r=6415938&sub1=chartreuse-ox&sub2=whiskey-seg-4l0ult0cv
content-length: 0
Date: Thu, 17 Nov 2022 22:47:29 GMT

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 17 Nov 2022 22:47:29 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 10:25:03 GMT
Expires: Wed, 23 Nov 2022 10:25:02 GMT
Etag: "f472a5ce78525340ef4936f877b671c2dda230d4"
Cache-Control: max-age=473252,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76bc0227ccc2b4f9-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 17 Nov 2022 22:47:29 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 10:25:03 GMT
Expires: Wed, 23 Nov 2022 10:25:02 GMT
Etag: "f472a5ce78525340ef4936f877b671c2dda230d4"
Cache-Control: max-age=473252,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76bc02292e61b4f9-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4809
Cache-Control: max-age=103180
Date: Thu, 17 Nov 2022 22:47:29 GMT
Etag: "63759744-117"
Expires: Sat, 19 Nov 2022 03:27:09 GMT
Last-Modified: Thu, 17 Nov 2022 02:07:00 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4810
Cache-Control: max-age=103180
Date: Thu, 17 Nov 2022 22:47:30 GMT
Etag: "63759744-117"
Expires: Sat, 19 Nov 2022 03:27:10 GMT
Last-Modified: Thu, 17 Nov 2022 02:07:00 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 17 Nov 2022 22:47:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=G-E9QBCJNBNS HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 17 Nov 2022 22:47:30 GMT
expires: Thu, 17 Nov 2022 22:47:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75988
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   75989
Md5:    9af34a467a83bd06a4d8c9a1d69d1a08
Sha1:   8b481ebe31c89182908d904fb10987ac55dd36f0
Sha256: 604f41fa5a4b28c3ee2d0b92c21a07cf58c86636c2e1c99d17172c8d4f15c939
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 17 Nov 2022 22:47:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /B15344_A89099_TClick_S166872524910000TNOTV415326358024V41.aspx HTTP/1.1 
Host: med.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         23.32.86.79
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Content-Length: 241
Location: http://med.etoro.com/aw.aspx?B=15344&A=89099&Task=Click&SubAffiliateID=166872524910000TNOTV415326358024V41
X-Robots-Tag: noindex
Expires: Thu, 17 Nov 2022 22:47:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 17 Nov 2022 22:47:30 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   241
Md5:    0bc5f64ce07b7b3ba3fed9ca0e83cfec
Sha1:   b348f158dbb211a0db81bffe624de6ed510719c9
Sha256: 759ab0791fd651c174c986aadf3f0a5b3174638dda32af67b6cebfa0f43cc05d
                                        
                                            GET /aw.aspx?B=15344&A=89099&Task=Click&SubAffiliateID=166872524910000TNOTV415326358024V41 HTTP/1.1 
Host: med.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         23.32.86.79
HTTP/1.1 301 Moved Permanently
                                        
Server: AkamaiGHost
Content-Length: 0
Location: https://med.etoro.com/aw.aspx?B=15344&A=89099&Task=Click&SubAffiliateID=166872524910000TNOTV415326358024V41
Expires: Thu, 17 Nov 2022 22:47:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 17 Nov 2022 22:47:30 GMT
Connection: keep-alive

                                        
                                            GET /aw.aspx?B=15344&A=89099&Task=Click&SubAffiliateID=166872524910000TNOTV415326358024V41 HTTP/1.1 
Host: med.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         23.32.86.79
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Content-Length: 0
Location: http://pages.etoro.com/social-connect/superlink_English.php?utm_medium=Networks&utm_source=89099&utm_content=0&utm_serial=166872524910000TNOTV415326358024V41&utm_campaign=166872524910000TNOTV415326358024V41&utm_term=
P3P: CP=`NOI DSP COR NID ADMa OPTa OUR NOR`
X-Robots-Tag: noindex
Expires: Thu, 17 Nov 2022 22:47:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 17 Nov 2022 22:47:30 GMT
Connection: keep-alive
Set-Cookie: ASP.NET_SessionId=vj30ghiuzb3aq2bmmhjbb0hp; path=/; HttpOnly AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166872524910000TNOTV415326358024V41&Custom=&ClickDateTime=2022-11-17T22:47:30.3920576Z&UserUniqueIdentifier=; domain=.etoro.com; expires=Mon, 16-Jan-2023 00:00:00 GMT; path=/ AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166872524910000TNOTV415326358024V41&Custom=&ClickDateTime=2022-11-17T22:47:30.3920576Z&UserUniqueIdentifier=; domain=.etoro.com.cn; expires=Mon, 16-Jan-2023 00:00:00 GMT; path=/ AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166872524910000TNOTV415326358024V41&Custom=&ClickDateTime=2022-11-17T22:47:30.3920576Z&UserUniqueIdentifier=; domain=.etorocn.com.cn; expires=Mon, 16-Jan-2023 00:00:00 GMT; path=/ AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166872524910000TNOTV415326358024V41&Custom=&ClickDateTime=2022-11-17T22:47:30.3920576Z&UserUniqueIdentifier=; domain=.etoroasia-securities.com; expires=Mon, 16-Jan-2023 00:00:00 GMT; path=/ AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166872524910000TNOTV415326358024V41&Custom=&ClickDateTime=2022-11-17T22:47:30.3920576Z&UserUniqueIdentifier=; domain=.etoroasia.cn; expires=Mon, 16-Jan-2023 00:00:00 GMT; path=/ AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166872524910000TNOTV415326358024V41&Custom=&ClickDateTime=2022-11-17T22:47:30.3920576Z&UserUniqueIdentifier=; domain=.etoroasia.com; expires=Mon, 16-Jan-2023 00:00:00 GMT; path=/ AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166872524910000TNOTV415326358024V41&Custom=&ClickDateTime=2022-11-17T22:47:30.3920576Z&UserUniqueIdentifier=; domain=.etoroasia.com.cn; expires=Mon, 16-Jan-2023 00:00:00 GMT; path=/ AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166872524910000TNOTV415326358024V41&Custom=&ClickDateTime=2022-11-17T22:47:30.3920576Z&UserUniqueIdentifier=; domain=.etoroasia-Investing.com; expires=Mon, 16-Jan-2023 00:00:00 GMT; path=/ RequestURL=URL=http://med.etoro.com/aw.aspx?b=15344&a=89099&task=click&subaffiliateid=166872524910000tnotv415326358024v41; domain=.etoro.com; expires=Sat, 17-Dec-2022 00:00:00 GMT; path=/

                                        
                                            GET /social-connect/superlink_English.php?utm_medium=Networks&utm_source=89099&utm_content=0&utm_serial=166872524910000TNOTV415326358024V41&utm_campaign=166872524910000TNOTV415326358024V41&utm_term= HTTP/1.1 
Host: pages.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         104.18.35.149
HTTP/1.1 301 Moved Permanently
                                        
Date: Thu, 17 Nov 2022 22:47:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 17 Nov 2022 23:47:30 GMT
Location: https://pages.etoro.com/social-connect/superlink_English.php?utm_medium=Networks&utm_source=89099&utm_content=0&utm_serial=166872524910000TNOTV415326358024V41&utm_campaign=166872524910000TNOTV415326358024V41&utm_term=
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Set-Cookie: __cf_bm=sbU8a1fywk5R0u9vFRw.SJrwdBkuP.d882RTJnK_.4Y-1668725250-0-AUKHJwnb4W6NxvniimMbSW0uAad06s4FS5lwmTWxN65caxe2Cf2PbzWAdFe4c1Q8mxB6qDZPEYk87ekWHmk+mXI9a/bWkg3uEm0vRZS4reJt; path=/; expires=Thu, 17-Nov-22 23:17:30 GMT; domain=.etoro.com; HttpOnly; SameSite=None __cfruid=2205a57e5134d6ff05cf0086a2a3ac522d1c8ced-1668725250; path=/; domain=.etoro.com; HttpOnly
Server: cloudflare
CF-RAY: 76bc022f4ccdb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

                                        
                                            GET /consent/f72d065d-437e-4ee9-87c6-475882c9f118/OtAutoBlock.js HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Thu, 17 Nov 2022 22:47:30 GMT
content-length: 2072
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: uerbbQW5uv5BmqmfaAl98g==
last-modified: Tue, 14 Dec 2021 12:34:46 GMT
etag: 0x8D9BEFE1D111A88
x-ms-request-id: f237f594-901e-0118-62e7-f0b326000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 74003
expires: Fri, 18 Nov 2022 22:47:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76bc02316bf40afe-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2829)
Size:   2072
Md5:    b9eadb6d05b9bafe419aa99f68097df2
Sha1:   d850dc819264475c6d1cbe6e8419a1016a659db2
Sha256: a4592788dd762df3672b970f81802bf8325dfca74ed394118867bc4946983f61
                                        
                                            GET /scripttemplates/otSDKStub.js HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 17 Nov 2022 22:47:30 GMT
content-length: 7151
content-encoding: gzip
content-md5: HNx4bdEmRgn5g09KulPi7w==
last-modified: Wed, 16 Nov 2022 03:30:08 GMT
etag: 0x8DAC782DC96F3AF
x-ms-request-id: a6a8bb9a-001e-017b-7619-faf503000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 75492
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76bc02317bfc0afe-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21747)
Size:   7151
Md5:    1cdc786dd1264609f9834f4aba53e2ef
Sha1:   fff15e833ab27c356e7723dce3441e194b6350bf
Sha256: 70768bac474def6b0ed3e517083dd9c2f1ae3f0fe714ea550c406ce89906adc9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 17 Nov 2022 22:47:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cache1/hp/v_251/images/instruments/t3-3.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: XEodyMFkszRQ5oYN+PpkAr+vASOSIH7zSKlsN8lfURUN6ABr+ZqgmNOE5qIwIY96tJYOZrfabLg=
x-amz-request-id: 2YK9ATNWNWNS9PED
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:00:46 GMT
etag: "b7322c639dcf276550e310727cf76893"
x-amz-meta-sha256: 6123cab143cf8d85ef530972afd495cac11d35c417b90d8ec05724db5bd4bd3c
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: WJKqYyPB3Pmwd_GBGVjxlhTSdkRKFxaP
accept-ranges: bytes
server: AmazonS3
content-length: 11012
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:30 GMT
date: Thu, 17 Nov 2022 22:47:30 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 322 x 432, 8-bit colormap, non-interlaced\012- data
Size:   11012
Md5:    b7322c639dcf276550e310727cf76893
Sha1:   136b5f1a82788708f04b74a30fcefdadaff00e43
Sha256: 6123cab143cf8d85ef530972afd495cac11d35c417b90d8ec05724db5bd4bd3c
                                        
                                            GET /cache1/hp/v_251/images/instruments/t1-3.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: QROrT5IF56Csa721o8jMuaOPS7ZCnagTgFUTFVB4b3ma4ingHPumJlGoiqjQ2jXOXRPzYUzUSK0=
x-amz-request-id: 2YKAFMAN6R4H8ZRS
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:00:44 GMT
etag: "f61c9d2ed729320b71af181ff331cb79"
x-amz-meta-sha256: 11cf27e9710e187df6c25c3ed4ce130f8d35d9126dbacd711f68b0d2b7996763
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: jthOX30XbKwmR1pfLXfT3rWQNPkRpf8k
accept-ranges: bytes
server: AmazonS3
content-length: 31786
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:30 GMT
date: Thu, 17 Nov 2022 22:47:30 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 450 x 392, 8-bit colormap, non-interlaced\012- data
Size:   31786
Md5:    f61c9d2ed729320b71af181ff331cb79
Sha1:   182f5c37accdde48b36e7803de6251cc92319b86
Sha256: 11cf27e9710e187df6c25c3ed4ce130f8d35d9126dbacd711f68b0d2b7996763
                                        
                                            GET /cache1/hp/v_251/images/instruments/t3-4.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: LkgMKfO3s4EjOHrBvcE0TM7FDH1RkEHtU3sdqN/lht+axSAI3K/FiHE5GLkMRUQBkiJVXgLr6TI=
x-amz-request-id: 2YK5PBRJPMGA132W
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:00:46 GMT
etag: "43f62ee21492814c91e306a57be05ee7"
x-amz-meta-sha256: 55dc7c105ed71ed3781f433e6dd1943311e87e7d7330f9f11f10f0e502c170aa
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: ugasmCPfC.RaPCzskx2l5vg5R_w_.WeM
accept-ranges: bytes
server: AmazonS3
content-length: 42876
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:30 GMT
date: Thu, 17 Nov 2022 22:47:30 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 660 x 684, 8-bit colormap, non-interlaced\012- data
Size:   42876
Md5:    43f62ee21492814c91e306a57be05ee7
Sha1:   77e0ddcffc72c83f9c6690f521a4594d0eacdf7a
Sha256: 55dc7c105ed71ed3781f433e6dd1943311e87e7d7330f9f11f10f0e502c170aa
                                        
                                            GET /cache1/hp/v_251/images/instruments/t2-1.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: hMu+RaKQe3yqnZbwVdkRx9r+pXk+MVwAQEr20O9RXo8r4b+cd3EwZII3DcdkNZ+OCsf+wrR1WT8=
x-amz-request-id: 2YKDC81WHKSPXXSX
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:00:44 GMT
etag: "5a95a095169c27431449bf549b99993d"
x-amz-meta-sha256: 681caf8f93ff1be67796803a478cd4cb5df61fc228bd7388056599430d44a708
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: jrq6j8C8VCTZGrdVjEchvBequPG_ul7G
accept-ranges: bytes
server: AmazonS3
content-length: 11234
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:30 GMT
date: Thu, 17 Nov 2022 22:47:30 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 744 x 504, 8-bit colormap, non-interlaced\012- data
Size:   11234
Md5:    5a95a095169c27431449bf549b99993d
Sha1:   91a11cffc857dcaa2b38fa901423b227870ac1e4
Sha256: 681caf8f93ff1be67796803a478cd4cb5df61fc228bd7388056599430d44a708
                                        
                                            GET /cache1/hp/v_251/images/instruments/t2-2.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: R2ut6Qv8hamrHIogLlOCe9ghA9JoB95G/cU3i/5CWzlX5mcjSEtsXL9BacX0Q8Ud+uhomxtNUyk=
x-amz-request-id: 2YKEBDX35CNMD7Q7
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:00:45 GMT
etag: "beb13238cf465f668c413a022f5633c8"
x-amz-meta-sha256: 88e45ef77d50a2091ec00708b669d6d306bf4dc8ea78984a2a9bc14318abe6db
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: KxGRrkA9bsTgUQt._P0LFt1nLEkc81PQ
accept-ranges: bytes
server: AmazonS3
content-length: 21388
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:30 GMT
date: Thu, 17 Nov 2022 22:47:30 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 668 x 938, 8-bit colormap, non-interlaced\012- data
Size:   21388
Md5:    beb13238cf465f668c413a022f5633c8
Sha1:   31760dac17b8e58942c79708a4616c3a1df4b233
Sha256: 88e45ef77d50a2091ec00708b669d6d306bf4dc8ea78984a2a9bc14318abe6db
                                        
                                            GET /cache1/hp/v_251/images/instruments/t2-2a.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: GwjkNkVX6XNgDy/EqhZYqwuyAZXoWmIihRIgL8pVQAZ+cdLf2B1mRGgtE40Efk8PvJC/9bDdPjc=
x-amz-request-id: 2YK44W05FGBKPXY9
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:00:45 GMT
etag: "6bedb1b3afc69447f7ea0c00993b53a8"
x-amz-meta-sha256: 55900142e5def76acbb70acdb21d824b8b06f6d90a9a52fee556a5c3d3e1dab4
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: 5AD0vLlUA3qdeBajLOCFJX7KhZ97TVn1
accept-ranges: bytes
server: AmazonS3
content-length: 1473
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:30 GMT
date: Thu, 17 Nov 2022 22:47:30 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 136 x 132, 8-bit colormap, non-interlaced\012- data
Size:   1473
Md5:    6bedb1b3afc69447f7ea0c00993b53a8
Sha1:   1281f1fd5df23a9a19bd8573619007d04f6047ac
Sha256: 55900142e5def76acbb70acdb21d824b8b06f6d90a9a52fee556a5c3d3e1dab4
                                        
                                            GET /cache1/hp/v_251/images/instruments/t3-2.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: Xp6JEjwmHzL3wkcP+paCQ2zOQgffVOetGc182x6PmN5nMEszffZ1BeQT3wqdVJkuYEmAUN5tlu8=
x-amz-request-id: 2YK4DYHHX57V0RMV
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:00:46 GMT
etag: "dad8f4f5e1f7c6afaa7a1d02bbad4aae"
x-amz-meta-sha256: 82d364f0c185402cc8da9b63d834ba5056a6e814d452879c1df6cd9cfbf8d2b5
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: g0y7XfXoDuuy0HKXlcn4alvh_oHyuxQN
accept-ranges: bytes
server: AmazonS3
content-length: 21261
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:30 GMT
date: Thu, 17 Nov 2022 22:47:30 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 436 x 390, 8-bit colormap, non-interlaced\012- data
Size:   21261
Md5:    dad8f4f5e1f7c6afaa7a1d02bbad4aae
Sha1:   7c47738ec815ba441c70d30967035c1a2c3a34ff
Sha256: 82d364f0c185402cc8da9b63d834ba5056a6e814d452879c1df6cd9cfbf8d2b5
                                        
                                            GET /cache1/assets/css/onetrust.css HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: text/css
                                        
x-amz-id-2: 7vqiIPn64ptqVNwIM1fvJGjbv11IUdsOT6JKR8Cyxsr81DT/4uax9s7iGzI7fTeV0SwX20GmqJE=
x-amz-request-id: Z3V5BX28EG5962WS
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Jun 2022 12:30:17 GMT
etag: "66e8b2c112ebb5bb9b4fc326d3d5f87b"
x-amz-meta-sha256: 55c8a3b763077bf16466a3a9af5b7e5b2baba7d345cd90b50403058a633bda48
x-amz-meta-s3b-last-modified: 20220616T122823Z
x-amz-version-id: Qcu9.b5PJ70a2SNFK2gJjtsbcFrk1Lur
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:30 GMT
date: Thu, 17 Nov 2022 22:47:30 GMT
content-length: 2655
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (885)
Size:   2655
Md5:    b3f403de6d79b34f32dba5e4effaabc2
Sha1:   7b436b6060e88daf19f12bd27cbe2533d25a2343
Sha256: 3ec0cde05873dde93c16f4b4f3b7ca7e236ba4e82ab595ee8f13b959f5b2813a
                                        
                                            GET /cache1/hp/v_251/images/instruments/t1bg.jpg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-amz-id-2: KhJceQ7IU70yqIwniW3qgdmlttrjisBNVEUw3JuReWCAzi35WTZaxFMH0gZCYg3pR4DiAEfHemU=
x-amz-request-id: 6ZC4NYMTFPVT44F6
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:00:44 GMT
etag: "2b8c66295f644aad1bbd97bffcf8f910"
x-amz-meta-sha256: 923d9c95a2e280eafb71ef8bae9001ce3bc574272986250090409b8e10b78472
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: frfwFDrMQ.NJBLP5Lhg1Dkqab3LUF7MN
accept-ranges: bytes
server: AmazonS3
content-length: 72188
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:30 GMT
date: Thu, 17 Nov 2022 22:47:30 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1934x1230, components 3\012- data
Size:   72188
Md5:    2b8c66295f644aad1bbd97bffcf8f910
Sha1:   f34b342b50c43263d6c130286958086addefd3d6
Sha256: 923d9c95a2e280eafb71ef8bae9001ce3bc574272986250090409b8e10b78472
                                        
                                            GET /cache1/hp/v_251/images/instruments/t2bg.jpg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-amz-id-2: Psn0VwpesA1R81AfCGfLxY85OzxxvnBO+YWZraJZu+n+0XMys3nQpF3iqWA23Rj1mcUCo8kehrA=
x-amz-request-id: 2YKDJXFWD0D9JFD3
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:00:45 GMT
etag: "19c57357b906758af6469a6b2a2c8846"
x-amz-meta-sha256: 358be7efee5b5551b4c5a7d977226283bfc40d89b01417e354aa1bfc098da8a2
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: D_7Zfxto4dHrllws13BA_N9AssRyFt6H
accept-ranges: bytes
server: AmazonS3
content-length: 66908
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:30 GMT
date: Thu, 17 Nov 2022 22:47:30 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1933x1230, components 3\012- data
Size:   66908
Md5:    19c57357b906758af6469a6b2a2c8846
Sha1:   e360a5922a6d44ca6066ff5dff01ef2440fd7368
Sha256: 358be7efee5b5551b4c5a7d977226283bfc40d89b01417e354aa1bfc098da8a2
                                        
                                            GET /jump/next.php?r=6415938&sub1=chartreuse-ox&sub2=whiskey-seg-4l0ult0cv HTTP/1.1 
Host: adspredictiv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         35.190.38.40
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: openresty
date: Thu, 17 Nov 2022 22:47:29 GMT
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   45725
Md5:    0ba978dd285df2fa5d60a55fbf8e67d8
Sha1:   7302b0e825acd2fbec36adcbe7b6155d25743e4a
Sha256: 64d86bcd5569627fe616b7ea761597bbeb77372b98c90c366a76177cb7879ba0
                                        
                                            GET /cache1/hp/v_251/images/hp-2022/cover-desktop-half.jpg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-amz-id-2: Cn07zuwQ5J8zvN5nUkjh5jmrL50BI+Dx0iNTz250yz7wusLN1XlJ4ahLshc21YC2Zaz20Ej12gA=
x-amz-request-id: 6ZC28GFAAYZE1JEJ
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:00:35 GMT
etag: "b05c8e47e71ba8a0fe73a0da54f010ef"
x-amz-meta-sha256: 2c763340f1c0aa9c8bbd9b138ea1a054282b17e1fd2831efed5bbd74c09438d7
x-amz-meta-s3b-last-modified: 20220920T161111Z
x-amz-version-id: IAgBqCEOaVAgre8wMOkO2KyA3m_c0Zd7
accept-ranges: bytes
server: AmazonS3
content-length: 94463
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:30 GMT
date: Thu, 17 Nov 2022 22:47:30 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x2160, components 3\012- data
Size:   94463
Md5:    b05c8e47e71ba8a0fe73a0da54f010ef
Sha1:   f26455efe60bcf1e74e693574e482b0a952e3de9
Sha256: 2c763340f1c0aa9c8bbd9b138ea1a054282b17e1fd2831efed5bbd74c09438d7
                                        
                                            GET /cache1/hp/v_251/images/instruments/t3bg.jpg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-amz-id-2: botAu4agTxbcXhP4nhQiOHTBRWpfhYfqkprm8qvkG29yITVr9udN4HcOdhmxrnBhN3rxC6CLVpQ=
x-amz-request-id: 2YKDJSAHPFCWFV8W
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:00:47 GMT
etag: "6d94c8cb40dfa33fccc8b4800f2c7e0e"
x-amz-meta-sha256: a0bb83d719f2fdf76bae2c031b6a10875676bf1d0c47dae43c8182b7b8f95eda
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: jEbhgN1B3_GUVHLFa3WG2pKKhG.rwb6h
accept-ranges: bytes
server: AmazonS3
content-length: 59017
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:30 GMT
date: Thu, 17 Nov 2022 22:47:30 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1933x1230, components 3\012- data
Size:   59017
Md5:    6d94c8cb40dfa33fccc8b4800f2c7e0e
Sha1:   745c0d98d4cde90d8717feadfa120e0cc20dab1f
Sha256: a0bb83d719f2fdf76bae2c031b6a10875676bf1d0c47dae43c8182b7b8f95eda
                                        
                                            GET /cache1/hp/v_251/images/instruments/t1-2.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: rvPmF+agKi4hdU26suM2GppVDMYciaGjjIBua3iH3JbiL8uXDMVgMZbckXcXkctizXXcmNy5pFM=
x-amz-request-id: 6ZC108NB4HCV794X
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:00:44 GMT
etag: "a0edff04cdbe03fe84f35b2368beedd9"
x-amz-meta-sha256: 51a46214b92336ada7340f10305a167388d3421a6cd322090db15d5703dfa7d7
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: UNjk1Z_s1eAFS_FFYKC8KW9QEOLe3Xgu
accept-ranges: bytes
server: AmazonS3
content-length: 115422
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:30 GMT
date: Thu, 17 Nov 2022 22:47:30 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 588 x 638, 8-bit colormap, non-interlaced\012- data
Size:   115422
Md5:    a0edff04cdbe03fe84f35b2368beedd9
Sha1:   6231c9d9265502517533892d8a0f42d5790c0310
Sha256: 51a46214b92336ada7340f10305a167388d3421a6cd322090db15d5703dfa7d7
                                        
                                            GET /consent/f72d065d-437e-4ee9-87c6-475882c9f118/f72d065d-437e-4ee9-87c6-475882c9f118.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Thu, 17 Nov 2022 22:47:30 GMT
content-length: 1490
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: ZDmDXaPoXLaResBrLasrNw==
last-modified: Tue, 14 Dec 2021 12:34:46 GMT
etag: 0x8D9BEFE1D14004E
x-ms-request-id: 16122373-c01e-0026-35e7-f04352000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 73153
expires: Fri, 18 Nov 2022 22:47:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76bc02323cbc0afe-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (4265), with no line terminators
Size:   1490
Md5:    6439835da3e85cb6917ac06b2dab2b37
Sha1:   b65ad002a7c48559e9124256295c1c688e8f3084
Sha256: bd2d9654f22da1c44528cfd8a925b24a3b015d80bee375849d1e8800a8970c21
                                        
                                            GET /others/logger/logger.js HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: rFRtyRRvy8awZWbEw8KKBuYcsMr0FOn3VrHsw7WXTDWRDWcW8NmTXAtMX967njSth5isxYRudTE=
x-amz-request-id: 114803B553D57FD9
x-amz-replication-status: COMPLETED
last-modified: Wed, 15 Jan 2020 16:04:01 GMT
etag: "3a046ce8f3379b2e5a5fa5ee3ed02808"
x-amz-meta-s3b-last-modified: 20200115T160219Z
x-amz-version-id: RlsNx2j0zjqTyHD11R2PocORgBI_87x2
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Thu, 17 Nov 2022 22:52:30 GMT
date: Thu, 17 Nov 2022 22:47:30 GMT
content-length: 2285
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5055), with no line terminators
Size:   2285
Md5:    f620bec033fe844135374191b331937d
Sha1:   ef75dd9e7bddaaa53d9171c7b6869f5d72553f51
Sha256: c61b3f992c23497120340e96694c29b94ca8b2576820677e0432031b636eee87
                                        
                                            POST /g/collect?v=2&tid=G-E9QBCJNBNS&gtm=2oeb90&_p=834431200&cid=175865481.1668725249&ul=en-us&sr=1280x1024&_s=1&sid=1668725248&sct=1&seg=0&dl=https%3A%2F%2Fgoosebomb.com%2Fgogate%2Fetoro%2F30%2Findex.html%3Faction%3D166872524910000TNOTV415326358024V41&dt=loading...&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: null
date: Thu, 17 Nov 2022 22:47:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4236
Cache-Control: max-age=167753
Date: Thu, 17 Nov 2022 22:47:30 GMT
Etag: "637695bf-118"
Expires: Sat, 19 Nov 2022 21:23:23 GMT
Last-Modified: Thu, 17 Nov 2022 20:12:47 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /t/1.css?apiType=css&projectid=1be8a670-63f2-11ec-84cb-06c8b378e9d2 HTTP/1.1 
Host: cdn.fonts.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.224.78
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 17 Nov 2022 22:47:31 GMT
content-length: 0
x-amz-id-2: 0YZ0H80/30MgBTG2ijPKvwK2o4c7bg1oKeBH6NC/Vct0AWcwyu8ktTQ8I/j+udXxbuBe4+WEVrY=
x-amz-request-id: K2GEEGSX18GPYAHC
last-modified: Thu, 20 Oct 2022 08:49:27 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=300
cf-cache-status: HIT
age: 50205
expires: Thu, 17 Nov 2022 22:52:31 GMT
accept-ranges: bytes
set-cookie: __cf_bm=ql.nyZhKblGeY9ri2VS_WHp41hK.khgQymvUUrSdxiY-1668725251-0-AfO3ZcDC/jCG3VAxB0Iymm4Nc59e+Ax4/fbBnW4rXmO75Bo7BjXGW9kYIP8UUV+QQkBS1cYn6rYSEn0Qg6+7jTU=; path=/; expires=Thu, 17-Nov-22 23:17:31 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 76bc0232b865b506-OSL
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1400
Cache-Control: 'max-age=158059'
Date: Thu, 17 Nov 2022 22:47:31 GMT
Last-Modified: Thu, 17 Nov 2022 22:24:11 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /cache1/fonts/madera2/Madera-Regular.woff2 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/font-woff2
                                        
x-amz-id-2: giTQxaaku6b/my15IZ7MGbnS0j3R+Drz9aYHcOnTWdLimAm+vlONGNcGBk1VXAhvbuCj0dmjAZs=
x-amz-request-id: RB02W0BVGXZQ1Q0C
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Feb 2022 18:32:32 GMT
etag: "4a61fe67108ddbb01a2ceaf3687ba30e"
x-amz-meta-sha256: 2be6e9d5643e9857ffdb9f65021173c77f920dac2e106ee31b2f38608d5ac661
x-amz-meta-s3b-last-modified: 20220203T192734Z
x-amz-version-id: rdjZTCyTVtTzW48kSfmVzYhmpJIbNpae
accept-ranges: bytes
server: AmazonS3
content-length: 31960
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:31 GMT
date: Thu, 17 Nov 2022 22:47:31 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 31960, version 1.0\012- data
Size:   31960
Md5:    4a61fe67108ddbb01a2ceaf3687ba30e
Sha1:   3a60eb0e91c3f79e58c93ac63f040f07c5c4e058
Sha256: 2be6e9d5643e9857ffdb9f65021173c77f920dac2e106ee31b2f38608d5ac661
                                        
                                            GET /cache1/hp/v_251/images/header/close-grey.svg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/svg+xml
                                        
x-amz-id-2: S3rY1NcYcfKDly0ABfJlpfNMUULui2I3hw+ieGXiFUWBTduudpLg32kKb0DqgWmvjzySlQvSl2A=
x-amz-request-id: 2YK4W15MG76E23GS
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:00:30 GMT
etag: "349bd042837d71f4ff6c0a747445ea2d"
x-amz-meta-sha256: b4269bdcc584dcb3129fedf16cfcafdc6efe3590eb119a35936d3686755aca00
x-amz-meta-s3b-last-modified: 20221113T175717Z
x-amz-version-id: RuhX3EnY.IReQO9w7bO_.diRhjEMwYTo
accept-ranges: bytes
server: AmazonS3
content-length: 658
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:31 GMT
date: Thu, 17 Nov 2022 22:47:31 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   658
Md5:    349bd042837d71f4ff6c0a747445ea2d
Sha1:   b687595dfa281d5d5ab769e2dc2620f324254b77
Sha256: b4269bdcc584dcb3129fedf16cfcafdc6efe3590eb119a35936d3686755aca00
                                        
                                            GET /cache1/hp/v_251/images/flags-hd2022.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: ECHA4xYTq7DaDAA/eyc0DDJs4hJ9s/q7XZSNxUBs4iGfjzfkyNaiYGNJvrOy3Q9BDic3Ng+cxwM=
x-amz-request-id: 2YK7QTDS9BR0D91B
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:00:28 GMT
etag: "69d14115558936d84e16ec7efd2f4f45"
x-amz-meta-sha256: 68de9a9df604b303ce3c1c4fd7f977ecd4eeea196253f88d01d605a262c72a26
x-amz-meta-s3b-last-modified: 20220920T150800Z
x-amz-version-id: 9vizyBZLY_7vmO2dUMYwjK63AIZewb5K
accept-ranges: bytes
server: AmazonS3
content-length: 16703
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:31 GMT
date: Thu, 17 Nov 2022 22:47:31 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 830 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size:   16703
Md5:    69d14115558936d84e16ec7efd2f4f45
Sha1:   a6268986699c86e577ca5589a0fcf2880661f7ea
Sha256: 68de9a9df604b303ce3c1c4fd7f977ecd4eeea196253f88d01d605a262c72a26
                                        
                                            GET /cache1/fonts/tusker/TuskerGrotesk-3500Medium.woff2 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/font-woff2
                                        
x-amz-id-2: TnE1OvfRhb4wemqIMdAklRBV9anTek/CjSVpczlM56PMWdd3Awm6/s25i8C/yNMd3Kztf88tMvY=
x-amz-request-id: 0RKDVHM0FMVA32ZS
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Sun, 06 Feb 2022 22:24:49 GMT
etag: "1f385d1ea2e1c06cda506bafc17a4a94"
x-amz-meta-sha256: e71acf0321143c30f016a710cfb525b48b2ba940ac7d83660614082eb06880ca
x-amz-meta-s3b-last-modified: 20220206T231742Z
x-amz-version-id: U.WW5Nm_KS0r7k_Vxl0S9.MycmUEi2Pu
accept-ranges: bytes
server: AmazonS3
content-length: 11992
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:31 GMT
date: Thu, 17 Nov 2022 22:47:31 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 11992, version 1.0\012- data
Size:   11992
Md5:    1f385d1ea2e1c06cda506bafc17a4a94
Sha1:   0dc0ebf0502018976383091908379054b5a3cfed
Sha256: e71acf0321143c30f016a710cfb525b48b2ba940ac7d83660614082eb06880ca
                                        
                                            GET /cookieconsentpub/v1/geo/location HTTP/1.1 
Host: geolocation.onetrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.18.26.85
HTTP/2 200 OK
content-type: application/json
                                        
date: Thu, 17 Nov 2022 22:47:31 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76bc0232ee99b51e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   12116
Md5:    eb282b1a3d99ef4fac1f5a1b554f7e0b
Sha1:   1fc5fe6d81f12a5ed525cc70ab3fab2c4bed3f67
Sha256: 0a24019fe8f1504e6370cf3d9e85932d977b77c2db5bcf99a4c12a8f39dae8b6
                                        
                                            GET /cache1/fonts/madera2/Madera-Light.woff2 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/font-woff2
                                        
x-amz-id-2: TVzcGMyrSRRAiX3OtO+JaeCIIWTuUd+EwTnEzNsZ7AgFflv7+H3xjLd4Nk7ctVtZpx+Ie+enpiQ=
x-amz-request-id: EXZTJQVA4Y4CV0JC
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Feb 2022 18:32:26 GMT
etag: "e20f6e1c0681c07f69d37c428c0684d3"
x-amz-meta-sha256: c2dfcbd62bd88bad9f09d80b0d1b2de5bf8276e6586a5431839c7ce9393fd4f7
x-amz-meta-s3b-last-modified: 20220203T192738Z
x-amz-version-id: TUjDnqX6S_vwWlvloC3aK3KdDGBYmBw_
accept-ranges: bytes
server: AmazonS3
content-length: 31636
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:31 GMT
date: Thu, 17 Nov 2022 22:47:31 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 31636, version 1.0\012- data
Size:   31636
Md5:    e20f6e1c0681c07f69d37c428c0684d3
Sha1:   4aa36ecd12f2e7d3592807a0a3879914252faeb5
Sha256: c2dfcbd62bd88bad9f09d80b0d1b2de5bf8276e6586a5431839c7ce9393fd4f7
                                        
                                            GET /cache1/fonts/madera2/Madera-Medium.woff2 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/font-woff2
                                        
x-amz-id-2: d6poWwwwj9abPq/ES4oNvQTY1I4y2hMv1EdVnTf07kpNv7a2N1tn1ySx9pMV8KWPcG6wwi1unZI=
x-amz-request-id: K8KWP566ERFJBVE1
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Feb 2022 18:32:29 GMT
etag: "9d7f82d9510b57b2d00f328d87ef3869"
x-amz-meta-sha256: c464ce47b2b31c08077e73656eb309e07cecd335cbc93c87efe552e281de0815
x-amz-meta-s3b-last-modified: 20220203T192736Z
x-amz-version-id: VMc3owpvYk5nHUjZ.xX4Wq.u2RPawBMa
accept-ranges: bytes
server: AmazonS3
content-length: 31844
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:31 GMT
date: Thu, 17 Nov 2022 22:47:31 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 31844, version 1.0\012- data
Size:   31844
Md5:    9d7f82d9510b57b2d00f328d87ef3869
Sha1:   2a031c8ae51e62d8dc30fa0bb47f57a3695224c1
Sha256: c464ce47b2b31c08077e73656eb309e07cecd335cbc93c87efe552e281de0815
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1175
Cache-Control: max-age=151375
Date: Thu, 17 Nov 2022 22:47:31 GMT
Etag: "637661bb-2d7"
Expires: Sat, 19 Nov 2022 16:50:26 GMT
Last-Modified: Thu, 17 Nov 2022 16:30:51 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 727

                                        
                                            GET /cache1/fonts/madera2/Madera-Bold.woff2 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/font-woff2
                                        
x-amz-id-2: WQ8beP0j6j+XiswbzEpXZzamytHc5Av0QHRr7qawf362iuN3koZ3ealTS4jkLvOGZ6OcInkYl0Y=
x-amz-request-id: RB02FFVVAVWJVG5D
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Feb 2022 18:32:24 GMT
etag: "db85a0ddc6f6973df4bc98a1b2ed9d65"
x-amz-meta-sha256: 26902b4d0a3ba49a4a9b3aa0c8f9c185270ee162252f78cec00c831c9f5b05f8
x-amz-meta-s3b-last-modified: 20220203T192740Z
x-amz-version-id: zGguxQ5kSDF0NdIOnvToUoLZcOnV9szR
accept-ranges: bytes
server: AmazonS3
content-length: 31920
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:31 GMT
date: Thu, 17 Nov 2022 22:47:31 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 31920, version 1.0\012- data
Size:   31920
Md5:    db85a0ddc6f6973df4bc98a1b2ed9d65
Sha1:   c6bba41edc8501b76aed9bff58597edef1c2502f
Sha256: 26902b4d0a3ba49a4a9b3aa0c8f9c185270ee162252f78cec00c831c9f5b05f8
                                        
                                            GET /cache1/hp/v_251/js/waypoints.min.js HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: 4jyoriNuOQDluhVmeKbAdwI7b1knyfI40Zc6DIVLhVc2DObXGGKkk4xXasMfKp7N3wShJB0CjrI=
x-amz-request-id: SK3F98EM1CPRMZRA
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:01:16 GMT
etag: "1b79decba8cf0c886b7be539cfdbaa16"
x-amz-meta-sha256: 291c0fb451ed0410d515b7c4f0eeb429cae40f52a560a67aed3de8d7210e75a3
x-amz-meta-s3b-last-modified: 20200803T094544Z
x-amz-version-id: gMkoheIrh.j.zL8_U5CPh02ZuY2VtYGx
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:31 GMT
date: Thu, 17 Nov 2022 22:47:31 GMT
content-length: 2635
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8887), with no line terminators
Size:   2635
Md5:    1d2137aea2d4a9fca68a7b135e2cb9f3
Sha1:   e97ca29d385352fc286f1711bbdc45584161a316
Sha256: ea701f82ca58f8a09ebd7d00a58deb97c1c2a09ecdd3a5486e91dab13f98113e
                                        
                                            GET /cache1/hp/v_251/js/slick.min.js HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: 0N03trrDHydqpQf5BwXcasnLyb6OZrTPIUgi4sbA1qv0fhHe0Rekn71pp+fVw2w/KGheWhsFAh0=
x-amz-request-id: SK38GK6Q9A8ANX7E
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:01:15 GMT
etag: "823f2a98db35550b1d2a78f530b1c633"
x-amz-meta-sha256: 0cf4b4cdcf20a06c8cfb25a84b84e0c7e81f51cd78de9b6231a1b54ed0e0935b
x-amz-meta-s3b-last-modified: 20200803T094544Z
x-amz-version-id: _uLeGHTadqNo6x3uMpwMlci.fzdUG0sr
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:31 GMT
date: Thu, 17 Nov 2022 22:47:31 GMT
content-length: 9568
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32034), with CRLF line terminators
Size:   9568
Md5:    17232e2fe3e81d95e6f1cb7c4d5b9e57
Sha1:   510e1569ab0187ef5712a7630d673536e8c519ac
Sha256: 4bd093df7a16ca8f4d58c12a14859fdc0ef3f8ffb58c9b82126031787f2f5132
                                        
                                            GET /cache1/hp/v_251/js/jquery-3.5.1.min.js HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: I1OwF7TCl6uJJX4PxLDEgsPpyDxD8+9AxQHjRw8bmqkTilDOPjzTvVSo3ELQYeVWPUEG7VxEwhs=
x-amz-request-id: SK30ZSEXQFQ57QAC
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:01:13 GMT
etag: "dc5e7f18c8d36ac1d3d4753a87c98d0a"
x-amz-meta-sha256: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
x-amz-meta-s3b-last-modified: 20210919T132249Z
x-amz-version-id: VPuS8T0KcknbdFULoS_fgFdaFk3vHm2H
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:31 GMT
date: Thu, 17 Nov 2022 22:47:31 GMT
content-length: 30950
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30950
Md5:    e96fc85ce0a9070920b87b1072dd9e1d
Sha1:   afd9871c95caf6a26ae56e8c661789d00c510162
Sha256: 43e3ac1190912814c4b67ca3512c14745d1b41ce4740d3df73ead62561ca31dd
                                        
                                            GET /cache1/hp/v_251/images/favicon/apple-touch-icon.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: 1LIK5gOOvG9n+F+EmXPkI/nHeLUUa4xwC3R20b3TyFWhvyhu5P6MksrOwVM7lEuDAdDpaQH7HQE=
x-amz-request-id: R7GEFYA8218R9CFF
x-amz-replication-status: COMPLETED
last-modified: Tue, 15 Nov 2022 08:20:19 GMT
etag: "f89c4f2f3fb702a34b20d6c4f9610547"
x-amz-meta-sha256: c015dcd22c5fc66ef26e0ec9a850c8a73f86801c5683aee6b4e412cb512d8394
x-amz-meta-s3b-last-modified: 20221114T161528Z
x-amz-version-id: djO778uFRUtYp0ME6wtwadxH9PMw8852
accept-ranges: bytes
server: AmazonS3
content-length: 4395
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:31 GMT
date: Thu, 17 Nov 2022 22:47:31 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   17782
Md5:    4f00b93b2ac05c5421bc9f923476b83d
Sha1:   0fcb2fe976c059f88c890209b347abb9519a9e8a
Sha256: e323fc76ab2556dbfefe6d4ab3ab4fa2ca0a2027c78de6dc93b4bbdb8fddd798
                                        
                                            GET /cache1/hp/v_251/images/favicon/favicon-16x16.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: PaOV482KFfQSI7lg7FM5ki74Qy9CkRPnHCw4lUJxgWHn/OdGskfK8kITJstQ6GcYgcIEs14Tr08=
x-amz-request-id: KZ9YTPWEVT219QTM
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:00:27 GMT
etag: "6f73b13c53883dda26ced7b25bdf69ef"
x-amz-meta-sha256: 4470f15d8d0268f1cf44bfc45a544baa38a6aa114dab9ad02b76b48034d156b9
x-amz-meta-s3b-last-modified: 20221113T175717Z
x-amz-version-id: VMSHnDqqTbusaUTJlj0ya06esWr6szbM
accept-ranges: bytes
server: AmazonS3
content-length: 1020
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:31 GMT
date: Thu, 17 Nov 2022 22:47:31 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   49963
Md5:    b837cbfb4dca9d3c969323d794043c09
Sha1:   ae5d52286d31d58cb34354eb19ea08be15cbf35b
Sha256: ce1d9a060ed22b71bfdfba436f30c30bf445d982a1590b7ee6e0e1cdd4f383fc
                                        
                                            GET /apps/app/dist/js/app.js HTTP/1.1 
Host: acsbapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         138.128.247.123
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: max-age=432000 public
expires: Fri, 18 Nov 2022 22:47:31 GMT
last-modified: Tue, 01 Nov 2022 18:06:07 GMT
etag: "6aab4-6361600f-af3ebb833015feec;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 142347
date: Thu, 17 Nov 2022 22:47:31 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (61000), with no line terminators
Size:   142347
Md5:    09e8b17fe8fb4fd2f6bd3e814adeb976
Sha1:   05f09e2001c9bfc7bd0ada6831b4edaeb1fc2f08
Sha256: fd0952431ab51c8c8a234b8df7917f7b0bba2a67c06e9fa27697ce7b476fb571
                                        
                                            GET /cache1/hp/v_251/css/style-newhp.min.css?v=1668377940 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: text/css
                                        
x-amz-id-2: 8ZzPDTokviim5kRNM8xjyUHs6lkIA5WfLtu3r4BUUQvaUCwhe+s0zs6XH54EiLUpA1IeRKAdxqM=
x-amz-request-id: SDRCD2TD8VK4P920
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 14:59:43 GMT
etag: "e8d678f657ee29f94e89efef54641ae2"
x-amz-meta-sha256: 4b10fc5a5312440d7071fb98fa7b2ffba1e6ec547a14569fcc99f8d66f8198d3
x-amz-meta-s3b-last-modified: 20221113T220201Z
x-amz-version-id: .0a_71aUcIbW3l8h.gdGf2bpVymaDHZN
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:31 GMT
date: Thu, 17 Nov 2022 22:47:31 GMT
content-length: 8225
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (58123)
Size:   8225
Md5:    c0615779640b68ebe19798fa6b47c73c
Sha1:   553486b8b4a7e7700bed881de95de7ffd2014efd
Sha256: 675dfe45bbda6e78ded072f97b82155a0ad754724358b27b21669dd71b44cb2d
                                        
                                            GET /modules.55241fd65a1af5a1837b.js HTTP/1.1 
Host: script.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         18.165.227.27
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 68617
date: Thu, 17 Nov 2022 11:06:07 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "5f82b1a8e62b6a241154cb066c4d1ad8"
last-modified: Thu, 17 Nov 2022 11:05:52 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 57b0dc7306dda022079bc29562d534f2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P5
x-amz-cf-id: G5v0IJndP-QnQwC3Tl9c87jyPTH26HUHRn0k4wnt0l9FMw0Tj9_0vQ==
age: 42084
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   68623
Md5:    39de187da647ae88fb08950ed4589fc8
Sha1:   1b9fa3d6473d82eebb61646dd73b9f1bd32fabfd
Sha256: 2d92c2af512a7a5b13e6bf646c5327d8cd52536d830344acb1dbe89782a29c29
                                        
                                            GET /cache1/hp/v_251/videos/cover-desktop-half.mp4 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=2588672-
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
x-amz-id-2: vBH3jo+erAeJiZFMd1nETDoTw0Edf331OidK23kSmSWmgRziZi1haHR2PWWxwqg8BRVOd9UDWMw=
x-amz-request-id: SDRC2J7D94HH8KFH
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:01:19 GMT
etag: "53205974fecdfed20a25d53ffbfd6bef"
x-amz-meta-sha256: 086a1f99f93c021b8bd1aa13042c342054e3da9302fc41c00c55b31f7c7058ae
x-amz-meta-s3b-last-modified: 20220920T155830Z
x-amz-version-id: RohbqVWM_oLxAjowCY3K2nqiEZRtSQFx
accept-ranges: bytes
server: AmazonS3
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:31 GMT
date: Thu, 17 Nov 2022 22:47:31 GMT
content-range: bytes 2588672-2625182/2625183
content-length: 36511
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   39115
Md5:    c8d3568eb158839d20108cd7ab0fb2b0
Sha1:   3ff6011fab0565226fc48fecd7e4ffb7d625a71c
Sha256: 2bb23aabdd05c24f18be856d3ea5f681b411c49ef81d7ecfda3d775ee2e42221
                                        
                                            GET /cache1/hp/v_251/videos/cover-desktop-half.mp4 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
x-amz-id-2: vBH3jo+erAeJiZFMd1nETDoTw0Edf331OidK23kSmSWmgRziZi1haHR2PWWxwqg8BRVOd9UDWMw=
x-amz-request-id: SDRC2J7D94HH8KFH
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:01:19 GMT
etag: "53205974fecdfed20a25d53ffbfd6bef"
x-amz-meta-sha256: 086a1f99f93c021b8bd1aa13042c342054e3da9302fc41c00c55b31f7c7058ae
x-amz-meta-s3b-last-modified: 20220920T155830Z
x-amz-version-id: RohbqVWM_oLxAjowCY3K2nqiEZRtSQFx
accept-ranges: bytes
server: AmazonS3
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:31 GMT
date: Thu, 17 Nov 2022 22:47:31 GMT
content-range: bytes 0-2625182/2625183
content-length: 2625183
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   2935398
Md5:    dac9307a834cf7e7a53ce666185025d0
Sha1:   ccb3305d6fd873df7502a9a883f35854e9ff45d2
Sha256: 1e30de0dd202cdbe1c9784362bf5bf30493f2e9f3f5453c455c5d9b561a7e04e
                                        
                                            GET /cache1/hp/v_251/images/hp-2022/social-icon.svg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marketing.etorostatic.com/cache1/hp/v_251/css/style-newhp.min.css?v=1668377940
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/svg+xml
                                        
x-amz-id-2: U2YJvYYmfjRWAnjkpSa2gibpMBuoXlY3bEC/xNQYz1BZRE5bO8T0rePjUaHDiN7B+Tigthxh8jE=
x-amz-request-id: SDREZ6813RYTR77N
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:00:40 GMT
etag: "750fadde7ed0d8a59cb37992f69df5b7"
x-amz-meta-sha256: aea9129059463c32ea4bba24765fcebc7f607697a6e6ddfe45396a5d8c79ff27
x-amz-meta-s3b-last-modified: 20220312T200400Z
x-amz-version-id: UvvD6pK_YXCErxSNHtsKxJTQ2ENyriuv
accept-ranges: bytes
server: AmazonS3
content-length: 5136
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:32 GMT
date: Thu, 17 Nov 2022 22:47:32 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2125)
Size:   5136
Md5:    750fadde7ed0d8a59cb37992f69df5b7
Sha1:   c59d2044108d649ce3c10e1ae1084f20eaa7b6b4
Sha256: aea9129059463c32ea4bba24765fcebc7f607697a6e6ddfe45396a5d8c79ff27
                                        
                                            GET /cache1/hp/v_251/images/hp-2022/reliability-icon.svg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marketing.etorostatic.com/cache1/hp/v_251/css/style-newhp.min.css?v=1668377940
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/svg+xml
                                        
x-amz-id-2: Ww2q2WsRGOqRLmFYtj0DCnxQJf+XjFeaL/x/44GVJS+HnVR77o7heK367Ucg7DjEorFU7bGWxiE=
x-amz-request-id: SDRBNGK2P8F9ZDG2
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:00:40 GMT
etag: "0a6e20a299b321b57e48a9c83871cc0c"
x-amz-meta-sha256: f63e3109498dbf1f9ff656b0b151cf3a9ae0c22cb74369a32f1cd726dde79a19
x-amz-meta-s3b-last-modified: 20220312T200400Z
x-amz-version-id: O3Bx6huNLuja5SMYX1F8OmXJ91mpt5r5
accept-ranges: bytes
server: AmazonS3
content-length: 2891
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:32 GMT
date: Thu, 17 Nov 2022 22:47:32 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   7694
Md5:    f07033a1b3ed121fdcf923333e868622
Sha1:   51e67768a8bad7e90888b59f52f1e38fbb4226f0
Sha256: 83dea15b612931f6eafeb2b94e671557ffa3cbd3d246e2dae63a21793edd7c27
                                        
                                            GET /cache1/hp/v_251/images/hp-2022/reputation-icon.svg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marketing.etorostatic.com/cache1/hp/v_251/css/style-newhp.min.css?v=1668377940
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/svg+xml
                                        
x-amz-id-2: KKJEsoY61ZqiohyWLYIgzka2ckbaHCvhxSa1oPXvoW4eRvObiongSge/4nV0pZ5dqvxdvmoluno=
x-amz-request-id: SDR874QSW89S0SPG
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:00:40 GMT
etag: "7dc0a2667b5de60ff9a96c6ebcca9a7b"
x-amz-meta-sha256: fcd6bf6244f1c8d6344c40b4222142f6fe020a3c8539c97c0db2b3bb18c7e92f
x-amz-meta-s3b-last-modified: 20220312T200400Z
x-amz-version-id: e.z8pwD4b5XogKGwrwZLOkb8PE6gqTLi
accept-ranges: bytes
server: AmazonS3
content-length: 3894
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:32 GMT
date: Thu, 17 Nov 2022 22:47:32 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (774)
Size:   3894
Md5:    7dc0a2667b5de60ff9a96c6ebcca9a7b
Sha1:   cf77125f3a15d8e1ef12bd5ffaabfb020b439c4b
Sha256: fcd6bf6244f1c8d6344c40b4222142f6fe020a3c8539c97c0db2b3bb18c7e92f
                                        
                                            GET /cache1/hp/v_251/images/hp-2022/globe-icon.svg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marketing.etorostatic.com/cache1/hp/v_251/css/style-newhp.min.css?v=1668377940
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/svg+xml
                                        
x-amz-id-2: xznfG9Yk5frcJNMgv80Bcue9zrRUPFL7HrZJ/kY0nhAbIHm9dxAoSAllSAfW+/0ySQtZWF9JEZ8=
x-amz-request-id: SDR5D2SSRGXGG7JH
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 15:00:36 GMT
etag: "d8016306372e33ba7354032b4de316ac"
x-amz-meta-sha256: 3c0a8e3833fe2d4d7d1223b97cd931988d4069eb89071d4d55b3a1434a02d571
x-amz-meta-s3b-last-modified: 20220312T200400Z
x-amz-version-id: 9fqiF5HDVyZixrJsoA8dh7T5UeDgkTE5
accept-ranges: bytes
server: AmazonS3
content-length: 3405
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:32 GMT
date: Thu, 17 Nov 2022 22:47:32 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (575)
Size:   3405
Md5:    d8016306372e33ba7354032b4de316ac
Sha1:   7caeb070e9f95ab00ca267ad95c37530d3be361e
Sha256: 3c0a8e3833fe2d4d7d1223b97cd931988d4069eb89071d4d55b3a1434a02d571
                                        
                                            GET /cache1/fonts/socials/socials.ttf?qtqow1 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/x-font-ttf
                                        
x-amz-id-2: VqG8Xoz+PNUpc5ek0EHqjuCErGzCqKx3w2Mb/U3IRKb02qkQEhEC1dsBPpa357J3lamLhU00/dI=
x-amz-request-id: ABP0NYTQMK8XRN5V
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Jan 2022 19:09:35 GMT
etag: "379e2da7fbcf7192af131dab8664fa44"
x-amz-meta-sha256: 8c31b82294313eacadc653a0eeac4cc2c911b75c8f3792453823e72c3c73b3f2
x-amz-meta-s3b-last-modified: 20220111T153358Z
x-amz-version-id: 64DCSoh81dgHS5BU7pf3T55ups5kO3ge
accept-ranges: bytes
server: AmazonS3
content-length: 2232
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:32 GMT
date: Thu, 17 Nov 2022 22:47:32 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, socials \012- data
Size:   2232
Md5:    379e2da7fbcf7192af131dab8664fa44
Sha1:   191a7c64f76a91ab3ac7418ef12e16155ffe916b
Sha256: 8c31b82294313eacadc653a0eeac4cc2c911b75c8f3792453823e72c3c73b3f2
                                        
                                            GET /cache1/fonts/socials/socials.woff?qtqow1 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/octet-stream
                                        
x-amz-id-2: SbuN5uTeAbiLvwg0l6RWT5GcWDZBpW5c/cufnxT2YwGTrQ28ARdF3bRVi+0p5zOx3aqQYMQ0XQ8=
x-amz-request-id: P9HV07KX2C62PBM9
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Jan 2022 19:09:35 GMT
etag: "b63c50623057857a66071527d3d19e34"
x-amz-meta-sha256: 1e0140569fe23bdc3e016d72430447b3ce26f9edc0ab13d468c0b0588f9cffcc
x-amz-meta-s3b-last-modified: 20220111T153358Z
x-amz-version-id: k7ckggrGpXnM_OQiM5sA8.VZMQT0daDq
accept-ranges: bytes
server: AmazonS3
content-length: 2308
cache-control: max-age=31536000
expires: Fri, 17 Nov 2023 22:47:32 GMT
date: Thu, 17 Nov 2022 22:47:32 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 2308, version 1.0\012- data
Size:   2308
Md5:    b63c50623057857a66071527d3d19e34
Sha1:   60a97e3734cf76a48f1605076590257bfd370f5e
Sha256: 1e0140569fe23bdc3e016d72430447b3ce26f9edc0ab13d468c0b0588f9cffcc
                                        
                                            POST /api/v2/monitoring?applicationIdentifier=marketingSites HTTP/1.1 
Host: etorologsapi.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 572
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         20.54.209.212
HTTP/2 200 OK
                                        
date: Thu, 17 Nov 2022 22:47:32 GMT
content-length: 0
server: Kestrel
access-control-allow-origin: https://www.etoro.com
cache-control: private, max-age=0, must-revalidate=true, noCache=true, noStore=true
vary: Origin, Origin
request-context: appId=cid-v1:fd70748c-8efd-4b7f-a0f0-36ea0c443ced
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/monitoring?applicationIdentifier=marketingSites HTTP/1.1 
Host: etorologsapi.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 663
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         20.54.209.212
HTTP/2 200 OK
                                        
date: Thu, 17 Nov 2022 22:47:32 GMT
content-length: 0
server: Kestrel
access-control-allow-origin: https://www.etoro.com
cache-control: private, max-age=0, must-revalidate=true, noCache=true, noStore=true
vary: Origin, Origin
request-context: appId=cid-v1:fd70748c-8efd-4b7f-a0f0-36ea0c443ced
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5996
Cache-Control: max-age=135351
Date: Thu, 17 Nov 2022 22:47:32 GMT
Etag: "6376104f-117"
Expires: Sat, 19 Nov 2022 12:23:23 GMT
Last-Modified: Thu, 17 Nov 2022 10:43:27 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /box-c6ca1c87e308a39aabb76b56ba54398b.html HTTP/1.1 
Host: vars.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         143.204.68.26
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1035
date: Fri, 04 Nov 2022 12:22:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "b6d25d1350d6a014d80689f389e76f97"
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3e01624605be2cc1fb592922856a08c6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
x-amz-cf-id: ZsLV_uYWemg3oR8M_Ya1i_acm8bjDB8Az7-OrVcVPToo6Pg_-15Ofg==
age: 1160726
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size:   1035
Md5:    b6d25d1350d6a014d80689f389e76f97
Sha1:   a957e3d99790759f71a4d9e2fdaf819f60e8c569
Sha256: fb2a1528b99d3eb4c9374642b5045efaf6e06666fdd48a55560a375449b01079
                                        
                                            GET /scripttemplates/6.27.0/otBannerSdk.js HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 17 Nov 2022 22:47:32 GMT
content-length: 78056
content-encoding: gzip
content-md5: 8eaHtBigP1U3b42ruIgxsQ==
last-modified: Mon, 29 Nov 2021 20:31:00 GMT
etag: 0x8D9B37727F240FD
x-ms-request-id: 7f82bfc5-f01e-0048-0667-33ea7b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 75459
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76bc023b4ab00afe-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   102254
Md5:    8d62107df8b889e5d80477dde96df402
Sha1:   fbabda80aef176d60da69798e11721469445568d
Sha256: ca60b2da5ca399b87cccae29b08653d4fde101e81f0501570d059b2840b0377b
                                        
                                            GET /cache/app/etoro.com/config.json HTTP/1.1 
Host: cdn.acsbapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         147.185.239.229
HTTP/2 200 OK
content-type: application/json
                                        
cache-control: max-age=432000 public
expires: Fri, 18 Nov 2022 22:47:32 GMT
last-modified: Thu, 17 Nov 2022 22:45:12 GMT
etag: "9e-6376b978-c8898edffa48978c;;;"
accept-ranges: bytes
content-length: 158
date: Thu, 17 Nov 2022 22:47:32 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   158
Md5:    8292b5e9709a3a90150d5e82ad9d9fe2
Sha1:   33ea76c0ac97305f07eb4debca67faec6ea721f6
Sha256: 624106ed90093bbac7652d612c016191a01858cf8108b650bb4b00c99d81e76c
                                        
                                            GET /552.2d6a2503-1220.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: PnZFPtaQ6Oa8SvsR598yLCynwQMleyjLyE8+/6kXxv1ZfRit6gnSEEKUHnQ2vqYi8syHn+Nxcq4=
x-amz-request-id: XM6WHM0J4M8X38WQ
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "777ac0df4dba632ad1b2955c88dd51ac"
x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 17 Nov 2022 22:47:32 GMT
via: 1.1 varnish
x-served-by: cache-bma1645-BMA
x-cache: HIT
x-cache-hits: 184
x-timer: S1668725253.554079,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5890
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21423)
Size:   5890
Md5:    097ef34c5f5d635a147bca3721bd605b
Sha1:   3b31ef3cfb1d62d9884d631ec2467b9d6b0d46e2
Sha256: 3e05d4e42c1e87b516b525574b20d2570dccc50d1bd1b2956d6421699aa19914
                                        
                                            GET /consent/f72d065d-437e-4ee9-87c6-475882c9f118/f3b2c177-d411-4b76-a21a-21650b13ebf4/en.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Thu, 17 Nov 2022 22:47:33 GMT
content-length: 14384
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: e00Dic0738NrYVoLBg7tPA==
last-modified: Tue, 14 Dec 2021 12:34:59 GMT
etag: 0x8D9BEFE24E4B72A
x-ms-request-id: 42befd17-e01e-00f6-6ee7-f0fff0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 72796
expires: Fri, 18 Nov 2022 22:47:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76bc02428f5d0afe-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
Size:   14384
Md5:    7b4d0389cd3bdfc36b615a0b060eed3c
Sha1:   a13bee7f9604f7dc3b55ddbbad915fd605ab9a4b
Sha256: bd7cccf2a2ad2ff6c00b8fd8238da52e11e19f36d1e30447f7c4561576788a57
                                        
                                            GET /sessions/1871831?s=0.25&r=0.07376239899917936 HTTP/1.1 
Host: vc.hotjar.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         99.84.9.107
HTTP/2 204 No Content
                                        
access-control-allow-origin: *
cache-control: no-store
date: Thu, 17 Nov 2022 22:47:33 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 415cafe4893fa18caeab8a2e966de6c0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C2
x-amz-cf-id: DlFUuEvfmJbD0gCK4b3eZW9-H0ZQYwqSl_AE1AMTzh-Mhk592cBEGw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   67405
Md5:    5429ba4a7de077858956b1b8b28d0dd8
Sha1:   efda84289c21675929cd9723298707da8076e13b
Sha256: b883af538b5fa1335d619031a20c1a5d53d68868f0357d680b647886a7520073
                                        
                                            GET /scripttemplates/6.27.0/assets/otFlat.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/json
                                        
date: Thu, 17 Nov 2022 22:47:33 GMT
content-length: 2950
content-encoding: gzip
content-md5: VSHBUrwe+huqkxKbuHF+GQ==
last-modified: Mon, 29 Nov 2021 20:30:50 GMT
etag: 0x8D9B3772216FA2F
x-ms-request-id: 247cd6ec-501e-004e-2dec-ec1d03000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 73153
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76bc024368630afe-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (10843)
Size:   2950
Md5:    5521c152bc1efa1baa93129bb8717e19
Sha1:   d89a1ebb0aa8417a5d0f27e172935bf743d8e42e
Sha256: 10e8c409d6b57eb0e5a7fa941b14b2a59b1437e37a16bb51f08adc3f65e807ba
                                        
                                            GET /scripttemplates/6.27.0/assets/v2/otPcCenter.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/json
                                        
date: Thu, 17 Nov 2022 22:47:33 GMT
content-length: 11602
content-encoding: gzip
content-md5: ceOHHWNBgrF8GxXKPVj35A==
last-modified: Mon, 29 Nov 2021 20:30:52 GMT
etag: 0x8D9B377239B4147
x-ms-request-id: a3c3cc4e-901e-00f9-2cec-ec1206000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 73153
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76bc024368670afe-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (37703)
Size:   11602
Md5:    71e3871d634182b17c1b15ca3d58f7e4
Sha1:   4063bf0afb25a8c96bdd33f6d24ca832067c7806
Sha256: c20f40887a2fdad6ea7070063acf1150881e18405c91338338e88be4195583b5
                                        
                                            GET /cache/app/en.build.json HTTP/1.1 
Host: cdn.acsbapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         147.185.239.229
HTTP/2 200 OK
content-type: application/json
                                        
cache-control: max-age=432000 public
expires: Fri, 18 Nov 2022 22:47:33 GMT
last-modified: Sun, 06 Nov 2022 16:24:03 GMT
etag: "3b8a8-6367dfa3-a3d2937a110a7bb5;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 25891
date: Thu, 17 Nov 2022 22:47:33 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (65461), with no line terminators
Size:   25891
Md5:    52bdf84f0be5da69da591fc15e745787
Sha1:   e6c82caac2991c051c8a019e05c9938fe177ef1e
Sha256: ab2c5a322cf6efa7cece1d7fec1a6cc588c31346141ca08954ae221a3b52a26e
                                        
                                            GET /turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1 
Host: challenges.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.18.7.185
HTTP/2 302 Found
                                        
date: Thu, 17 Nov 2022 22:47:33 GMT
content-length: 0
location: /turnstile/v0/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control: max-age: 300
vary: Accept-Encoding
server: cloudflare
cf-ray: 76bc02441968b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /gtm.js?id=GTM-N7SQ5DP HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 17 Nov 2022 22:47:33 GMT
expires: Thu, 17 Nov 2022 22:47:33 GMT
cache-control: private, max-age=900
last-modified: Thu, 17 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 103677
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5136), with no line terminators
Size:   107549
Md5:    0e492c0627f894cb066d2850ca99f0d4
Sha1:   3cc89785cddf1ea1af761c28a81d9a13d6c6e48b
Sha256: ed33548f92d0f01aeb6a3875a85111607afcb41d172fdd63dd5b7e54938896f6
                                        
                                            GET /apps/app/dist/media/logomono.svg HTTP/1.1 
Host: web1.acsbapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         138.128.247.123
HTTP/2 200 OK
content-type: image/svg+xml
                                        
cache-control: max-age=432000 public
expires: Fri, 17 Nov 2023 22:47:33 GMT
last-modified: Mon, 26 Sep 2022 21:02:04 GMT
etag: "1034-6332134c-7705bf7dfc5e498d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1210
date: Thu, 17 Nov 2022 22:47:33 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size:   1210
Md5:    5a1c5c803738f6acbab0a79379c92c10
Sha1:   9f4639325d9e8e69ccc2bfc30d0f83d7dd11cd79
Sha256: 04009697f389893748179c149cad7b1e399d23a2284637350fe07ad94ffa5350
                                        
                                            GET /others/general/js/seo.js HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: IbCrnl2jHtt3ARkbdDtJdY1t/iT+eA6L1pkPIeISKQrHurrfYzN0CE54ZOlbBo/E9qrm76WQ/M0=
x-amz-request-id: 69QVGW75ZMC6VK3N
x-amz-replication-status: COMPLETED
last-modified: Tue, 10 Jan 2017 14:31:16 GMT
etag: "bb01557076c5f1cc6976325a60a0be7c"
x-amz-meta-s3b-last-modified: 20170110T142820Z
x-amz-version-id: SSqunX8tv_w4z_1vK9cbzCWNqGZTmd8y
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Thu, 17 Nov 2022 22:52:33 GMT
date: Thu, 17 Nov 2022 22:47:33 GMT
content-length: 2209
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (366), with CRLF line terminators
Size:   2209
Md5:    f22c155ea9a463fee325cc2f52cb2c5b
Sha1:   67913d0b1cdaa875752a36f5c22fc21884cd6b22
Sha256: 115d84510217e73948fabbc05aa6041071564a86dee31d7abb282d764ff4f7a7
                                        
                                            GET /scevent.min.js HTTP/1.1 
Host: sc-static.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         99.84.0.246
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
content-length: 11968
server: CloudFront
date: Thu, 17 Nov 2022 22:47:34 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Fri, 18 Nov 2022 22:14:11 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 c91d54ce23c019ce0642e64447d9f9ba.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C2
x-amz-cf-id: Gb8cNpH6dI5lghlkwMAUKnmPPRec4nv2hT8f_YGrGKCugxNQHD_f0w==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27639), with no line terminators
Size:   11968
Md5:    6d231d01533de87f1978527ff1582e85
Sha1:   2681a231f71539018d1e7ef81b21035159e70067
Sha256: dd8eda4130a189c4da20100752803ccb737e26f5c93f97f8db822f29f545be19
                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6484
Cache-Control: 'max-age=158059'
Date: Thu, 17 Nov 2022 22:47:34 GMT
Last-Modified: Thu, 17 Nov 2022 20:59:30 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 17 Nov 2022 22:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /i/3c2d8da22b7aa416fab4696fbd547cc9.js HTTP/1.1 
Host: zero.pointlessplay.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         18.172.153.14
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
content-length: 30231
content-encoding: gzip
server: Caddy
date: Thu, 17 Nov 2022 21:01:39 GMT
cache-control: max-age=43200
expires: Fri, 18 Nov 2022 09:01:39 GMT
etag: "14351-RIWjsv313PWYI4RyEPNyETuIUAc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5cd71a2ac63eabf2336afda85c353f66.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P5
x-amz-cf-id: RnBny3vGjsJ4o-jBBFddNZYOENh4-d7k8Vw8pVD0JxGnmbVQomHlGQ==
age: 6355
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   39751
Md5:    7d9124eadb9861ec5d1a04388dd9c080
Sha1:   f151f939584c47b6f5276603e58c3dac958b4c76
Sha256: 16fb1f5241a2cad7b93003ab4e502f11d30b611ece90a33058822c648e4fef0b
                                        
                                            GET /up_loader.1.1.0.js HTTP/1.1 
Host: js.adsrvr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         99.86.116.119
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 4593
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 17 Nov 2022 15:51:47 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d5601700fc8f561e27a6c14284b0ddce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C1
X-Amz-Cf-Id: Lo2VKXHJ1Fv1nNPOXEmc66PRQyMoRkYNb1vbOJWejBcJtF5XJ8H9sg==
Age: 24948


--- Additional Info ---
Magic:  ASCII text, with very long lines (4593), with no line terminators
Size:   4593
Md5:    98d98b3499058b76d58073cf8ede2f10
Sha1:   2ec5bc839a187c2a4d93499567e8fff091a6bcc4
Sha256: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
                                        
                                            GET /activityi;src=9944765;type=visit0;cat=pagev0;match_id=undefined;u1=undefined;u8=undefined;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=undefinedundefined HTTP/1.1 
Host: 9944765.fls.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.70
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 17 Nov 2022 22:47:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 275
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 17-Nov-2022 23:02:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (562), with no line terminators
Size:   275
Md5:    1ab2a97338ed3a74084554ba95e3c920
Sha1:   9607de2f32b9ca12b92257f1469eaf7e688b6f80
Sha256: 1f91225ca593af121d56d4553e90970bb0eb6b267a9de6ed812906ed9c7efe0d
                                        
                                            GET /adalyser.js?cid=etoro HTTP/1.1 
Host: c0.adalyser.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.77.147.26
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 17 Nov 2022 22:47:34 GMT
content-length: 12183
x-powered-by: Express
access-control-allow-headers: origin, content-type, accept
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="ADMa OUR IND DSP NON COR"
etag: "60b9cf4ef4ac6dab5294025f3c443ba3cca92451"
cache-control: public, max-age=21600
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (31834)
Size:   12183
Md5:    5301983312500f1fa818e866832a8ede
Sha1:   96c054b07049abe3b764dbcf0f8189055de98e78
Sha256: 24f6c7d7b8467781e61deda43741ad359abebb7efd8b41add68e4bb359cc0867
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 17 Nov 2022 22:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3094
Cache-Control: max-age=118390
Date: Thu, 17 Nov 2022 22:47:34 GMT
Etag: "6375d966-1d7"
Expires: Sat, 19 Nov 2022 07:40:44 GMT
Last-Modified: Thu, 17 Nov 2022 06:49:10 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3094
Cache-Control: max-age=118390
Date: Thu, 17 Nov 2022 22:47:34 GMT
Etag: "6375d966-1d7"
Expires: Sat, 19 Nov 2022 07:40:44 GMT
Last-Modified: Thu, 17 Nov 2022 06:49:10 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /cm/i?pid=2b300842-74be-4e72-8ed5-3bab9449a996&u_scsid=9cc30fa8-486a-4598-a1c4-4ea6faafe0bc&u_sclid=835f1f8c-67a5-468e-9a11-a8c676f454f3 HTTP/1.1 
Host: tr.snapchat.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         35.190.43.134
HTTP/2 200 OK
content-type: text/html
                                        
date: Thu, 17 Nov 2022 22:47:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3094
Cache-Control: max-age=118390
Date: Thu, 17 Nov 2022 22:47:34 GMT
Etag: "6375d966-1d7"
Expires: Sat, 19 Nov 2022 07:40:44 GMT
Last-Modified: Thu, 17 Nov 2022 06:49:10 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /tracking/track/v3/p?stm=1668725252834&e=lce1&url=https%3A%2F%2Fwww.etoro.com%2F%3Fdl%3D30001923%26utm_medium%3DNetworks%26utm_source%3D89099%26utm_content%3D0%26utm_serial%3D166872524910000TNOTV415326358024V41%26utm_campaign%3D166872524910000TNOTV415326358024V41%26utm_term%3D%26from_lp%3DwhiteLP&cid=etoro&p=%7B%22et%22%3A1668725252831%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Unknown%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%2289099%22%2C%22me%22%3A%22Networks%22%2C%22ca%22%3A%22166872524910000TNOTV415326358024V41%22%2C%22co%22%3A%220%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A2%2C%22sid%22%3A%224e262a30-969e-47f3-9cc7-219c9c3213a2%22%2C%22duid%22%3A%2238471653-ba3c-4934-bc7d-b8f8cee479f0%22%2C%22cw%22%3A1668725252831%7D&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&domain=www.etoro.com HTTP/1.1 
Host: c0.adalyser.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.77.147.26
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 17 Nov 2022 22:47:34 GMT
content-length: 43
x-powered-by: Express
access-control-allow-headers: origin, content-type, accept
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="ADMa OUR IND DSP NON COR"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
etag: W/"2b-B//0C13UlayirE4cP7xgqg"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    07fff40b5dd495aca2ac4e1c3fbc60aa
Sha1:   e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
Sha256: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 17 Nov 2022 22:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ddm/fls/i/src=9944765;type=visit0;cat=pagev0;match_id=undefined;u1=undefined;u8=undefined;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=undefinedundefined;~oref=https://www.etoro.com/ HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9944765.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.130
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 17 Nov 2022 22:47:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 275
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (561), with no line terminators
Size:   275
Md5:    2888301990c4b794774d7d3454f5ef45
Sha1:   9a0cf2d83268e6dc1097bcbf7607a2728e8ef514
Sha256: 3be969207e485fb819f87c8bf994dcfafac7d29c32750eeac9d8454ac8d25c18
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 17 Nov 2022 22:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   51032
Md5:    a80651a1c0ee1fffdf4344ddefd9151f
Sha1:   4a3f541e1ba4a06fa8eb8e5f6c817d2e3022ca78
Sha256: a1dea8c80fbf3d419fd064f3bb7221a9934809817ea0ef061590af87d2db75df
                                        
                                            GET /scripttemplates/6.27.0/assets/otCommonStyles.css HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 17 Nov 2022 22:47:33 GMT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
last-modified: Mon, 29 Nov 2021 20:31:07 GMT
x-ms-request-id: 45454291-e01e-00fd-65ec-ece784000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 73153
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76bc0243686d0afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11123)
Size:   4778
Md5:    ae501ead331272c77e46b5bdbd8393f0
Sha1:   5ef8e0c44e719a25c1d9118706e608759fbeae71
Sha256: 37dbde029ceadad6fbea75b7c1fadac91a33776ebca50a8ff2cc9dd194068666
                                        
                                            GET /39.2d6a2503-1220.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: KxfPNXIQ38SSfzz490TMAo2ltA9W5l6OlU9HI6h8SfmvQBHsTP/3JrzkCdnsVJAOdxSfq1TwUMk=
x-amz-request-id: ESHWVX2RDYQJKTJS
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "0448380a8f2cd0426bbdf04dd45b5408"
x-amz-version-id: rKoZQfJFmGD6aC9Xn3l7.fk4j9L96MM_
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 17 Nov 2022 22:47:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1645-BMA
x-cache: HIT
x-cache-hits: 85
x-timer: S1668725255.512167,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin