Overview

URL67.us.blowingwind.xyz/feed/?link=true&tid=67&subid=67.us.android&ref=t3.lowtid.com&s1=6366d9b89b9cab0ea86eb1b5
IP 23.235.251.114 (United States)
ASN#19437 SS-ASH
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-05 21:47:06 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (74)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
www.linkedin.com (1) 608 2015-06-18 16:10:03 UTC 2020-04-27 12:38:34 UTC 13.107.42.14
cdn.mxpnl.com (1) 2824 2012-08-22 19:52:57 UTC 2022-11-05 06:53:20 UTC 35.186.235.23
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.149.219.22
www.googletagmanager.com (2) 75 2012-12-25 14:52:06 UTC 2022-11-05 09:57:19 UTC 142.250.74.168
cdn.cookielaw.org (7) 502 2014-05-20 23:23:17 UTC 2022-11-05 08:45:46 UTC 104.16.148.64
script.hotjar.com (1) 887 2020-11-05 16:23:46 UTC 2022-11-05 06:12:49 UTC 143.204.55.68
s.yimg.com (2) 375 2012-05-21 13:25:46 UTC 2020-03-08 23:51:03 UTC 188.125.94.206
js-agent.newrelic.com (9) 378 2018-06-22 04:15:37 UTC 2020-05-01 11:44:04 UTC 151.101.86.137
static.hotjar.com (1) 641 2014-11-01 05:14:27 UTC 2020-04-26 08:32:02 UTC 143.204.55.98
popmyads.com (1) 44134 2019-01-09 18:43:38 UTC 2022-11-05 03:52:58 UTC 104.21.54.194
vc.hotjar.io (1) 2334 No data No data 54.230.111.64
js.adsrvr.org (1) 1664 2014-10-28 22:25:15 UTC 2020-02-11 15:39:45 UTC 143.204.45.46
region1.analytics.google.com (1) 0 2022-03-17 11:26:33 UTC 2022-11-05 12:55:05 UTC 216.239.32.36 Domain (google.com) ranked at: 1
sp.analytics.yahoo.com (2) 816 2014-02-20 00:23:24 UTC 2020-02-06 05:43:37 UTC 212.82.100.181
tr.outbrain.com (2) 2017 2018-07-09 09:55:46 UTC 2021-09-19 09:16:35 UTC 64.202.112.95
ocsp.pki.goog (12) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2020-05-02 20:58:10 UTC 192.124.249.24
analytics.twitter.com (2) 526 2013-04-10 19:53:18 UTC 2020-02-24 11:40:32 UTC 104.244.42.3
trc-events.taboola.com (1) 1779 2020-06-09 13:52:57 UTC 2021-01-14 12:00:33 UTC 141.226.228.48
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-05 05:55:16 UTC 34.117.237.239
img-getpocket.cdn.mozilla.net (5) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
med.etoro.com (3) 45781 No data No data 96.6.17.100
sc-static.net (1) 1183 2022-01-24 20:13:30 UTC 2022-11-05 21:39:43 UTC 54.230.82.240
amplify.outbrain.com (1) 2255 2018-06-20 02:16:23 UTC 2021-09-19 09:57:40 UTC 23.38.201.81
in.hotjar.com (1) 1746 2018-10-22 17:15:59 UTC 2020-11-20 16:45:40 UTC 52.30.44.244
goosebomb.com (1) 96435 2021-08-27 13:00:38 UTC 2022-11-05 13:58:14 UTC 172.67.144.202
trc.taboola.com (1) 602 2013-07-11 10:17:31 UTC 2020-03-17 19:54:14 UTC 151.101.85.44
67.us.blowingwind.xyz (1) 0 2022-10-20 12:32:42 UTC 2022-11-05 17:52:35 UTC 23.235.251.114 Unknown ranking
acsbapp.com (1) 5220 2020-08-14 05:49:08 UTC 2022-11-05 15:46:31 UTC 138.128.247.123
match.adsrvr.org (1) 349 2014-10-06 17:59:33 UTC 2022-11-05 05:55:10 UTC 15.197.193.217
www.facebook.com (1) 99 2012-05-21 00:23:41 UTC 2021-06-08 06:38:51 UTC 31.13.72.36
ron.trffclb.com (2) 0 2022-09-30 13:04:48 UTC 2022-11-05 17:52:57 UTC 51.83.143.92 Unknown ranking
pages.etoro.com (2) 137606 2015-03-22 08:50:22 UTC 2020-04-17 00:59:48 UTC 172.64.152.107
adservice.google.com (1) 76 2021-02-20 16:10:48 UTC 2022-11-05 19:07:23 UTC 216.58.207.226
t.co (2) 569 2012-07-25 19:09:44 UTC 2022-11-05 06:31:51 UTC 104.244.42.69
googleads.g.doubleclick.net (2) 42 2021-02-20 15:43:32 UTC 2022-11-05 15:51:11 UTC 142.250.74.98
www.linkonclick.com (3) 107259 2018-07-03 01:42:51 UTC 2020-04-07 19:59:13 UTC 35.186.193.41
www.googleoptimize.com (1) 1604 2019-07-23 08:23:32 UTC 2022-11-05 18:22:52 UTC 142.250.74.46
zero.pointlessplay.com (1) 0 2022-05-04 08:00:48 UTC 2022-11-05 15:46:32 UTC 54.230.111.97 Unknown ranking
status.thawte.com (3) 5123 2019-03-13 17:00:46 UTC 2020-04-10 08:00:21 UTC 93.184.220.29
stats.g.doubleclick.net (1) 96 2013-06-10 20:21:11 UTC 2022-11-05 16:48:34 UTC 64.233.165.155
www.google.com (2) 7 2016-03-22 03:56:07 UTC 2022-11-05 18:28:16 UTC 142.250.74.164
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
www.google-analytics.com (2) 40 2012-10-03 01:04:21 UTC 2022-11-05 17:41:19 UTC 142.250.74.174
snap.licdn.com (2) 1044 2014-10-06 08:43:45 UTC 2020-04-10 04:11:37 UTC 23.36.76.121
www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-11-05 10:47:16 UTC 142.250.74.35
r3.o.lencr.org (9) 344 No data No data 23.36.77.32
cdn.fonts.net (1) 62966 2018-07-06 16:36:26 UTC 2022-11-05 10:09:33 UTC 104.17.224.78
geolocation.onetrust.com (1) 802 2018-09-01 13:33:45 UTC 2022-11-05 13:02:01 UTC 172.64.146.158
px.ads.linkedin.com (2) 522 2018-06-15 11:29:56 UTC 2019-09-20 11:09:24 UTC 13.107.42.14
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-11-05 09:21:26 UTC 216.239.32.36 Domain (google-analytics.com) ranked at: 8401
c0.adalyser.com (2) 26110 2018-08-22 06:21:53 UTC 2020-04-21 04:24:50 UTC 54.220.223.247
bat.bing.com (3) 387 2014-04-08 09:23:16 UTC 2020-04-20 20:17:24 UTC 13.107.21.200
static.ads-twitter.com (1) 614 2018-06-23 22:08:39 UTC 2020-04-02 08:58:40 UTC 151.101.84.157
ocsp.sectigo.com (1) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
insight.adsrvr.org (1) 631 2014-03-25 22:33:59 UTC 2022-11-05 07:44:45 UTC 15.197.193.217
ocsp.digicert.com (19) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
cdn.acsbapp.com (2) 5589 2020-08-16 06:12:24 UTC 2020-11-08 12:35:22 UTC 83.229.67.229
connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2020-02-17 13:26:09 UTC 31.13.72.12
marketing.etorostatic.com (36) 82505 2015-09-24 17:03:19 UTC 2019-11-14 02:05:56 UTC 23.38.201.117
web1.acsbapp.com (1) 37191 2021-03-10 09:46:33 UTC 2022-11-05 14:49:12 UTC 138.128.247.123
tr.snapchat.com (3) 978 2017-04-26 06:25:03 UTC 2022-05-17 21:54:32 UTC 35.190.43.134
adservice.google.no (1) 96969 2018-06-19 23:38:38 UTC 2020-05-14 07:59:11 UTC 142.250.74.34
bam.nr-data.net (2) 630 2015-02-10 00:06:27 UTC 2022-05-19 12:27:58 UTC 162.247.241.14
redir.tealwinds.xyz (1) 0 2022-07-28 05:22:11 UTC 2022-11-05 17:52:47 UTC 198.211.113.186 Domain (tealwinds.xyz) ranked at: 178693
etorologsapi.etoro.com (2) 54636 2015-02-05 06:25:55 UTC 2019-11-21 07:10:20 UTC 20.54.209.212
ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.158
px.steelhousemedia.com (1) 7685 2012-07-19 07:21:29 UTC 2022-11-05 15:46:33 UTC 54.244.159.189
dx.steelhousemedia.com (1) 8530 2013-09-26 09:54:29 UTC 2022-11-05 13:08:27 UTC 52.11.37.91
t2.lowtid.com (1) 0 2022-08-03 13:42:14 UTC 2022-11-05 03:52:58 UTC 51.161.115.163 Unknown ranking
vars.hotjar.com (1) 1014 2020-11-05 10:13:14 UTC 2022-11-05 15:17:20 UTC 143.204.55.118
9944765.fls.doubleclick.net (1) 125024 No data No data 142.250.74.70
cdn.taboola.com (1) 1040 2013-07-19 23:48:03 UTC 2020-04-10 11:29:57 UTC 151.101.85.44
one.pointlessplay.com (4) 0 2021-08-13 12:07:31 UTC 2022-11-05 15:46:32 UTC 50.16.211.97 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-05 2 trffclb.com Sinkholed
2022-11-05 2 trffclb.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 23.235.251.114
Date UQ / IDS / BL URL IP
2023-02-05 11:22:44 +0000 0 - 0 - 2 4.us.silverwinds.xyz/feed/?link=true&tid=4&su (...) 23.235.251.114
2023-02-03 20:22:48 +0000 0 - 0 - 2 8.us.tealwinds.xyz/feed/?link=true&tid=8&subi (...) 23.235.251.114
2023-01-29 16:07:50 +0000 0 - 2 - 2 66.us.tealwinds.xyz/feed/?link=true&tid=66&su (...) 23.235.251.114
2023-01-25 06:47:03 +0000 0 - 0 - 1 21.us.tealwinds.xyz/feed/?link=true&tid=21&su (...) 23.235.251.114
2023-01-19 15:47:03 +0000 0 - 0 - 2 60.us.tealwinds.xyz/feed/?link=true&tid=60&su (...) 23.235.251.114


Last 5 reports on ASN: SS-ASH
Date UQ / IDS / BL URL IP
2023-02-05 11:22:44 +0000 0 - 0 - 2 4.us.silverwinds.xyz/feed/?link=true&tid=4&su (...) 23.235.251.114
2023-02-03 20:22:48 +0000 0 - 0 - 2 8.us.tealwinds.xyz/feed/?link=true&tid=8&subi (...) 23.235.251.114
2023-02-01 20:53:46 +0000 0 - 0 - 22 www.montereycountyclinicservices.org/ 131.153.100.222
2023-01-31 07:05:58 +0000 0 - 0 - 4 www.afamag.com/ 131.153.100.9
2023-01-29 16:07:50 +0000 0 - 2 - 2 66.us.tealwinds.xyz/feed/?link=true&tid=66&su (...) 23.235.251.114


Last 5 reports on domain: blowingwind.xyz
Date UQ / IDS / BL URL IP
2023-01-29 04:36:00 +0000 0 - 0 - 1 redir.blowingwind.xyz/feed/click/?t1=128&tid= (...) 198.211.113.186
2023-01-27 09:05:59 +0000 0 - 2 - 7 redir.blowingwind.xyz/feed/click/?t1=128&tid= (...) 198.211.113.186
2023-01-26 08:11:31 +0000 0 - 0 - 9 redir.blowingwind.xyz/feed/click/?t1=128&tid= (...) 198.211.113.186
2023-01-09 02:02:27 +0000 0 - 2 - 2 redir.blowingwind.xyz/click/invalid/?tid=8&su (...) 198.211.113.186
2023-01-07 15:55:50 +0000 0 - 2 - 3 redir.blowingwind.xyz/feed/click/?t1=128&tid= (...) 198.211.113.186


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-15 20:11:14 +0000 0 - 1 - 1 w4x0i.bemobtrcks.com/go/db5076e0-b753-4adf-be (...) 3.70.16.242
2023-01-15 16:14:58 +0000 0 - 1 - 0 camp.purchase-shop.com/3967415d-e788-42c8-80d (...) 18.192.108.151
2023-01-14 21:58:08 +0000 0 - 1 - 2 inoradde.com/4/4326573/ 139.45.197.238
2023-01-13 22:53:19 +0000 0 - 1 - 2 inoradde.com/4/4326573/ 139.45.197.238
2023-01-12 16:00:12 +0000 0 - 1 - 0 h.youractualjournal.com/4/3735494/ 188.114.96.1

JavaScript

Executed Scripts (91)

Executed Evals (8)
#1 JavaScript::Eval (size: 62) - SHA256: 6477acf082d26199b6ce8346b93149b1b999233d9fe76b0340ebf43317cf98f8
typeof 1 n === "bigint" && BigInt(1) === 1 n && Number(1 n) === 1
#2 JavaScript::Eval (size: 2652) - SHA256: 9a2d97f8d63fb4cdd827340a31b7eb5663ab77d6700ca5c8d3ff724aadfeafa6
(function() {
    if (typeof irongate == 'undefined') irongate = {};
    irongate.gr = function(callback) {
        if (typeof irongate.g != 'undefined') {
            callback()
        } else {
            if (typeof irongate.gcb == 'undefined') {
                irongate.gcb = []
            }
            irongate.gcb.push(callback)
        }
    };
    irongate.gsl = function() {
        var st = document.createElement("script");
        st.type = "text/javascript";
        st.src = "https://ww.steelhousemedia.com/gs";
        var list = document.getElementsByTagName("script");
        var last = Number(list.length) - 1;
        var scpt = document.getElementsByTagName("script")[last];
        scpt.parentNode.insertBefore(st, scpt);
        irongate.timeout = setInterval(irongate.dl, 2000)
    };
    irongate.dl = function() {
        if (typeof irongate.g != 'undefined') {
            clearInterval(irongate.timeout)
        }
        while (irongate.gcb.length > 0) {
            var callback = irongate.gcb.pop();
            callback()
        }
    };
    var request = function() {
        var st = document.createElement('script');
        st.type = 'text/javascript';
        var g = (typeof irongate.g != 'undefined' ? irongate.g() : 'null');
        var gt = (typeof irongate.gt != 'undefined' ? irongate.gt() : 'null');
        var sturl = 'px.steelhousemedia.com/st?ga_tracking_id=UA-2056847-65&ga_client_id=511602775.1667684818&shpt=Crypto%20Stocks%20%26%20Beyond!%20The%20power%20of%20social%20investing%20%7C%20eToro&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-2056847-65%22%2C%22ga_client_id%22%3A%22511602775.1667684818%22%2C%22shpt%22%3A%22Crypto%20Stocks%20%26%20Beyond!%20The%20power%20of%20social%20investing%20%7C%20eToro%22%2C%22dcm_cid%22%3A%221667684817.1%22%2C%22dcm_gid%22%3A%221663278721.1667684818%22%2C%22ga_utm_campaign%22%3A%22166768481610000TNOTV415326358024Vf3%22%2C%22ga_utm_source%22%3A%2289099%22%2C%22ga_utm_medium%22%3A%22Networks%22%2C%22ao%22%3A%7B%22s_ecid%22%3A%22MCMID%7Cundefined%22%7D%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getTrackingIdByGA%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1667684817.1&dcm_gid=1663278721.1667684818&dxver=4.0.0&shaid=31950&plh=https%3A%2F%2Fwww.etoro.com%2F%3Fdl%3D30001923%26utm_medium%3DNetworks%26utm_source%3D89099%26utm_content%3D0%26utm_serial%3D166768481610000TNOTV415326358024Vf3%26utm_campaign%3D166768481610000TNOTV415326358024Vf3%26utm_term%3D%26from_lp%3DwhiteLP&cb=1667684821539481&shguid=' + g + '&shgts=' + gt;
        st.src = ('https:' == document.location.protocol ? 'https://' : 'http://') + sturl;
        var list = document.getElementsByTagName('script');
        var last = Number(list.length) - 1;
        var scpt = document.getElementsByTagName('script')[last];
        scpt.parentNode.insertBefore(st, scpt)
    };
    irongate.gr(request);
    irongate.gsl()
})();
#3 JavaScript::Eval (size: 2273) - SHA256: 17447612805db92c6c2d50acc2ed722f47b84cc6e9231827d1478693b06e5037
�
(function() {�
    var s = '9a74e4a102375b6baa54cc935ed3c65c0326a1fb2fe9a337d0e426630e2a47993f43c599a6434971b8f6309b72effc9b89953d7da11dfd75453c3c3fb6a78894b9fc1cb01cabc90bd63e21d945dadebb0c8b372984534a6473c66cf77c32617c497aaccaa46cc58d3f41d8172a9e21bbe6906860a0cb1b8307762f73581a93';�
    function setCookie(cname, cvalue, domain, exdays) {�
        var d = new Date();�
        d.setTime(d.getTime() + (1000 * 60 * exdays * 60 * 24));�
        var expires = "expires=" + d.toUTCString();�
        var cookie = cname + "=" + cvalue;�
        if (domain) {�
            cookie += ";" + "domain=" + domain;�
        }�
        cookie += ";" + expires + ";path=/";�
        document.cookie = cookie;�
    }�
    function deleteCookie(cname, domain) {�
        setCookie(cname, "", domain, 0);�
    }�
    var ta = ["window.callPhantom", "window.__webdriver_script_fn", "document.$cdc_asdjflasutopfhvcZLmcfl_", "window._phantom", "window.__nightmare", "navigator.webdriver"];�
    var re;�
    try {�
        re = [!!window.callPhantom, !!window.__webdriver_script_fn, !!document.$cdc_asdjflasutopfhvcZLmcfl_, !!window._phantom, !!window.__nightmare, !!navigator.webdriver];�
    }�
    catch (err) {��}�
    if (re && re.indexOf(true) == -1) {�
        setCookie("TMIS2", s, ".etoro.com", 14);�
    }�
    else {�
        var resultsObj = {};�
        for (var i = 0; i < ta.length; i++) {�
            resultsObj[ta[i]] = re[i];�
        }�
        var img = new Image();�
        img.src = 'https://etorologsapi.etoro.com/api/v2/monitoring?applicationIdentifier=JSCClient&LogEvents=' + encodeURIComponent(JSON.stringify([{�
            ApplicationIdentifier: 'JSCClient',
            �ApplicationVersion: '0.0.11',
            �Level: "error",
            �Message: "ClientSel",
            �Results: resultsObj,
            �Type: 'log'�
        }]));�
    }�
})();��
#4 JavaScript::Eval (size: 25) - SHA256: b62262aeb7ee1694f40152af828f0d72a6ac6572f9db8ffa1ab16784c7532878
(function() {
    return !0
})();
#5 JavaScript::Eval (size: 4) - SHA256: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
true
#6 JavaScript::Eval (size: 25) - SHA256: d72255f7e5ea4dfdf9821df800356367d0bc7df07ecd103bb660018cb1e4f400
3.141592653589793 * * -100
#7 JavaScript::Eval (size: 83) - SHA256: 16546b79ed36a9ca2495b23fbef53975fd6d324b4b03a379a09a22cf788ba32c
(function() {
    var b = 3;
    return function(a) {
        a.set("dimension" + b, a.get("clientId"))
    }
})();
#8 JavaScript::Eval (size: 7) - SHA256: 53e5f34ac520035c7f124076d1e68c70a85c83cf68a339fa713b872b54126148
() => !!1

Executed Writes (0)


HTTP Transactions (195)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2DA2FA0B2B86CCC4029D0BAA4E9C5B21A6433228B84B451B72B1D318561D4EF2"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18170
Expires: Sun, 06 Nov 2022 02:49:43 GMT
Date: Sat, 05 Nov 2022 21:46:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5132
Cache-Control: max-age=133783
Date: Sat, 05 Nov 2022 21:46:53 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 10:56:36 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DD5DD09FEC51669ADF36B3014BBF65D7BFF608F72018D037F9ED9B414675037C"
Last-Modified: Fri, 04 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3672
Expires: Sat, 05 Nov 2022 22:48:05 GMT
Date: Sat, 05 Nov 2022 21:46:53 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: imV+bIz5zGm631VrBd07PgVZlGeGubdiIwIR/47EsLKLBzsywX5W/AVR3/IP9C5OJocGslRH4as=
x-amz-request-id: CYGGAYBMY3GDHBDK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 05 Nov 2022 20:47:21 GMT
age: 3572
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 05 Nov 2022 21:46:53 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4462
Cache-Control: max-age=128055
Date: Sat, 05 Nov 2022 21:46:54 GMT
Etag: "63661997-1d7"
Expires: Mon, 07 Nov 2022 09:21:09 GMT
Last-Modified: Sat, 05 Nov 2022 08:06:47 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /feed/?link=true&tid=67&subid=67.us.android&ref=t3.lowtid.com&s1=6366d9b89b9cab0ea86eb1b5 HTTP/1.1 
Host: 67.us.blowingwind.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         23.235.251.114
HTTP/1.1 301 Moved Permanently
                                        
Cache-Control: no-cache
Location: https://redir.tealwinds.xyz/click/invalid/?tid=67&subid=67.us.android
Date: Sat, 05 Nov 2022 21:46:54 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ha4HQ1SyJLF7Rg3FvrQpYw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.149.219.22
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1/zIn3DNA4Z5GBrO15OQmBQwtcQ=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "121FF5818C7A38E983C163139726BC3F46C74331791878B24A947A024A55437E"
Last-Modified: Fri, 04 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3895
Expires: Sat, 05 Nov 2022 22:51:49 GMT
Date: Sat, 05 Nov 2022 21:46:54 GMT
Connection: keep-alive

                                        
                                            GET /click/invalid/?tid=67&subid=67.us.android HTTP/1.1 
Host: redir.tealwinds.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         198.211.113.186
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
X-Powered-By: Express
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: 0
Location: https://t2.lowtid.com/l.php?p=c:1ighcayppnss2p5b2&d=63526ec4faf797126b433250&s=67p
Vary: Accept
Content-Length: 224
Date: Sat, 05 Nov 2022 21:46:54 GMT
Connection: keep-alive
Keep-Alive: timeout=5


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   224
Md5:    585810573a1a686b9cd3c49ef3d3e912
Sha1:   d5b8220a03ba07d2bee9346ae06e074f4285675c
Sha256: a004b5fe2cfc5d4163625c61ce2c66699b52d0956b14bff1f18f21f71487a755
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "02BCDEE84289E54AD365DCF2DC56E4940CA2326B686C1C019A9488E2740F21B2"
Last-Modified: Thu, 03 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4041
Expires: Sat, 05 Nov 2022 22:54:16 GMT
Date: Sat, 05 Nov 2022 21:46:55 GMT
Connection: keep-alive

                                        
                                            GET /l.php?p=c:1ighcayppnss2p5b2&d=63526ec4faf797126b433250&s=67p HTTP/1.1 
Host: t2.lowtid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         51.161.115.163
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sat, 05 Nov 2022 21:46:55 GMT
Content-Length: 0
Connection: keep-alive
Round: 1217p3t0dz
Raund: 1yh
Location: https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys-67p

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "75660095106CFF519754214B4AD622F4DD63A7D9C7B808C45B223E11B9B30B8A"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6692
Expires: Sat, 05 Nov 2022 23:38:27 GMT
Date: Sat, 05 Nov 2022 21:46:55 GMT
Connection: keep-alive

                                        
                                            GET /f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys-67p HTTP/1.1 
Host: ron.trffclb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         51.83.143.92
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sat, 05 Nov 2022 21:46:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: bt-603611c5b7eaf46891533240=6366d9cfa76fb47e0073a444; expires=Tue, 08-Nov-2022 21:46:55 GMT; Max-Age=259200; path=/; domain=ron.trffclb.com; HttpOnly
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (537)
Size:   490
Md5:    b1e6dceed9b516118edddba0d01d1d92
Sha1:   60c3b3ac3a3c9002e8b5b64fc25d014a3536b6dd
Sha256: 7a005398b328c24583a982e12346f65b32d2236799a1bdeebc8e8310f88ca5f0

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys-67p&bv=1 HTTP/1.1 
Host: ron.trffclb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys-67p
Cookie: bt-603611c5b7eaf46891533240=6366d9cfa76fb47e0073a444
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

search
                                         51.83.143.92
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sat, 05 Nov 2022 21:46:55 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: bt-603611c5b7eaf46891533240=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=ron.trffclb.com; HttpOnly
Round: 11kgq037yu
Raund: 2g2
Location: https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4188
Cache-Control: max-age=120221
Date: Sat, 05 Nov 2022 21:46:55 GMT
Etag: "6365fc10-117"
Expires: Mon, 07 Nov 2022 07:10:36 GMT
Last-Modified: Sat, 05 Nov 2022 06:00:48 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4188
Cache-Control: max-age=120221
Date: Sat, 05 Nov 2022 21:46:55 GMT
Etag: "6365fc10-117"
Expires: Mon, 07 Nov 2022 07:10:36 GMT
Last-Modified: Sat, 05 Nov 2022 06:00:48 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18827
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sat, 05 Nov 2022 21:46:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18827
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sat, 05 Nov 2022 21:46:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18827
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sat, 05 Nov 2022 21:46:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18827
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sat, 05 Nov 2022 21:46:56 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3420191-fa21-4db2-9043-c0adac7b0820.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8160
x-amzn-requestid: 31cf0571-0ef2-4c99-a6be-afd806b7f449
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJaroFHhoAMF26g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-269b7bcc1bcb8bdc4aa51dc9;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:43 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: J2pyEM7n1b_j4vS7S_K8aiJ-Jj01PtPk7Qb7rEOblKaz-isZtSqo1g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:33 GMT
age: 143
etag: "8e7a2be19b5c7682e86aec81907f6026d14d7313"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8160
Md5:    39ac4f41f6bbdba85b2afeb7b011db5f
Sha1:   8e7a2be19b5c7682e86aec81907f6026d14d7313
Sha256: fbd813af4eb335e1aefa6fb78b672bf89f8606ef688c98d3bd38ffdb77abfba3
                                        
                                            GET /serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20= HTTP/1.1 
Host: popmyads.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ron.trffclb.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         104.21.54.194
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sat, 05 Nov 2022 21:46:55 GMT
x-powered-by: PHP/7.1.33
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Z2iRp7JkpUkom4bi22NQdVwf1Wj5QU%2Fq1pRC1E0n36rnK5SLW9Sc231irZCu5NMGSefYX1IsYwCkRybxZv9TI4kshEiKIBaxt5KClaUhy5DMl3jZOK30br9tIgTwEE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7658c8f31a240b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   6686
Md5:    2a4d43bc4cba47ec79f2bc16c529e07f
Sha1:   46b79c7c9a96499a1986a2b5c0558239b775d542
Sha256: fd2589cfc42c6ea38b030f9c98927070c1cafb7a43e08560f69e97f5a9cb391a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabe183b3-9afb-4ba7-a622-b217c22a39e9.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9807
x-amzn-requestid: 3b69bade-c97d-4317-83a2-d350ccdd5cf6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabgE47oAMFS6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-398c74cf587625ff0ed0616e;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: msijYT-LLw1VX41oK8EkQsOSsRFf7NL2g-KZjngfZmBD5jD1jrIvGQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:33 GMT
etag: "a9d2555cce6409e90acaa17cc044bfe89da921da"
age: 143
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9807
Md5:    a155f83a49996f5c121b1f8cd7f72d4b
Sha1:   a9d2555cce6409e90acaa17cc044bfe89da921da
Sha256: 0e9418897e4f36435abf71df44558ae29cf7995d0aed2d80626000ceb997fcbd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3fDf4aoep5tTAusisXhIdAf0A6SbpM5fYtYaiXtNSb0-VRJo5nu8Vg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 06:27:59 GMT
age: 55137
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10462
Md5:    4e2853cc6ec6223160471401e6871f4b
Sha1:   f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
Sha256: bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F739b1fef-6431-4b6d-bb9d-a3f01980224f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6907
x-amzn-requestid: d9cc225c-f74e-431a-aad8-082b8ed86d46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabjFazIAMFYUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-1dd9396566c54c9e19e777e6;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5MxuizjMZKGwvlswVn1KPkJ825qD2-as-GFsBs6u6lLBr7g94oXYuQ==
via: 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:33 GMT
age: 416
etag: "0c7e46d28854bc512252ada34ed2e347a18e5479"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6907
Md5:    83c047f46d089a4bf3f8fc3268bd8d02
Sha1:   0c7e46d28854bc512252ada34ed2e347a18e5479
Sha256: 87578f25647d4b785b935806658aaafbc0df4b11d8720924326c2734581a40c4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ry_OKFFZDdDoVya2hTxnFlDGtgoSw0JRqieDnCO4mSNFbgV-AuLE5Q==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:33 GMT
age: 143
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8961
Md5:    dcc79e66d1e21452efb26d26650f6739
Sha1:   1f727a7ea032082658944cf4041686446fb6b5f2
Sha256: af1fe8de442a365a108d5c03f0d3ae8b0beb1abb4f267a46979f9c885ee026c6
                                        
                                            GET /jump/next.php?r=1041905&sub1=0646614100 HTTP/1.1 
Host: www.linkonclick.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         35.186.193.41
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: openresty
Date: Sat, 05 Nov 2022 21:46:56 GMT
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   2657
Md5:    25fecec5d50ce001cd00a9a1d8cba490
Sha1:   42db68c91519a5317f07e82f5f19d354cdee06d6
Sha256: 1edb790bce20288993dd74f2c665f504e87c2f7973bd943887fff9a4b0eb01ed
                                        
                                            GET /jump/next.php?stamat=m%257C%252Coo2djdjarB1dQO0dEdHP3xP.681%252CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM8JUm5HksBtX5-SSJ8vLRk6bFmvq_XsOZ11dNi5wjwW8w%252C%252C&cbpage=http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646614100&cbur=0.09316797295297352&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref= HTTP/1.1 
Host: www.linkonclick.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         35.186.193.41
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=utf-8
                                        
Server: openresty
Date: Sat, 05 Nov 2022 21:46:56 GMT
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Location: http://www.linkonclick.com/script/i.php?stamat=m%257C%252C%252Cg2ZrYiOqoGU3B_-GH0dEdHP3xP.874%252C5NynZ733vjMGv3AdQsdDK3rIFFAN9BVBr6hFwESODioCwIUq-7hwCzrPTknUpQWCZfkawTJ4h_0HsyHpv-qzc3-R4LYsNCQK7HjIYQC7j8sfHSKEIJ3Mh3aRBl1MHyeiS9Akiyo7inZKlwyqPeVBVczF3n5sy_wi3uWUf4ZFofJKnQ0dqkaQTV7wLFNtVaNNNE8RdB7oSXUCl3gsGuF_p54qZW9Bpq9yhTAc0TYq-JsXownrE1dpB9vWfoEukHamfM8bWAANSjbVWrbM2eG5Ibs8kXlo8YKH7pNDFp1U4qRKlcHBGP71vJsG5bCa137-jXsYlrtdpdpUUxvDYwHTdJ7n-5mbu5Ak0rudfvUF6WRnjLsimwNQa7fCb4WgSur0mP79AQq_zrVpK2CO8_kOhgMaNSR6EEkz2QN0J_9RWu2sC6sdfKEZs5YKMW2vS1wB2c6gAKpfFpGZGOdsa8UVVc8mA2no2tQ5EGEpVQWVuMcoiLopVQxIH4RZy2UNx4XUrzN6nWKN7kLuMSi9zzoZ5VtjGl28YVEjq4uqx5b1pdtP8MeBiKhWbhv-GnuKOgqS
Via: 1.1 google


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    68b329da9893e34099c7d8ad5cb9c940
Sha1:   adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
Sha256: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
                                        
                                            GET /script/i.php?stamat=m%257C%252C%252Cg2ZrYiOqoGU3B_-GH0dEdHP3xP.874%252C5NynZ733vjMGv3AdQsdDK3rIFFAN9BVBr6hFwESODioCwIUq-7hwCzrPTknUpQWCZfkawTJ4h_0HsyHpv-qzc3-R4LYsNCQK7HjIYQC7j8sfHSKEIJ3Mh3aRBl1MHyeiS9Akiyo7inZKlwyqPeVBVczF3n5sy_wi3uWUf4ZFofJKnQ0dqkaQTV7wLFNtVaNNNE8RdB7oSXUCl3gsGuF_p54qZW9Bpq9yhTAc0TYq-JsXownrE1dpB9vWfoEukHamfM8bWAANSjbVWrbM2eG5Ibs8kXlo8YKH7pNDFp1U4qRKlcHBGP71vJsG5bCa137-jXsYlrtdpdpUUxvDYwHTdJ7n-5mbu5Ak0rudfvUF6WRnjLsimwNQa7fCb4WgSur0mP79AQq_zrVpK2CO8_kOhgMaNSR6EEkz2QN0J_9RWu2sC6sdfKEZs5YKMW2vS1wB2c6gAKpfFpGZGOdsa8UVVc8mA2no2tQ5EGEpVQWVuMcoiLopVQxIH4RZy2UNx4XUrzN6nWKN7kLuMSi9zzoZ5VtjGl28YVEjq4uqx5b1pdtP8MeBiKhWbhv-GnuKOgqS HTTP/1.1 
Host: www.linkonclick.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         35.186.193.41
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=utf-8
                                        
Server: openresty
Date: Sat, 05 Nov 2022 21:46:56 GMT
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Location: https://goosebomb.com/gogate/etoro/30/index.html?action=166768481610000TNOTV415326358024Vf3
Via: 1.1 google


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    68b329da9893e34099c7d8ad5cb9c940
Sha1:   adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
Sha256: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6171
Cache-Control: max-age=104576
Date: Sat, 05 Nov 2022 21:46:56 GMT
Etag: "6365b735-116"
Expires: Mon, 07 Nov 2022 02:49:52 GMT
Last-Modified: Sat, 05 Nov 2022 01:07:01 GMT
Server: ECS (amb/6BBD)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6171
Cache-Control: max-age=104576
Date: Sat, 05 Nov 2022 21:46:56 GMT
Etag: "6365b735-116"
Expires: Mon, 07 Nov 2022 02:49:52 GMT
Last-Modified: Sat, 05 Nov 2022 01:07:01 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 05 Nov 2022 21:46:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=G-E9QBCJNBNS HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 05 Nov 2022 21:46:57 GMT
expires: Sat, 05 Nov 2022 21:46:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75904
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18991)
Size:   75904
Md5:    f914bfe51cbde4a05a048a32d100ced4
Sha1:   0a7fcc6b88fdd9284a2d2be92cde1580d529c092
Sha256: 22c859db0d8d469041a8e088dce67d939c95c7ee6aa83cb9903369f6d9f107f6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 05 Nov 2022 21:46:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /B15344_A89099_TClick_S166768481610000TNOTV415326358024Vf3.aspx HTTP/1.1 
Host: med.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         96.6.17.100
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Content-Length: 241
Location: http://med.etoro.com/aw.aspx?B=15344&A=89099&Task=Click&SubAffiliateID=166768481610000TNOTV415326358024Vf3
X-Robots-Tag: noindex
Expires: Sat, 05 Nov 2022 21:46:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 05 Nov 2022 21:46:57 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   241
Md5:    6554288d061f2df600927db5c8d70da2
Sha1:   b541f8b523762b6a9e27cb214bcec0b67b0d7677
Sha256: 13caf9a8784a4697dc31565ef7e80b429786682556f284cf45a7b66f62caaea1
                                        
                                            GET /aw.aspx?B=15344&A=89099&Task=Click&SubAffiliateID=166768481610000TNOTV415326358024Vf3 HTTP/1.1 
Host: med.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         96.6.17.100
HTTP/1.1 301 Moved Permanently
                                        
Server: AkamaiGHost
Content-Length: 0
Location: https://med.etoro.com/aw.aspx?B=15344&A=89099&Task=Click&SubAffiliateID=166768481610000TNOTV415326358024Vf3
Expires: Sat, 05 Nov 2022 21:46:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 05 Nov 2022 21:46:57 GMT
Connection: keep-alive

                                        
                                            GET /aw.aspx?B=15344&A=89099&Task=Click&SubAffiliateID=166768481610000TNOTV415326358024Vf3 HTTP/1.1 
Host: med.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         96.6.17.100
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Content-Length: 0
Location: http://pages.etoro.com/social-connect/superlink_English.php?utm_medium=Networks&utm_source=89099&utm_content=0&utm_serial=166768481610000TNOTV415326358024Vf3&utm_campaign=166768481610000TNOTV415326358024Vf3&utm_term=
P3P: CP=`NOI DSP COR NID ADMa OPTa OUR NOR`
X-Robots-Tag: noindex
Expires: Sat, 05 Nov 2022 21:46:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 05 Nov 2022 21:46:57 GMT
Connection: keep-alive
Set-Cookie: ASP.NET_SessionId=xlmkdyjkhksg2ujiixs35lrj; path=/; HttpOnly; SameSite=Lax AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166768481610000TNOTV415326358024Vf3&Custom=&ClickDateTime=2022-11-05T21:46:57.2833932Z&UserUniqueIdentifier=; domain=.etoro.com; expires=Wed, 04-Jan-2023 00:00:00 GMT; path=/ AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166768481610000TNOTV415326358024Vf3&Custom=&ClickDateTime=2022-11-05T21:46:57.2833932Z&UserUniqueIdentifier=; domain=.etoro.com.cn; expires=Wed, 04-Jan-2023 00:00:00 GMT; path=/ AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166768481610000TNOTV415326358024Vf3&Custom=&ClickDateTime=2022-11-05T21:46:57.2833932Z&UserUniqueIdentifier=; domain=.etorocn.com.cn; expires=Wed, 04-Jan-2023 00:00:00 GMT; path=/ AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166768481610000TNOTV415326358024Vf3&Custom=&ClickDateTime=2022-11-05T21:46:57.2833932Z&UserUniqueIdentifier=; domain=.etoroasia-securities.com; expires=Wed, 04-Jan-2023 00:00:00 GMT; path=/ AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166768481610000TNOTV415326358024Vf3&Custom=&ClickDateTime=2022-11-05T21:46:57.2833932Z&UserUniqueIdentifier=; domain=.etoroasia.cn; expires=Wed, 04-Jan-2023 00:00:00 GMT; path=/ AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166768481610000TNOTV415326358024Vf3&Custom=&ClickDateTime=2022-11-05T21:46:57.2833932Z&UserUniqueIdentifier=; domain=.etoroasia.com; expires=Wed, 04-Jan-2023 00:00:00 GMT; path=/ AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166768481610000TNOTV415326358024Vf3&Custom=&ClickDateTime=2022-11-05T21:46:57.2833932Z&UserUniqueIdentifier=; domain=.etoroasia.com.cn; expires=Wed, 04-Jan-2023 00:00:00 GMT; path=/ AffiliateWizAffiliateID=AffiliateID=89099&ClickBannerID=0&SubAffiliateID=166768481610000TNOTV415326358024Vf3&Custom=&ClickDateTime=2022-11-05T21:46:57.2833932Z&UserUniqueIdentifier=; domain=.etoroasia-Investing.com; expires=Wed, 04-Jan-2023 00:00:00 GMT; path=/ RequestURL=URL=http://med.etoro.com/aw.aspx?b=15344&a=89099&task=click&subaffiliateid=166768481610000tnotv415326358024vf3; domain=.etoro.com; expires=Mon, 05-Dec-2022 00:00:00 GMT; path=/

                                        
                                            GET /social-connect/superlink_English.php?utm_medium=Networks&utm_source=89099&utm_content=0&utm_serial=166768481610000TNOTV415326358024Vf3&utm_campaign=166768481610000TNOTV415326358024Vf3&utm_term= HTTP/1.1 
Host: pages.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.64.152.107
HTTP/1.1 301 Moved Permanently
                                        
Date: Sat, 05 Nov 2022 21:46:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 05 Nov 2022 22:46:57 GMT
Location: https://pages.etoro.com/social-connect/superlink_English.php?utm_medium=Networks&utm_source=89099&utm_content=0&utm_serial=166768481610000TNOTV415326358024Vf3&utm_campaign=166768481610000TNOTV415326358024Vf3&utm_term=
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Set-Cookie: __cf_bm=ja0ZIaXKjMBbIFzBQD8H5fh7foihKY.JRe9BVwCShYY-1667684817-0-AVBFXcOsQFOmUM/kgWqF5nWN7xZceGwoE+3439D9ijDQfTcE0cdZnkLEmHzYSqMN+mTJGuTjZIFRWMjO51C2X0q+tiwBcFbNnK7XXd7gsTRz; path=/; expires=Sat, 05-Nov-22 22:16:57 GMT; domain=.etoro.com; HttpOnly; SameSite=None __cfruid=ede202c086390e4422cdc122890d6f5ae8af7de8-1667684817; path=/; domain=.etoro.com; HttpOnly
Server: cloudflare
CF-RAY: 7658c8fc5d820b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

                                        
                                            GET /consent/f72d065d-437e-4ee9-87c6-475882c9f118/OtAutoBlock.js HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Sat, 05 Nov 2022 21:46:57 GMT
content-length: 2072
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: uerbbQW5uv5BmqmfaAl98g==
last-modified: Tue, 14 Dec 2021 12:34:46 GMT
etag: 0x8D9BEFE1D111A88
x-ms-request-id: f237f594-901e-0118-62e7-f0b326000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 13460
expires: Sun, 06 Nov 2022 01:46:57 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7658c8fecc5bb515-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2829)
Size:   2072
Md5:    b9eadb6d05b9bafe419aa99f68097df2
Sha1:   d850dc819264475c6d1cbe6e8419a1016a659db2
Sha256: a4592788dd762df3672b970f81802bf8325dfca74ed394118867bc4946983f61
                                        
                                            GET /scripttemplates/otSDKStub.js HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 05 Nov 2022 21:46:57 GMT
content-length: 7151
content-encoding: gzip
content-md5: zvDmpz9S9y5z1XhncmOZ/w==
last-modified: Thu, 03 Nov 2022 15:58:02 GMT
etag: 0x8DABDB42FCBE8A3
x-ms-request-id: c13094db-501e-0082-139e-ef79b6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 14284
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7658c8fecc61b515-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21747)
Size:   7151
Md5:    cef0e6a73f52f72e73d57867726399ff
Sha1:   2611e0920611a653446508e5f3de017900cc49f2
Sha256: 97cc12a095136523b16da09953e6f3e405b658978cb37cbc3d3ccb9f94faf0a6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 05 Nov 2022 21:46:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cache1/hp/v_250/images/instruments/t3-3.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: ynBcBZLuM0g8KM2F3SRl5wWRChG7u8muIqcCU58ccgoEdfV0x23Je45/tjxzNW1Pv46uF30VAQQ=
x-amz-request-id: BJSN68QDJ2WRDK40
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:26 GMT
etag: "b7322c639dcf276550e310727cf76893"
x-amz-meta-sha256: 6123cab143cf8d85ef530972afd495cac11d35c417b90d8ec05724db5bd4bd3c
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: r9skgKWaP8RVY9nRMto5PlKboL4BQb73
accept-ranges: bytes
server: AmazonS3
content-length: 11012
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:57 GMT
date: Sat, 05 Nov 2022 21:46:57 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 322 x 432, 8-bit colormap, non-interlaced\012- data
Size:   11012
Md5:    b7322c639dcf276550e310727cf76893
Sha1:   136b5f1a82788708f04b74a30fcefdadaff00e43
Sha256: 6123cab143cf8d85ef530972afd495cac11d35c417b90d8ec05724db5bd4bd3c
                                        
                                            GET /cache1/hp/v_250/images/instruments/t3-4.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: CQyOioDgEwsXle/cn0DSfXbIj4PtX6wwvvY03kgw+sPBr5gMr79OxJ6rVKvDrcsLStc69BjQXWU=
x-amz-request-id: BJSNRPZPM3RB1Y56
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:26 GMT
etag: "43f62ee21492814c91e306a57be05ee7"
x-amz-meta-sha256: 55dc7c105ed71ed3781f433e6dd1943311e87e7d7330f9f11f10f0e502c170aa
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: ZJ9bAs_aawgIHhTc3zcLSZS.lxwDFu4K
accept-ranges: bytes
server: AmazonS3
content-length: 42876
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:57 GMT
date: Sat, 05 Nov 2022 21:46:57 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 660 x 684, 8-bit colormap, non-interlaced\012- data
Size:   42876
Md5:    43f62ee21492814c91e306a57be05ee7
Sha1:   77e0ddcffc72c83f9c6690f521a4594d0eacdf7a
Sha256: 55dc7c105ed71ed3781f433e6dd1943311e87e7d7330f9f11f10f0e502c170aa
                                        
                                            GET /cache1/hp/v_250/images/hp-2022/cover-desktop-half.jpg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-amz-id-2: zqCA8I7VwQ4OM57SeL41enO3ZjqGkwlCS7cjlH8/RylZXzy3zQnrVtSi0iaVUFdNRZjfpzfdllE=
x-amz-request-id: XSS69QHT5BYHDT0P
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 16:16:38 GMT
etag: "b05c8e47e71ba8a0fe73a0da54f010ef"
x-amz-meta-sha256: 2c763340f1c0aa9c8bbd9b138ea1a054282b17e1fd2831efed5bbd74c09438d7
x-amz-meta-s3b-last-modified: 20220920T161111Z
x-amz-version-id: VChvjEsOHCDhESR_vRlWIZZI9qChCEb_
accept-ranges: bytes
server: AmazonS3
content-length: 94463
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:57 GMT
date: Sat, 05 Nov 2022 21:46:57 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x2160, components 3\012- data
Size:   94463
Md5:    b05c8e47e71ba8a0fe73a0da54f010ef
Sha1:   f26455efe60bcf1e74e693574e482b0a952e3de9
Sha256: 2c763340f1c0aa9c8bbd9b138ea1a054282b17e1fd2831efed5bbd74c09438d7
                                        
                                            GET /cache1/hp/v_250/images/instruments/t1bg.jpg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-amz-id-2: YFTNty5SIcdhKq450TYHwf7SRkH10wCrNu6VxS0n04wBpLStduNxmbhS13gnNaIasJR4Ietz9UY=
x-amz-request-id: BJSVX197ACP9V7RR
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:24 GMT
etag: "2b8c66295f644aad1bbd97bffcf8f910"
x-amz-meta-sha256: 923d9c95a2e280eafb71ef8bae9001ce3bc574272986250090409b8e10b78472
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: rXQsdf5tcUphlZZ7QaAie.wlAbWxbLl7
accept-ranges: bytes
server: AmazonS3
content-length: 72188
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:57 GMT
date: Sat, 05 Nov 2022 21:46:57 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1934x1230, components 3\012- data
Size:   72188
Md5:    2b8c66295f644aad1bbd97bffcf8f910
Sha1:   f34b342b50c43263d6c130286958086addefd3d6
Sha256: 923d9c95a2e280eafb71ef8bae9001ce3bc574272986250090409b8e10b78472
                                        
                                            GET /cache1/hp/v_250/images/instruments/t1-3.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: 92R24GLatFUU0eh05veMnGqcA2KrIVfsdBz9zWssCytuT0e3Lb7tPc2v9A+iyx7fTZjRCEWnHVc=
x-amz-request-id: BJSJMDWMK7ZCK773
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:23 GMT
etag: "f61c9d2ed729320b71af181ff331cb79"
x-amz-meta-sha256: 11cf27e9710e187df6c25c3ed4ce130f8d35d9126dbacd711f68b0d2b7996763
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: YkW8_gVG77z0IkOnT2pWi2camXx3AgiY
accept-ranges: bytes
server: AmazonS3
content-length: 31786
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:57 GMT
date: Sat, 05 Nov 2022 21:46:57 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 450 x 392, 8-bit colormap, non-interlaced\012- data
Size:   31786
Md5:    f61c9d2ed729320b71af181ff331cb79
Sha1:   182f5c37accdde48b36e7803de6251cc92319b86
Sha256: 11cf27e9710e187df6c25c3ed4ce130f8d35d9126dbacd711f68b0d2b7996763
                                        
                                            GET /cache1/hp/v_250/images/instruments/t2-1.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: K4TQrvgv6tHAKlL+ySccGF7oIFbHIm62RTqZ2kB54E9ph5Z0n4O9Fr37Li7vBlcPNEqBlNn15Zg=
x-amz-request-id: BJSS8ZSZ4K6J87Q8
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:24 GMT
etag: "5a95a095169c27431449bf549b99993d"
x-amz-meta-sha256: 681caf8f93ff1be67796803a478cd4cb5df61fc228bd7388056599430d44a708
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: 6s15Jbvt_YhVTfS.Qm19BI1gvokKxcHz
accept-ranges: bytes
server: AmazonS3
content-length: 11234
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:57 GMT
date: Sat, 05 Nov 2022 21:46:57 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 744 x 504, 8-bit colormap, non-interlaced\012- data
Size:   11234
Md5:    5a95a095169c27431449bf549b99993d
Sha1:   91a11cffc857dcaa2b38fa901423b227870ac1e4
Sha256: 681caf8f93ff1be67796803a478cd4cb5df61fc228bd7388056599430d44a708
                                        
                                            GET /cache1/hp/v_250/images/instruments/t2-2.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: ky3vrANJhtTj+F60HsRTmFy7QMNFEWRYKVWaE2DyXeaBTBmkZn6svQRqLkPAK6t0vCsNwJQ9vwY=
x-amz-request-id: BJSN4THC2967ZG2T
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:24 GMT
etag: "beb13238cf465f668c413a022f5633c8"
x-amz-meta-sha256: 88e45ef77d50a2091ec00708b669d6d306bf4dc8ea78984a2a9bc14318abe6db
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: 42HIJXJNQSkchYiJUGINB9CQEa72HNtD
accept-ranges: bytes
server: AmazonS3
content-length: 21388
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:57 GMT
date: Sat, 05 Nov 2022 21:46:57 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 668 x 938, 8-bit colormap, non-interlaced\012- data
Size:   21388
Md5:    beb13238cf465f668c413a022f5633c8
Sha1:   31760dac17b8e58942c79708a4616c3a1df4b233
Sha256: 88e45ef77d50a2091ec00708b669d6d306bf4dc8ea78984a2a9bc14318abe6db
                                        
                                            GET /cache1/hp/v_250/images/instruments/t2-2a.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: Ufl333+IK+sRnq39yz/zLZBDDGAqJ3hqjeULNbOsy81coHYrh0pPuwNsCqrWwdm0Uvjiqbr3ti0=
x-amz-request-id: BJSJSH4E3B2X317K
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:24 GMT
etag: "6bedb1b3afc69447f7ea0c00993b53a8"
x-amz-meta-sha256: 55900142e5def76acbb70acdb21d824b8b06f6d90a9a52fee556a5c3d3e1dab4
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: uxnagM4KgutOS.DThfIN7h9TDKtsInO0
accept-ranges: bytes
server: AmazonS3
content-length: 1473
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:57 GMT
date: Sat, 05 Nov 2022 21:46:57 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 136 x 132, 8-bit colormap, non-interlaced\012- data
Size:   1473
Md5:    6bedb1b3afc69447f7ea0c00993b53a8
Sha1:   1281f1fd5df23a9a19bd8573619007d04f6047ac
Sha256: 55900142e5def76acbb70acdb21d824b8b06f6d90a9a52fee556a5c3d3e1dab4
                                        
                                            GET /cache1/hp/v_250/images/instruments/t3-2.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: vYYw4/nX6J0XwQyBd7Bxo8ppBa11euWIhuDvwJG3+nyQlemDKpJ4ol5vRCRWMd3J1rhCuy9Zzfk=
x-amz-request-id: BJSG6VSZV3NPRZZ5
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:25 GMT
etag: "dad8f4f5e1f7c6afaa7a1d02bbad4aae"
x-amz-meta-sha256: 82d364f0c185402cc8da9b63d834ba5056a6e814d452879c1df6cd9cfbf8d2b5
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: .ea0J.LF3Tey.FSpyPfEDCWl6aYThAFP
accept-ranges: bytes
server: AmazonS3
content-length: 21261
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:57 GMT
date: Sat, 05 Nov 2022 21:46:57 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 436 x 390, 8-bit colormap, non-interlaced\012- data
Size:   21261
Md5:    dad8f4f5e1f7c6afaa7a1d02bbad4aae
Sha1:   7c47738ec815ba441c70d30967035c1a2c3a34ff
Sha256: 82d364f0c185402cc8da9b63d834ba5056a6e814d452879c1df6cd9cfbf8d2b5
                                        
                                            GET /cache1/hp/v_250/images/instruments/t1-2.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: CLncvM4L18ZkiKjHvjGrOYpGKksF2UJqMLsRtr7/JixW0QqS6mNX7SWENSlm9Aj8le9WdCqQ7XM=
x-amz-request-id: BJSTAV1CC0CZR8SW
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:23 GMT
etag: "a0edff04cdbe03fe84f35b2368beedd9"
x-amz-meta-sha256: 51a46214b92336ada7340f10305a167388d3421a6cd322090db15d5703dfa7d7
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: gsLHL9_akY3qvzziYmuZ43tVdbQ8cOch
accept-ranges: bytes
server: AmazonS3
content-length: 115422
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:57 GMT
date: Sat, 05 Nov 2022 21:46:57 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 588 x 638, 8-bit colormap, non-interlaced\012- data
Size:   115422
Md5:    a0edff04cdbe03fe84f35b2368beedd9
Sha1:   6231c9d9265502517533892d8a0f42d5790c0310
Sha256: 51a46214b92336ada7340f10305a167388d3421a6cd322090db15d5703dfa7d7
                                        
                                            GET /optimize.js?id=GTM-55ZB4XN HTTP/1.1 
Host: www.googleoptimize.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.46
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 05 Nov 2022 21:46:57 GMT
expires: Sat, 05 Nov 2022 21:46:57 GMT
cache-control: private, max-age=900
last-modified: Sat, 05 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43938
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43938
Md5:    9eaff5882eb16b3d940493e80f6144df
Sha1:   bf40d0336a7c6397c8caa17ec3aed8079546b596
Sha256: 4a4bdaef8dddf766b0e36f6e5af0ccc655593acf0ea1699d61dde7a7deef674c
                                        
                                            POST /g/collect?v=2&tid=G-E9QBCJNBNS&gtm=2oeb20&_p=1007182284&cid=1200340193.1667684815&ul=en-us&sr=1280x1024&_s=1&sid=1667684815&sct=1&seg=0&dl=https%3A%2F%2Fgoosebomb.com%2Fgogate%2Fetoro%2F30%2Findex.html%3Faction%3D166768481610000TNOTV415326358024Vf3&dt=loading...&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: null
date: Sat, 05 Nov 2022 21:46:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /cache1/hp/v_250/images/instruments/t2bg.jpg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-amz-id-2: CzOhkgu5Y0R6HoaBI3spOEsIC0ULFFWfQP/StDzqj7O8zeKrbqTF2gmrAiXeQrLylU+M0/ANeRM=
x-amz-request-id: BJSZ59B0WDG7GH0E
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:25 GMT
etag: "19c57357b906758af6469a6b2a2c8846"
x-amz-meta-sha256: 358be7efee5b5551b4c5a7d977226283bfc40d89b01417e354aa1bfc098da8a2
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: RNRY.bWk105UAkjO4Db33xjz7lHZilcf
accept-ranges: bytes
server: AmazonS3
content-length: 66908
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:57 GMT
date: Sat, 05 Nov 2022 21:46:57 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1933x1230, components 3\012- data
Size:   66908
Md5:    19c57357b906758af6469a6b2a2c8846
Sha1:   e360a5922a6d44ca6066ff5dff01ef2440fd7368
Sha256: 358be7efee5b5551b4c5a7d977226283bfc40d89b01417e354aa1bfc098da8a2
                                        
                                            GET /cache1/hp/v_250/images/instruments/t3bg.jpg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-amz-id-2: XyBWTcKB6ZnhqlKK/cUvo3Mkusx8tebxk8v4iJZ1SngSydT4rYfmHqKA1NPou6jsVLdVHFTSpuc=
x-amz-request-id: BJSW4ZMF254PA5ET
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:26 GMT
etag: "6d94c8cb40dfa33fccc8b4800f2c7e0e"
x-amz-meta-sha256: a0bb83d719f2fdf76bae2c031b6a10875676bf1d0c47dae43c8182b7b8f95eda
x-amz-meta-s3b-last-modified: 20220907T173456Z
x-amz-version-id: pyA8G.VrAE4shNTZPyu3hFkUKsSZGk39
accept-ranges: bytes
server: AmazonS3
content-length: 59017
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:57 GMT
date: Sat, 05 Nov 2022 21:46:57 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1933x1230, components 3\012- data
Size:   59017
Md5:    6d94c8cb40dfa33fccc8b4800f2c7e0e
Sha1:   745c0d98d4cde90d8717feadfa120e0cc20dab1f
Sha256: a0bb83d719f2fdf76bae2c031b6a10875676bf1d0c47dae43c8182b7b8f95eda
                                        
                                            GET /cache1/assets/css/onetrust.css HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: text/css
                                        
x-amz-id-2: 7vqiIPn64ptqVNwIM1fvJGjbv11IUdsOT6JKR8Cyxsr81DT/4uax9s7iGzI7fTeV0SwX20GmqJE=
x-amz-request-id: Z3V5BX28EG5962WS
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Jun 2022 12:30:17 GMT
etag: "66e8b2c112ebb5bb9b4fc326d3d5f87b"
x-amz-meta-sha256: 55c8a3b763077bf16466a3a9af5b7e5b2baba7d345cd90b50403058a633bda48
x-amz-meta-s3b-last-modified: 20220616T122823Z
x-amz-version-id: Qcu9.b5PJ70a2SNFK2gJjtsbcFrk1Lur
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:57 GMT
date: Sat, 05 Nov 2022 21:46:57 GMT
content-length: 2655
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (885)
Size:   2655
Md5:    b3f403de6d79b34f32dba5e4effaabc2
Sha1:   7b436b6060e88daf19f12bd27cbe2533d25a2343
Sha256: 3ec0cde05873dde93c16f4b4f3b7ca7e236ba4e82ab595ee8f13b959f5b2813a
                                        
                                            GET /others/logger/logger.js HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: rFRtyRRvy8awZWbEw8KKBuYcsMr0FOn3VrHsw7WXTDWRDWcW8NmTXAtMX967njSth5isxYRudTE=
x-amz-request-id: 114803B553D57FD9
x-amz-replication-status: COMPLETED
last-modified: Wed, 15 Jan 2020 16:04:01 GMT
etag: "3a046ce8f3379b2e5a5fa5ee3ed02808"
x-amz-meta-s3b-last-modified: 20200115T160219Z
x-amz-version-id: RlsNx2j0zjqTyHD11R2PocORgBI_87x2
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sat, 05 Nov 2022 21:51:57 GMT
date: Sat, 05 Nov 2022 21:46:57 GMT
content-length: 2285
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5055), with no line terminators
Size:   2285
Md5:    f620bec033fe844135374191b331937d
Sha1:   ef75dd9e7bddaaa53d9171c7b6869f5d72553f51
Sha256: c61b3f992c23497120340e96694c29b94ca8b2576820677e0432031b636eee87
                                        
                                            GET /consent/f72d065d-437e-4ee9-87c6-475882c9f118/f72d065d-437e-4ee9-87c6-475882c9f118.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Sat, 05 Nov 2022 21:46:57 GMT
content-length: 1490
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: ZDmDXaPoXLaResBrLasrNw==
last-modified: Tue, 14 Dec 2021 12:34:46 GMT
etag: 0x8D9BEFE1D14004E
x-ms-request-id: 16122373-c01e-0026-35e7-f04352000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 13103
expires: Sun, 06 Nov 2022 01:46:57 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7658c9005e6ab515-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (4265), with no line terminators
Size:   1490
Md5:    6439835da3e85cb6917ac06b2dab2b37
Sha1:   b65ad002a7c48559e9124256295c1c688e8f3084
Sha256: bd2d9654f22da1c44528cfd8a925b24a3b015d80bee375849d1e8800a8970c21
                                        
                                            GET /t/1.css?apiType=css&projectid=1be8a670-63f2-11ec-84cb-06c8b378e9d2 HTTP/1.1 
Host: cdn.fonts.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.224.78
HTTP/2 200 OK
content-type: text/css
                                        
date: Sat, 05 Nov 2022 21:46:58 GMT
content-length: 0
x-amz-id-2: 0YZ0H80/30MgBTG2ijPKvwK2o4c7bg1oKeBH6NC/Vct0AWcwyu8ktTQ8I/j+udXxbuBe4+WEVrY=
x-amz-request-id: K2GEEGSX18GPYAHC
last-modified: Thu, 20 Oct 2022 08:49:27 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=300
cf-cache-status: HIT
age: 219396
expires: Sat, 05 Nov 2022 21:51:58 GMT
accept-ranges: bytes
set-cookie: __cf_bm=09ecdDnRsIXSQl2PojC6PBq_RY8J8b14nRoGzms068s-1667684818-0-AddoxSpKNE9poGoHVTqgh/s6Wm2yuTJmgkrRVkh/489Vf/dl8NdGZR3gDDoXNU0u7YIqIq0iYNN+iCJFGCeSo6o=; path=/; expires=Sat, 05-Nov-22 22:16:58 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7658c9008afcb50b-OSL
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6369
Cache-Control: max-age=140420
Date: Sat, 05 Nov 2022 21:46:58 GMT
Etag: "63664275-116"
Expires: Mon, 07 Nov 2022 12:47:18 GMT
Last-Modified: Sat, 05 Nov 2022 11:01:09 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /cache1/fonts/madera2/Madera-Regular.woff2 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/font-woff2
                                        
x-amz-id-2: giTQxaaku6b/my15IZ7MGbnS0j3R+Drz9aYHcOnTWdLimAm+vlONGNcGBk1VXAhvbuCj0dmjAZs=
x-amz-request-id: RB02W0BVGXZQ1Q0C
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Feb 2022 18:32:32 GMT
etag: "4a61fe67108ddbb01a2ceaf3687ba30e"
x-amz-meta-sha256: 2be6e9d5643e9857ffdb9f65021173c77f920dac2e106ee31b2f38608d5ac661
x-amz-meta-s3b-last-modified: 20220203T192734Z
x-amz-version-id: rdjZTCyTVtTzW48kSfmVzYhmpJIbNpae
accept-ranges: bytes
server: AmazonS3
content-length: 31960
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 31960, version 1.0\012- data
Size:   31960
Md5:    4a61fe67108ddbb01a2ceaf3687ba30e
Sha1:   3a60eb0e91c3f79e58c93ac63f040f07c5c4e058
Sha256: 2be6e9d5643e9857ffdb9f65021173c77f920dac2e106ee31b2f38608d5ac661
                                        
                                            GET /cache1/hp/v_250/images/flags-hd2022.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: TBVqRoB02EDyfVmR0znW/MNspedH9bXBBIhZ5E5yqJ3jEmjjuff+OOrTSAXRCNf4skiXRHJz8GQ=
x-amz-request-id: Y4J7D71XBE8X7XME
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 15:06:18 GMT
etag: "69d14115558936d84e16ec7efd2f4f45"
x-amz-meta-sha256: 68de9a9df604b303ce3c1c4fd7f977ecd4eeea196253f88d01d605a262c72a26
x-amz-meta-s3b-last-modified: 20220920T144902Z
x-amz-version-id: otKQpwD91003SDrhrFJwP7u7k7kYEK4v
accept-ranges: bytes
server: AmazonS3
content-length: 16703
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 830 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size:   16703
Md5:    69d14115558936d84e16ec7efd2f4f45
Sha1:   a6268986699c86e577ca5589a0fcf2880661f7ea
Sha256: 68de9a9df604b303ce3c1c4fd7f977ecd4eeea196253f88d01d605a262c72a26
                                        
                                            GET /cache1/fonts/tusker/TuskerGrotesk-3500Medium.woff2 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/font-woff2
                                        
x-amz-id-2: TnE1OvfRhb4wemqIMdAklRBV9anTek/CjSVpczlM56PMWdd3Awm6/s25i8C/yNMd3Kztf88tMvY=
x-amz-request-id: 0RKDVHM0FMVA32ZS
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Sun, 06 Feb 2022 22:24:49 GMT
etag: "1f385d1ea2e1c06cda506bafc17a4a94"
x-amz-meta-sha256: e71acf0321143c30f016a710cfb525b48b2ba940ac7d83660614082eb06880ca
x-amz-meta-s3b-last-modified: 20220206T231742Z
x-amz-version-id: U.WW5Nm_KS0r7k_Vxl0S9.MycmUEi2Pu
accept-ranges: bytes
server: AmazonS3
content-length: 11992
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 11992, version 1.0\012- data
Size:   11992
Md5:    1f385d1ea2e1c06cda506bafc17a4a94
Sha1:   0dc0ebf0502018976383091908379054b5a3cfed
Sha256: e71acf0321143c30f016a710cfb525b48b2ba940ac7d83660614082eb06880ca
                                        
                                            GET /cache1/fonts/tusker/TuskerGrotesk-4700Bold.woff2 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/font-woff2
                                        
x-amz-id-2: xDtdJzSi21sF7CpiuxjIbrQdQrHfCf0qZSuIYVXllN38HVN7OiOcLrLEIAOZRHPfr0UXkqds/bQ=
x-amz-request-id: 0RKEXE4EJ8774W83
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Sun, 06 Feb 2022 22:24:52 GMT
etag: "ee570da55652b90a2222880a1ece7323"
x-amz-meta-sha256: 26c2ac92dcf7740f3239e5c1dc01c2e90bf468aacaea52438db80c031af94962
x-amz-meta-s3b-last-modified: 20220206T231740Z
x-amz-version-id: _nNBWNk.b.aBJaK32Y.ScZnJcz4Is6Dl
accept-ranges: bytes
server: AmazonS3
content-length: 12028
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12028, version 1.0\012- data
Size:   12028
Md5:    ee570da55652b90a2222880a1ece7323
Sha1:   d9a81b65239041b42c6aed22f5809797f0574c1e
Sha256: 26c2ac92dcf7740f3239e5c1dc01c2e90bf468aacaea52438db80c031af94962
                                        
                                            GET /cookieconsentpub/v1/geo/location HTTP/1.1 
Host: geolocation.onetrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.64.146.158
HTTP/2 200 OK
content-type: application/json
                                        
date: Sat, 05 Nov 2022 21:46:58 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7658c900cce0fac0-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   31724
Md5:    738e81b98a35f2e81293bc75cabb4214
Sha1:   d1f9565445e7949dfd2a241bc01157d69be3e810
Sha256: 0e44799690666a452aa3cb675e0dd29e8a5a67342e82a5ea5d59e3d7e6254ec2
                                        
                                            GET /cache1/fonts/madera2/Madera-Medium.woff2 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/font-woff2
                                        
x-amz-id-2: d6poWwwwj9abPq/ES4oNvQTY1I4y2hMv1EdVnTf07kpNv7a2N1tn1ySx9pMV8KWPcG6wwi1unZI=
x-amz-request-id: K8KWP566ERFJBVE1
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Feb 2022 18:32:29 GMT
etag: "9d7f82d9510b57b2d00f328d87ef3869"
x-amz-meta-sha256: c464ce47b2b31c08077e73656eb309e07cecd335cbc93c87efe552e281de0815
x-amz-meta-s3b-last-modified: 20220203T192736Z
x-amz-version-id: VMc3owpvYk5nHUjZ.xX4Wq.u2RPawBMa
accept-ranges: bytes
server: AmazonS3
content-length: 31844
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 31844, version 1.0\012- data
Size:   31844
Md5:    9d7f82d9510b57b2d00f328d87ef3869
Sha1:   2a031c8ae51e62d8dc30fa0bb47f57a3695224c1
Sha256: c464ce47b2b31c08077e73656eb309e07cecd335cbc93c87efe552e281de0815
                                        
                                            GET /cache1/fonts/madera2/Madera-Bold.woff2 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/font-woff2
                                        
x-amz-id-2: WQ8beP0j6j+XiswbzEpXZzamytHc5Av0QHRr7qawf362iuN3koZ3ealTS4jkLvOGZ6OcInkYl0Y=
x-amz-request-id: RB02FFVVAVWJVG5D
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Feb 2022 18:32:24 GMT
etag: "db85a0ddc6f6973df4bc98a1b2ed9d65"
x-amz-meta-sha256: 26902b4d0a3ba49a4a9b3aa0c8f9c185270ee162252f78cec00c831c9f5b05f8
x-amz-meta-s3b-last-modified: 20220203T192740Z
x-amz-version-id: zGguxQ5kSDF0NdIOnvToUoLZcOnV9szR
accept-ranges: bytes
server: AmazonS3
content-length: 31920
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 31920, version 1.0\012- data
Size:   31920
Md5:    db85a0ddc6f6973df4bc98a1b2ed9d65
Sha1:   c6bba41edc8501b76aed9bff58597edef1c2502f
Sha256: 26902b4d0a3ba49a4a9b3aa0c8f9c185270ee162252f78cec00c831c9f5b05f8
                                        
                                            GET /cache1/hp/v_250/js/waypoints.min.js HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: 9lFezzLGhy5accCsGYcyDyckewdqZE6Df8H6ytpCQuSWrMcKQiCNX7H2YhvOccJk0UxxBNsnPHo=
x-amz-request-id: 5E8B8NFW9H2EH0EG
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:43:00 GMT
etag: "1b79decba8cf0c886b7be539cfdbaa16"
x-amz-meta-sha256: 291c0fb451ed0410d515b7c4f0eeb429cae40f52a560a67aed3de8d7210e75a3
x-amz-meta-s3b-last-modified: 20200803T094544Z
x-amz-version-id: OAj0wpBsOOe0r5kxCMrusioy2xpCNFTE
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
content-length: 2635
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8887), with no line terminators
Size:   2635
Md5:    1d2137aea2d4a9fca68a7b135e2cb9f3
Sha1:   e97ca29d385352fc286f1711bbdc45584161a316
Sha256: ea701f82ca58f8a09ebd7d00a58deb97c1c2a09ecdd3a5486e91dab13f98113e
                                        
                                            GET /cache1/hp/v_250/js/slick.min.js HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: JlrnGLJ6W/UxGhdYSC8CH8xghXbLPjPNChhyxW9KZUfoGKU71X7LjptjjFXM/+ltoatY8umxNmk=
x-amz-request-id: 5E85XVS4GHHW1N8V
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:43:00 GMT
etag: "823f2a98db35550b1d2a78f530b1c633"
x-amz-meta-sha256: 0cf4b4cdcf20a06c8cfb25a84b84e0c7e81f51cd78de9b6231a1b54ed0e0935b
x-amz-meta-s3b-last-modified: 20200803T094544Z
x-amz-version-id: YetQublaGzZokQiJoN6572gELuBFGXNz
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
content-length: 9568
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32034), with CRLF line terminators
Size:   9568
Md5:    17232e2fe3e81d95e6f1cb7c4d5b9e57
Sha1:   510e1569ab0187ef5712a7630d673536e8c519ac
Sha256: 4bd093df7a16ca8f4d58c12a14859fdc0ef3f8ffb58c9b82126031787f2f5132
                                        
                                            GET /cache1/hp/v_250/js/jquery-3.5.1.min.js HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: e54UiWLmzXf08GlFZQOwNLmjw248K84CkHRaduvC3FXRYfpbzInEkKvkHjrXjI1R6iLGr6Oq0hk=
x-amz-request-id: 5E8854E5AX589C4N
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:57 GMT
etag: "dc5e7f18c8d36ac1d3d4753a87c98d0a"
x-amz-meta-sha256: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
x-amz-meta-s3b-last-modified: 20210919T132249Z
x-amz-version-id: 4aWmwoVEWdk_DjJ9o9.1cbellEQnGA4x
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
content-length: 30950
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30950
Md5:    e96fc85ce0a9070920b87b1072dd9e1d
Sha1:   afd9871c95caf6a26ae56e8c661789d00c510162
Sha256: 43e3ac1190912814c4b67ca3512c14745d1b41ce4740d3df73ead62561ca31dd
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2778
Cache-Control: max-age=153003
Date: Sat, 05 Nov 2022 21:46:58 GMT
Etag: "636681a3-2d7"
Expires: Mon, 07 Nov 2022 16:17:01 GMT
Last-Modified: Sat, 05 Nov 2022 15:30:43 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 727

                                        
                                            GET /cache1/hp/v_250/images/favicon/apple-touch-icon.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: zS7BtNRDYQQ8zMJHkYU73f6dvQrBR4/jG9pLiV2+ECAWJIWOshj7kabGoiH6CH3KtwiY7bnoVT4=
x-amz-request-id: 85NM0JGJ52A3JDYD
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:41:47 GMT
etag: "8d34d8eb122958024d6319988331e68a"
x-amz-meta-sha256: f14f9af8a7d4a1acaea97621a6d43cc34f1c430b318be76f58898d98efd9ab90
x-amz-meta-s3b-last-modified: 20200803T094544Z
x-amz-version-id: Q2EbxWG5EYMEKf0iJz44VFOyVRrx2PXV
accept-ranges: bytes
server: AmazonS3
content-length: 4959
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Size:   4959
Md5:    8d34d8eb122958024d6319988331e68a
Sha1:   e79ac403f17e240360be6f5540b8e7dd4a5bb9a6
Sha256: f14f9af8a7d4a1acaea97621a6d43cc34f1c430b318be76f58898d98efd9ab90
                                        
                                            GET /cache1/hp/v_250/images/favicon/favicon-16x16.png HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: q9Fv8gRd6+b337XtoTpjf0lXha/xDl8MDnEInDhNQHkRs5JLXmey+zDMgkhZFANHULI0QMT1Yxk=
x-amz-request-id: 85NZMGGA0Z9XBNVH
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:41:48 GMT
etag: "6f73b13c53883dda26ced7b25bdf69ef"
x-amz-meta-sha256: 4470f15d8d0268f1cf44bfc45a544baa38a6aa114dab9ad02b76b48034d156b9
x-amz-meta-s3b-last-modified: 20200803T094544Z
x-amz-version-id: 8hLOOpLCaCPyjH8.y7Cb39Asiw_Qt5uv
accept-ranges: bytes
server: AmazonS3
content-length: 1020
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size:   1020
Md5:    6f73b13c53883dda26ced7b25bdf69ef
Sha1:   a4743cd740ba05c518cc754a3ab2715f6a23d762
Sha256: 4470f15d8d0268f1cf44bfc45a544baa38a6aa114dab9ad02b76b48034d156b9
                                        
                                            GET /cache1/hp/v_250/css/style-newhp.min.css?v=1666787325 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: text/css
                                        
x-amz-id-2: g5fiwg1ft1Jxng2RKuk7Z/lACSinLzfvO5kH9ixaHcrahayal0jBjQMiuoOqlAvNIgjaL/+RArE=
x-amz-request-id: J8GDC0W3AMQ7ADYB
x-amz-replication-status: COMPLETED
last-modified: Sun, 30 Oct 2022 09:34:19 GMT
etag: "c8963614c49a0f5d983090b1fa0a3572"
x-amz-meta-sha256: c0652e80608a817ff6a379283655cb36e993d8c5d594066cf6eb382216a439c0
x-amz-meta-s3b-last-modified: 20221030T092425Z
x-amz-version-id: TayTbjCm6HKZHAZGqScoxrvkeay0uODd
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
content-length: 8215
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (58090)
Size:   8215
Md5:    fbc2c93340e23a203000fe778459d920
Sha1:   504e6430b144bde6d7f36cbe9a96db939de780a5
Sha256: 1a8673e96ae257b1637e7cceeb714e3dada91542d3a8ddaffd7802bcbe562727
                                        
                                            GET /scripttemplates/6.27.0/otBannerSdk.js HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 05 Nov 2022 21:46:58 GMT
content-length: 78056
content-encoding: gzip
content-md5: 8eaHtBigP1U3b42ruIgxsQ==
last-modified: Mon, 29 Nov 2021 20:31:00 GMT
etag: 0x8D9B37727F240FD
x-ms-request-id: 7f82bfc5-f01e-0048-0667-33ea7b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 14263
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7658c9032a47b515-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65455)
Size:   78056
Md5:    f1e687b418a03f55376f8dabb88831b1
Sha1:   59e7de3f39b2bd1d3cff8b1286f317d913a03fac
Sha256: a8f0ed59befb0dc3da4e194382166d61584fc77442140cdbe734a761ca07ded2
                                        
                                            GET /box-c6ca1c87e308a39aabb76b56ba54398b.html HTTP/1.1 
Host: vars.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         143.204.55.118
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1035
date: Fri, 04 Nov 2022 12:22:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "b6d25d1350d6a014d80689f389e76f97"
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PB6QlPBV5U9hnpETUmeBmKF60OFaxv_W7q_pyaLOA4eqeHgZ_oCFMw==
age: 120292
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size:   1035
Md5:    b6d25d1350d6a014d80689f389e76f97
Sha1:   a957e3d99790759f71a4d9e2fdaf819f60e8c569
Sha256: fb2a1528b99d3eb4c9374642b5045efaf6e06666fdd48a55560a375449b01079
                                        
                                            GET /cache1/hp/v_250/images/hp-2022/social-icon.svg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marketing.etorostatic.com/cache1/hp/v_250/css/style-newhp.min.css?v=1666787325
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/svg+xml
                                        
x-amz-id-2: l1YrXFKswOQZpSqx+stH8lJL+DWQ6RcFIQ0aNHXxJZeQxjwSOLOKtG9cBtzfRtOx6ohGxo31gvc=
x-amz-request-id: P36XX1E9T43RS2YY
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:16 GMT
etag: "750fadde7ed0d8a59cb37992f69df5b7"
x-amz-meta-sha256: aea9129059463c32ea4bba24765fcebc7f607697a6e6ddfe45396a5d8c79ff27
x-amz-meta-s3b-last-modified: 20220312T200400Z
x-amz-version-id: nRgy5otmVkjeop3w29cK3B5sQq32WsQv
accept-ranges: bytes
server: AmazonS3
content-length: 5136
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2125)
Size:   5136
Md5:    750fadde7ed0d8a59cb37992f69df5b7
Sha1:   c59d2044108d649ce3c10e1ae1084f20eaa7b6b4
Sha256: aea9129059463c32ea4bba24765fcebc7f607697a6e6ddfe45396a5d8c79ff27
                                        
                                            GET /cache1/hp/v_250/images/hp-2022/reliability-icon.svg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marketing.etorostatic.com/cache1/hp/v_250/css/style-newhp.min.css?v=1666787325
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/svg+xml
                                        
x-amz-id-2: LzbecIzhwvBoQ7BWygJldYYYM6We6Ivc0s9yeELNTux/bvYN3Yt+4RBXo+6y+IJIMyE0XHUm5Ew=
x-amz-request-id: P36RY7P00A1N12Z3
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:15 GMT
etag: "0a6e20a299b321b57e48a9c83871cc0c"
x-amz-meta-sha256: f63e3109498dbf1f9ff656b0b151cf3a9ae0c22cb74369a32f1cd726dde79a19
x-amz-meta-s3b-last-modified: 20220312T200400Z
x-amz-version-id: YLr9yDu4y6poTawQ7WP7MojiYbCk.0rk
accept-ranges: bytes
server: AmazonS3
content-length: 2891
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (450)
Size:   2891
Md5:    0a6e20a299b321b57e48a9c83871cc0c
Sha1:   b3474e03f92a55d42c5ee4032fb1f7b38bd5fd80
Sha256: f63e3109498dbf1f9ff656b0b151cf3a9ae0c22cb74369a32f1cd726dde79a19
                                        
                                            GET /cache1/hp/v_250/images/hp-2022/reputation-icon.svg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marketing.etorostatic.com/cache1/hp/v_250/css/style-newhp.min.css?v=1666787325
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/svg+xml
                                        
x-amz-id-2: Ihx3lBRD+qT3COxacNhADs25840cosw7qQjWNARp2NEbhy2sQGGC6bcDQn8R8zkCgoXq9Qg6fjs=
x-amz-request-id: P36HSNCC0CCGYRB4
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:16 GMT
etag: "7dc0a2667b5de60ff9a96c6ebcca9a7b"
x-amz-meta-sha256: fcd6bf6244f1c8d6344c40b4222142f6fe020a3c8539c97c0db2b3bb18c7e92f
x-amz-meta-s3b-last-modified: 20220312T200400Z
x-amz-version-id: sr2qY5Yx1bOPXsrLw8D.ycZfr6bVRigS
accept-ranges: bytes
server: AmazonS3
content-length: 3894
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (774)
Size:   3894
Md5:    7dc0a2667b5de60ff9a96c6ebcca9a7b
Sha1:   cf77125f3a15d8e1ef12bd5ffaabfb020b439c4b
Sha256: fcd6bf6244f1c8d6344c40b4222142f6fe020a3c8539c97c0db2b3bb18c7e92f
                                        
                                            GET /cache1/hp/v_250/images/hp-2022/globe-icon.svg HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marketing.etorostatic.com/cache1/hp/v_250/css/style-newhp.min.css?v=1666787325
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: image/svg+xml
                                        
x-amz-id-2: zEZql33RdFD015QzhOK47P8wzFLSFm/IcV6Blksieco1+krqTMPmOXsvpWNCUzjqRe5kvLJGWuU=
x-amz-request-id: P36N4Q9BMY5E42PD
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Sep 2022 17:42:11 GMT
etag: "d8016306372e33ba7354032b4de316ac"
x-amz-meta-sha256: 3c0a8e3833fe2d4d7d1223b97cd931988d4069eb89071d4d55b3a1434a02d571
x-amz-meta-s3b-last-modified: 20220312T200400Z
x-amz-version-id: qXWG2jxf6eO4.Ee8JU9epi0qWNdNYdex
accept-ranges: bytes
server: AmazonS3
content-length: 3405
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (575)
Size:   3405
Md5:    d8016306372e33ba7354032b4de316ac
Sha1:   7caeb070e9f95ab00ca267ad95c37530d3be361e
Sha256: 3c0a8e3833fe2d4d7d1223b97cd931988d4069eb89071d4d55b3a1434a02d571
                                        
                                            GET /cache1/fonts/socials/socials.ttf?qtqow1 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/x-font-ttf
                                        
x-amz-id-2: VqG8Xoz+PNUpc5ek0EHqjuCErGzCqKx3w2Mb/U3IRKb02qkQEhEC1dsBPpa357J3lamLhU00/dI=
x-amz-request-id: ABP0NYTQMK8XRN5V
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Jan 2022 19:09:35 GMT
etag: "379e2da7fbcf7192af131dab8664fa44"
x-amz-meta-sha256: 8c31b82294313eacadc653a0eeac4cc2c911b75c8f3792453823e72c3c73b3f2
x-amz-meta-s3b-last-modified: 20220111T153358Z
x-amz-version-id: 64DCSoh81dgHS5BU7pf3T55ups5kO3ge
accept-ranges: bytes
server: AmazonS3
content-length: 2232
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, socials \012- data
Size:   2232
Md5:    379e2da7fbcf7192af131dab8664fa44
Sha1:   191a7c64f76a91ab3ac7418ef12e16155ffe916b
Sha256: 8c31b82294313eacadc653a0eeac4cc2c911b75c8f3792453823e72c3c73b3f2
                                        
                                            GET /cache1/fonts/socials/socials.woff?qtqow1 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://marketing.etorostatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 200 OK
content-type: application/octet-stream
                                        
x-amz-id-2: SbuN5uTeAbiLvwg0l6RWT5GcWDZBpW5c/cufnxT2YwGTrQ28ARdF3bRVi+0p5zOx3aqQYMQ0XQ8=
x-amz-request-id: P9HV07KX2C62PBM9
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Jan 2022 19:09:35 GMT
etag: "b63c50623057857a66071527d3d19e34"
x-amz-meta-sha256: 1e0140569fe23bdc3e016d72430447b3ce26f9edc0ab13d468c0b0588f9cffcc
x-amz-meta-s3b-last-modified: 20220111T153358Z
x-amz-version-id: k7ckggrGpXnM_OQiM5sA8.VZMQT0daDq
accept-ranges: bytes
server: AmazonS3
content-length: 2308
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 2308, version 1.0\012- data
Size:   2308
Md5:    b63c50623057857a66071527d3d19e34
Sha1:   60a97e3734cf76a48f1605076590257bfd370f5e
Sha256: 1e0140569fe23bdc3e016d72430447b3ce26f9edc0ab13d468c0b0588f9cffcc
                                        
                                            GET /cache1/hp/v_250/videos/cover-desktop-half.mp4 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=2588672-
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
x-amz-id-2: k0S3PTtQ6A7+7DCDF0jarhfLPTSbwVz1bTqEGKIUxZtmifOjl4sOuF9FVlox4Ojv2OaWaUfjwJU=
x-amz-request-id: VAB4HZ7XE1BNTWVP
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 16:16:56 GMT
etag: "53205974fecdfed20a25d53ffbfd6bef"
x-amz-meta-sha256: 086a1f99f93c021b8bd1aa13042c342054e3da9302fc41c00c55b31f7c7058ae
x-amz-meta-s3b-last-modified: 20220920T155830Z
x-amz-version-id: 5gD_fe1tCLrWjg18GcLMs5qAtl1xDeyt
accept-ranges: bytes
server: AmazonS3
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
content-range: bytes 2588672-2625182/2625183
content-length: 36511
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   36511
Md5:    d2ac9aa4d77b9430c5ad19d0c1546076
Sha1:   8bae7ca2e0ad65ac49cc0de9c6c5887c59f4db60
Sha256: 7483a4524ee20681692af93c354ace8d5c67137e8403f36f826049850da89b0a
                                        
                                            GET /cache1/hp/v_250/videos/cover-desktop-half.mp4 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
x-amz-id-2: k0S3PTtQ6A7+7DCDF0jarhfLPTSbwVz1bTqEGKIUxZtmifOjl4sOuF9FVlox4Ojv2OaWaUfjwJU=
x-amz-request-id: VAB4HZ7XE1BNTWVP
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 16:16:56 GMT
etag: "53205974fecdfed20a25d53ffbfd6bef"
x-amz-meta-sha256: 086a1f99f93c021b8bd1aa13042c342054e3da9302fc41c00c55b31f7c7058ae
x-amz-meta-s3b-last-modified: 20220920T155830Z
x-amz-version-id: 5gD_fe1tCLrWjg18GcLMs5qAtl1xDeyt
accept-ranges: bytes
server: AmazonS3
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
content-range: bytes 0-2625182/2625183
content-length: 2625183
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   1529959
Md5:    103e5067fc34f92bba2a94499e2e7905
Sha1:   96c2b47633352c69081a0ad59595d43ab702e679
Sha256: fc36ae98414ba9b3acb233b15a8b855389f6c1b83fae7f19a4cf77d32199c1e6
                                        
                                            GET /apps/app/dist/js/app.js HTTP/1.1 
Host: acsbapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         138.128.247.123
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: max-age=432000 public
expires: Sun, 06 Nov 2022 21:46:58 GMT
last-modified: Tue, 01 Nov 2022 18:06:07 GMT
etag: "6aab4-6361600f-af3ebb833015feec;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 142347
date: Sat, 05 Nov 2022 21:46:58 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (61000), with no line terminators
Size:   142347
Md5:    09e8b17fe8fb4fd2f6bd3e814adeb976
Sha1:   05f09e2001c9bfc7bd0ada6831b4edaeb1fc2f08
Sha256: fd0952431ab51c8c8a234b8df7917f7b0bba2a67c06e9fa27697ce7b476fb571
                                        
                                            POST /api/v2/monitoring?applicationIdentifier=marketingSites HTTP/1.1 
Host: etorologsapi.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 572
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         20.54.209.212
HTTP/2 200 OK
                                        
date: Sat, 05 Nov 2022 21:46:58 GMT
content-length: 0
server: Kestrel
cache-control: private, max-age=0, must-revalidate=true, noCache=true, noStore=true
vary: Origin
access-control-allow-origin: https://www.etoro.com
request-context: appId=cid-v1:fd70748c-8efd-4b7f-a0f0-36ea0c443ced
X-Firefox-Spdy: h2

                                        
                                            GET /cache1/hp/v_250/videos/cover-desktop-half.mp4 HTTP/1.1 
Host: marketing.etorostatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=1081344-
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.201.117
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
x-amz-id-2: k0S3PTtQ6A7+7DCDF0jarhfLPTSbwVz1bTqEGKIUxZtmifOjl4sOuF9FVlox4Ojv2OaWaUfjwJU=
x-amz-request-id: VAB4HZ7XE1BNTWVP
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 16:16:56 GMT
etag: "53205974fecdfed20a25d53ffbfd6bef"
x-amz-meta-sha256: 086a1f99f93c021b8bd1aa13042c342054e3da9302fc41c00c55b31f7c7058ae
x-amz-meta-s3b-last-modified: 20220920T155830Z
x-amz-version-id: 5gD_fe1tCLrWjg18GcLMs5qAtl1xDeyt
accept-ranges: bytes
server: AmazonS3
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 21:46:58 GMT
date: Sat, 05 Nov 2022 21:46:58 GMT
content-range: bytes 1081344-2625182/2625183
content-length: 1543839
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1543839
Md5:    d0ba53357c4f5b4b9eae1c6525e903b2
Sha1:   f694aa31d8edd311ea848464213e810e9539783f
Sha256: 91d239b01228e9a83668643872aecff33a9e95f6c182e07d86a0639accb3f7bd
                                        
                                            POST /api/v2/monitoring?applicationIdentifier=marketingSites HTTP/1.1 
Host: etorologsapi.etoro.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 663
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         20.54.209.212
HTTP/2 200 OK
                                        
date: Sat, 05 Nov 2022 21:46:58 GMT
content-length: 0
server: Kestrel
cache-control: private, max-age=0, must-revalidate=true, noCache=true, noStore=true
vary: Origin
access-control-allow-origin: https://www.etoro.com
request-context: appId=cid-v1:fd70748c-8efd-4b7f-a0f0-36ea0c443ced
X-Firefox-Spdy: h2

                                        
                                            GET /modules.f1e65ef904544a33c6d0.js HTTP/1.1 
Host: script.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.68
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 68402
date: Fri, 04 Nov 2022 12:22:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "0f58b5937c38edb646c879633af2ba34"
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zPQcUlCzdWcb4cXIUOBjSegrMWfn2yxlRqLMUDrN83YpLACGsQYcuQ==
age: 120292
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (48714)
Size:   68402
Md5:    0f58b5937c38edb646c879633af2ba34
Sha1:   253ed6753506bdbd2bc9dd85eaa0c724d8592bf6
Sha256: c5bc2879b3d04080631054a073fc6b4b58f46f3a9732cbcb212cf73e349c1d81
                                        
                                            GET /scripttemplates/6.27.0/assets/otFlat.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/json
                                        
date: Sat, 05 Nov 2022 21:46:59 GMT
content-length: 2950
content-encoding: gzip
content-md5: VSHBUrwe+huqkxKbuHF+GQ==
last-modified: Mon, 29 Nov 2021 20:30:50 GMT
etag: 0x8D9B3772216FA2F
x-ms-request-id: 247cd6ec-501e-004e-2dec-ec1d03000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 13103
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7658c9070faeb515-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (10843)
Size:   2950
Md5:    5521c152bc1efa1baa93129bb8717e19
Sha1:   d89a1ebb0aa8417a5d0f27e172935bf743d8e42e
Sha256: 10e8c409d6b57eb0e5a7fa941b14b2a59b1437e37a16bb51f08adc3f65e807ba
                                        
                                            GET /scripttemplates/6.27.0/assets/v2/otPcCenter.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/json
                                        
date: Sat, 05 Nov 2022 21:46:59 GMT
content-length: 11602
content-encoding: gzip
content-md5: ceOHHWNBgrF8GxXKPVj35A==
last-modified: Mon, 29 Nov 2021 20:30:52 GMT
etag: 0x8D9B377239B4147
x-ms-request-id: a3c3cc4e-901e-00f9-2cec-ec1206000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 13103
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7658c9070fb8b515-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (37703)
Size:   11602
Md5:    71e3871d634182b17c1b15ca3d58f7e4
Sha1:   4063bf0afb25a8c96bdd33f6d24ca832067c7806
Sha256: c20f40887a2fdad6ea7070063acf1150881e18405c91338338e88be4195583b5
                                        
                                            GET /sessions/1871831?s=0.25&r=0.158956693098939 HTTP/1.1 
Host: vc.hotjar.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.64
HTTP/2 204 No Content
                                        
access-control-allow-origin: *
cache-control: no-store
date: Sat, 05 Nov 2022 21:46:59 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NryM0ZMhfoXjNiiXrkEIIZXJQipguzTIb2iezwuQ8AMx7C8k40linw==
X-Firefox-Spdy: h2

                                        
                                            GET /cache/app/etoro.com/config.json HTTP/1.1 
Host: cdn.acsbapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         83.229.67.229
HTTP/2 200 OK
content-type: application/json
                                        
cache-control: max-age=432000 public
expires: Sun, 06 Nov 2022 21:46:59 GMT
last-modified: Sat, 05 Nov 2022 21:44:11 GMT
etag: "9e-6366d92b-58069d3719f2248c;;;"
accept-ranges: bytes
content-length: 158
date: Sat, 05 Nov 2022 21:46:59 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   158
Md5:    8ede0aa291809a5a1d7249915688c476
Sha1:   7a9ec977241a231315c9eade3a33635feee09d3d
Sha256: afe597a5c462455d20d58b6a3ef2c6f447cf38175572b8f2ffb08ea08d16e396
                                        
                                            GET /gtm.js?id=GTM-N7SQ5DP HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 05 Nov 2022 21:46:59 GMT
expires: Sat, 05 Nov 2022 21:46:59 GMT
cache-control: private, max-age=900
last-modified: Sat, 05 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 103552
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35498)
Size:   103552
Md5:    51dbbf50ea207e1031120196fee54148
Sha1:   cbc4d4cf3149a132587f28af63e259b8eab98a68
Sha256: f361e868405ea54374f41228d3cfeab8a25fa4c7b642b794448563ff580410f2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151798
Date: Sat, 05 Nov 2022 21:46:59 GMT
Etag: "6366724d-1d7"
Expires: Mon, 07 Nov 2022 15:56:57 GMT
Last-Modified: Sat, 05 Nov 2022 14:25:17 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: T65jji5pKjcIDNkoPC44DzUBJzIxxtMUT7fR8c8RokDpATpd9ozotQ==
Age: 5501

                                        
                                            POST /api/v2/client/sites/1871831/visit-data?sv=6 HTTP/1.1 
Host: in.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 147
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         52.30.44.244
HTTP/2 200 OK
content-type: application/json
                                        
date: Sat, 05 Nov 2022 21:46:59 GMT
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2304
Md5:    a0af24b20857716f9bb38acb4a1447e8
Sha1:   e22576a2d4cd88cdcd1ab2ba1a8dfeab57f98389
Sha256: 6e52d19055fa130bbfcebac0b00737ccb9c5826037838d526ebf88cabc10c2dc
                                        
                                            GET /cache/app/en.build.json HTTP/1.1 
Host: cdn.acsbapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.etoro.com/
Origin: https://www.etoro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         83.229.67.229
HTTP/2 200 OK
content-type: application/json
                                        
cache-control: max-age=432000 public
expires: Sun, 06 Nov 2022 21:46:59 GMT
last-modified: Tue, 01 Nov 2022 18:07:03 GMT
etag: "3b8a8-63616047-718d994aa171ee79;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 25896
date: Sat, 05 Nov 2022 21:46:59 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (65461), with no line terminators
Size:   25896
Md5:    13e3192ec8661075f563348727c205ab
Sha1:   75b80b84765af0ccf8cddf9b1483e7a90d514566
Sha256: 304c1959410b4ae2b9d554465e7f5da59aad27de1265bf640ac7c9de981e068c
                                        
                                            GET /up_loader.1.1.0.js HTTP/1.1 
Host: js.adsrvr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.45.46
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 05 Nov 2022 03:35:22 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jo0jbAxtuMWz332U7fKGb8PLVrGbslHM6goV7L_3oNc49cI2dOUzOQ==
Age: 65498


--- Additional Info ---
Magic:  ASCII text, with very long lines (4593), with no line terminators
Size:   1919
Md5:    fc322cd537acbe09a494306a9191124a
Sha1:   757cca3916c8efd2ded11be90b3e8a790b5b73dc
Sha256: 2406d172868e70c8fa25558401afc349b30abae39e0090ed0d11d7367692d170
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=99758
Date: Sat, 05 Nov 2022 21:46:59 GMT
Etag: "6365b719-1d7"
Expires: Mon, 07 Nov 2022 01:29:37 GMT
Last-Modified: Sat, 05 Nov 2022 01:06:33 GMT
Server: ECS (dcb/7EEE)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ST1-G4gozKqkVIXwwzSzFU0kxgw0K3qGdVpDUNIJukuFu1E9u86KhA==
Age: 1384

                                        
                                            GET /i/3c2d8da22b7aa416fab4696fbd547cc9.js HTTP/1.1 
Host: zero.pointlessplay.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.97
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
content-length: 29659
content-encoding: gzip
server: Caddy
cache-control: max-age=43200
date: Sat, 05 Nov 2022 19:23:56 GMT
expires: Sun, 06 Nov 2022 07:23:56 GMT
etag: "13cd9-8R36yXcfV1rrMSad8JN5R8CsNW0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lD2RrnkJTYujt58hQO2BoS1rtHGDnDTTR5K-QIBo49s8DUfnRKF1IA==
age: 8583
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size:   29659
Md5:    1654f0dd5a5d17ae2084d8bdf5c43a1c
Sha1:   10b05154ca19428f11c643258a13b145dc8d074c
Sha256: c7c97139f185f0e4b70d1d77780fd0b913ccc1c90f108dcf8af69c137c5ab0e0
                                        
                                            GET /scevent.min.js HTTP/1.1 
Host: sc-static.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.82.240
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
content-length: 11952
server: CloudFront
date: Sat, 05 Nov 2022 21:46:59 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Sun, 06 Nov 2022 21:04:34 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VSxmq0JWb8cuAYb5GfOyoLJiTOtO9kWwdZKUN3mOJgzCgUPriOk7XA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27626), with no line terminators
Size:   11952
Md5:    035ae7d8997231fd2bf263fda3301a2e
Sha1:   5bb59971bb5b00c731b1b6d63ff62d3d15ed3e01
Sha256: 3d692a6509f8e07ecd55a04baeb315df58e4fd15fc92182889d3de5c25e58e60
                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5867
Cache-Control: max-age=145277
Date: Sat, 05 Nov 2022 21:46:59 GMT
Etag: "63665765-1d7"
Expires: Mon, 07 Nov 2022 14:08:16 GMT
Last-Modified: Sat, 05 Nov 2022 12:30:29 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 05 Nov 2022 21:46:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /apps/app/dist/media/logomono.svg HTTP/1.1 
Host: web1.acsbapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         138.128.247.123
HTTP/2 200 OK
content-type: image/svg+xml
                                        
cache-control: max-age=432000 public
expires: Sun, 05 Nov 2023 21:46:59 GMT
last-modified: Mon, 26 Sep 2022 21:02:04 GMT
etag: "1034-6332134c-7705bf7dfc5e498d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1210
date: Sat, 05 Nov 2022 21:46:59 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size:   1210
Md5:    5a1c5c803738f6acbab0a79379c92c10
Sha1:   9f4639325d9e8e69ccc2bfc30d0f83d7dd11cd79
Sha256: 04009697f389893748179c149cad7b1e399d23a2284637350fe07ad94ffa5350
                                        
                                            GET /activityi;src=9944765;type=visit0;cat=pagev0;match_id=undefined;u1=undefined;u8=undefined;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=undefinedundefined HTTP/1.1 
Host: 9944765.fls.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.70
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 21:46:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 275
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 05-Nov-2022 22:01:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (562), with no line terminators
Size:   275
Md5:    1ab2a97338ed3a74084554ba95e3c920
Sha1:   9607de2f32b9ca12b92257f1469eaf7e688b6f80
Sha256: 1f91225ca593af121d56d4553e90970bb0eb6b267a9de6ed812906ed9c7efe0d
                                        
                                            GET /adalyser.js?cid=etoro HTTP/1.1 
Host: c0.adalyser.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.220.223.247
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 05 Nov 2022 21:46:59 GMT
content-length: 12183
x-powered-by: Express
access-control-allow-headers: origin, content-type, accept
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="ADMa OUR IND DSP NON COR"
etag: "60b9cf4ef4ac6dab5294025f3c443ba3cca92451"
cache-control: public, max-age=21600
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (31834)
Size:   12183
Md5:    5301983312500f1fa818e866832a8ede
Sha1:   96c054b07049abe3b764dbcf0f8189055de98e78
Sha256: 24f6c7d7b8467781e61deda43741ad359abebb7efd8b41add68e4bb359cc0867
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3640
Cache-Control: max-age=118963
Date: Sat, 05 Nov 2022 21:46:59 GMT
Etag: "6365f94e-1d7"
Expires: Mon, 07 Nov 2022 06:49:42 GMT
Last-Modified: Sat, 05 Nov 2022 05:49:02 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3640
Cache-Control: max-age=118963
Date: Sat, 05 Nov 2022 21:46:59 GMT
Etag: "6365f94e-1d7"
Expires: Mon, 07 Nov 2022 06:49:42 GMT
Last-Modified: Sat, 05 Nov 2022 05:49:02 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 05 Nov 2022 21:46:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cm/i?pid=2b300842-74be-4e72-8ed5-3bab9449a996&u_scsid=d633dba9-32dc-450a-89ef-24be3f7a8f2c&u_sclid=3f1d86e8-d471-4c08-b938-c9767c8f3f79 HTTP/1.1 
Host: tr.snapchat.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         35.190.43.134
HTTP/2 200 OK
content-type: text/html
                                        
date: Sat, 05 Nov 2022 21:46:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3640
Cache-Control: max-age=118963
Date: Sat, 05 Nov 2022 21:46:59 GMT
Etag: "6365f94e-1d7"
Expires: Mon, 07 Nov 2022 06:49:42 GMT
Last-Modified: Sat, 05 Nov 2022 05:49:02 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /tracking/track/v3/p?stm=1667684817963&e=lce1&url=https%3A%2F%2Fwww.etoro.com%2F%3Fdl%3D30001923%26utm_medium%3DNetworks%26utm_source%3D89099%26utm_content%3D0%26utm_serial%3D166768481610000TNOTV415326358024Vf3%26utm_campaign%3D166768481610000TNOTV415326358024Vf3%26utm_term%3D%26from_lp%3DwhiteLP&cid=etoro&p=%7B%22et%22%3A1667684817962%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Unknown%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%2289099%22%2C%22me%22%3A%22Networks%22%2C%22ca%22%3A%22166768481610000TNOTV415326358024Vf3%22%2C%22co%22%3A%220%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A2%2C%22sid%22%3A%22b00d15ea-101d-453f-81bb-ea2718d1b076%22%2C%22duid%22%3A%226bf47df6-0a4d-4c4a-ad4c-74bd36ad5457%22%2C%22cw%22%3A1667684817962%7D&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&domain=www.etoro.com HTTP/1.1 
Host: c0.adalyser.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.220.223.247
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sat, 05 Nov 2022 21:46:59 GMT
content-length: 43
x-powered-by: Express
access-control-allow-headers: origin, content-type, accept
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="ADMa OUR IND DSP NON COR"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
etag: W/"2b-B//0C13UlayirE4cP7xgqg"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    07fff40b5dd495aca2ac4e1c3fbc60aa
Sha1:   e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
Sha256: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
                                        
                                            POST /p HTTP/1.1 
Host: tr.snapchat.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 675
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         35.190.43.134
HTTP/2 200 OK
content-type: text/html
                                        
date: Sat, 05 Nov 2022 21:46:59 GMT
access-control-allow-origin: https://www.etoro.com
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAA3KSQ0AMAgEQEUkXAXWDglVgfh23mPV4pFBycbkbEIYLTq47dBpDHYlfikvwfIDqWwJoTIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 5
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   68
Md5:    c4a2b870062c2bb98c500bc1526c0498
Sha1:   528666ccdb12997358077bc8fcdbfb6b825c7788
Sha256: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3420
Cache-Control: max-age=110079
Date: Sat, 05 Nov 2022 21:46:59 GMT
Etag: "6365d776-1d7"
Expires: Mon, 07 Nov 2022 04:21:38 GMT
Last-Modified: Sat, 05 Nov 2022 03:24:38 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 05 Nov 2022 20:41:09 GMT
expires: Sat, 05 Nov 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 3950
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /li.lms-analytics/insight.min.js HTTP/1.1 
Host: snap.licdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.121
HTTP/2 200 OK
content-type: application/x-javascript;charset=utf-8
                                        
last-modified: Tue, 01 Nov 2022 19:12:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=43126
date: Sat, 05 Nov 2022 21:46:59 GMT
content-length: 471
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (996)
Size:   471
Md5:    e1ec75f64605dcf47d74531bbbd3c525
Sha1:   f5847f130a0353d5de55e058d23c83b7b4d145a9
Sha256: 697f3411ba82530b539f0f22be6bedbd4de261727e3632f259884c4487848124
                                        
                                            GET /cp/obtp.js HTTP/1.1 
Host: amplify.outbrain.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.201.81
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Accept-Ranges: bytes
ETag: "0d5508c59e34b5d35cde5aea2aa1c2fd:1665301953.026714"
Last-Modified: Sun, 09 Oct 2022 07:50:08 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Sat, 05 Nov 2022 22:06:59 GMT
Date: Sat, 05 Nov 2022 21:46:59 GMT
Content-Length: 3471
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (8656), with no line terminators
Size:   3471
Md5:    6cff2cb49ee772adf066904fd18efd9a
Sha1:   8b876016198b0fc9862d2b6e29a80251c5422e72
Sha256: 85d26923c638ce50f36f7b69f9f50d2a6d6863abed574af143e24a14a343f9d2
                                        
                                            GET /bat.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         13.107.21.200
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: private,max-age=1800
content-length: 11367
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=2A78B1DBBE7C65E121B4A388BF896400; domain=.bing.com; expires=Thu, 30-Nov-2023 21:46:59 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A9C69955DA944488AC45DAF44E802996 Ref B: OSL30EDGE0207 Ref C: 2022-11-05T21:46:59Z
date: Sat, 05 Nov 2022 21:46:59 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Size:   11367
Md5:    293ae3e0fc8b0d5c143fdf9d8490228d
Sha1:   3976c659b908e70818a3a1ac71860b497fe2d1a9
Sha256: 04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
                                        
                                            GET /collector/is_enabled?pids=2b300842-74be-4e72-8ed5-3bab9449a996&tld=com HTTP/1.1 
Host: tr.snapchat.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.etoro.com
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.190.43.134
HTTP/2 200 OK
content-type: application/json
                                        
date: Sat, 05 Nov 2022 21:46:59 GMT
access-control-allow-origin: https://www.etoro.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (21423)
Size:   5991
Md5:    cf0328b409cba8cb8fe58357653d1882
Sha1:   2ab61e556af65dcb85733ce7ecfa06d9c5ec1ebb
Sha256: d81507bb04dada7aef7ddf7aa23a24f1c7c6bd6fc14cf63fcacfed8fd6296c51
                                        
                                            GET /libtrc/unip/1005612/tfa.js HTTP/1.1 
Host: cdn.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.85.44
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
x-amz-id-2: xR6zVH1bP+wBbSo88vvxTCyL1PDc9FHMRcmK3C50v+ePP87xx1YcAx6DaUSMjijgIRFLDdHQBU8=
x-amz-request-id: S5VKHKBFGTHNNDWG
x-amz-replication-status: PENDING
last-modified: Sun, 30 Oct 2022 11:37:28 GMT
etag: "f50f326c2373eca8b7e149f872fd9d92"
x-amz-version-id: lNGvvp3oe96TOBqtMeA_dbvDIgHxhEF8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 05 Nov 2022 21:46:59 GMT
via: 1.1 varnish
age: 53
x-served-by: cache-bma1656-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1667684820.733286,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 15
content-length: 17942
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (58483)
Size:   17942
Md5:    e5328a7e044435832d695c043e7b426d
Sha1:   0970cbeaea50c43b458a53d782b65328d6fb59e3
Sha256: 257e4e0c753eabc7b2ff076077d99446dd86556dd74a066888be5cd80a975144
                                        
                                            GET /uwt.js HTTP/1.1 
Host: static.ads-twitter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.etoro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.84.157
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Sat, 05 Nov 2022 21:46:59 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57596), with no line terminators
Size:   15375
Md5:    573e6a7f86f6f3063763360ef0672c01
Sha1:   b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
Sha256: 02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7