dropmb.com/files/fd873d3ffad7265c9125a14881f3c0cc.rar
104.21.235.160301 Moved Permanently 0 B URL HTTP/1.1 dropmb.com/files/fd873d3ffad7265c9125a14881f3c0cc.rar
IP 104.21.235.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /files/fd873d3ffad7265c9125a14881f3c0cc.rar HTTP/1.1
Host: dropmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 15:22:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 27 Sep 2022 16:22:05 GMT
Location: https://dropmb.com/files/fd873d3ffad7265c9125a14881f3c0cc.rar
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IFoRPuaXHDWWwxK3Bka5E78YKzgs8ngs8l201u5BEoDkQUtAXLnyPZAUEzG%2FrOxw0tQlKb%2FAKOMSH1AUtiIswWtvKo%2BJ8I6f5tvxO6m%2FkdvMf%2BS7XMKnfyMUOKN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 75153b9b6a6adc45-LHR
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 15:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wuj4WTyhRWcw0Y843c3fpIL1nBjdzUA9zvOUNLD9W--HEuinTpOmAQ==
Age: 396
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9143
Expires: Tue, 27 Sep 2022 17:54:29 GMT
Date: Tue, 27 Sep 2022 15:22:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TynnsIWzpdWgZ5m1JxIErIalUADd5r7uN7ycgXTB6HyRVUhjNSj3cg==
age: 21473
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 55a7189705435cbad88974cad91c3d06
12d93978d62778a9cf1c0993186464bf9639d8a1
26445b0ab2c90494c8ac8851fb921dd8308bd0e8692b41dcdfb1a53c92abd0e0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3996
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:22:06 GMT
Last-Modified: Tue, 27 Sep 2022 14:15:30 GMT
Server: ECS (amb/6BB8)
X-Cache: HIT
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 55a7189705435cbad88974cad91c3d06
12d93978d62778a9cf1c0993186464bf9639d8a1
26445b0ab2c90494c8ac8851fb921dd8308bd0e8692b41dcdfb1a53c92abd0e0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3996
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:22:06 GMT
Last-Modified: Tue, 27 Sep 2022 14:15:30 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:22:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 15:10:46 GMT
Expires: Tue, 27 Sep 2022 16:02:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: S6RI0FcpvefmeB0dP-HjjymNhZ1lOu77KBjyl87XjypAxVC9mAounw==
Age: 680
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4451
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:22:06 GMT
Last-Modified: Tue, 27 Sep 2022 14:07:55 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:22:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dropmb.com/files/fd873d3ffad7265c9125a14881f3c0cc.rar
104.21.235.159200 OK 24 kB URL HTTP/2 dropmb.com/files/fd873d3ffad7265c9125a14881f3c0cc.rar
IP 104.21.235.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1487), with CRLF, LF line terminators
Hash 03cd71f0d30b00256b0f1e65f06ce202
ed680b9b5056bd869bb61a562512ffef7e4d024c
06d3ce203ee4e867c4fbf0840f85314b5e33cdaab58ee47549ea941cab6b5da7
GET /files/fd873d3ffad7265c9125a14881f3c0cc.rar HTTP/1.1
Host: dropmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:22:06 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=2678400, must-revalidate
pragma: no-cache
x-60-cache-status: HIT
last-modified: Thu, 15 Sep 2022 19:44:19 GMT
cf-cache-status: HIT
age: 971699
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgbc4xd77U2%2F%2FUmFK%2FYd20XhcYGmrFezbIX6mDt1HZkQERNVnJx0XGcR4%2FUJGXRQH1H1cILIMON1VGWFlW%2B%2FIa6eQOvsbDWaULsKNLGPD6JsUT9RBhCFFnSfdjwl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75153b9d7dcf775c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 58 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
Hash 2c277130d113ed67c15ad133cf9a1ce6
059b5163939ad3082a6b5a2176e2797a42d1bbe2
80e139f544290068e93d8c346e5e17a2f20116d90b84a1e115164c9f2ed84591
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dropmb.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 598305
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:22:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.191.251.76101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.251.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AWQNS6dOpDe2M/AlegdqrA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: okwIHbBsREM8zSLetKthKiAEN+s=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 348b8e9ff9789e9d04b35565f1f4a16e
a389fe1e390d2177191f58967c5291e9fcf8fea9
42393bbebc5bda5422c410adb413ddebf976d70fea8ca3ae50bd8dfddee645df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "42393BBEBC5BDA5422C410ADB413DDEBF976D70FEA8CA3AE50BD8DFDDEE645DF"
Last-Modified: Sun, 25 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16404
Expires: Tue, 27 Sep 2022 19:55:31 GMT
Date: Tue, 27 Sep 2022 15:22:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 443e5e20577c62eca8d2f78b07b9ebf0
b01aea00b91987ada595a45daaf1ac0d0e665b6a
eab28ed0dcb51bf3ee024b4ccaa3cf1f2770e0fa191e45fc8465a4f3e9e4de09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EAB28ED0DCB51BF3EE024B4CCAA3CF1F2770E0FA191E45FC8465A4F3E9E4DE09"
Last-Modified: Sun, 25 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18060
Expires: Tue, 27 Sep 2022 20:23:08 GMT
Date: Tue, 27 Sep 2022 15:22:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 27e98fe1cd3e7042342c4107565b2176
d643a703ff771e88cedf6626d4d6537c3951d8bd
fb817eeb13578a3daa360dc6769fbac02ae3dc903449efee995f7570ab76465b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB817EEB13578A3DAA360DC6769FBAC02AE3DC903449EFEE995F7570AB76465B"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3294
Expires: Tue, 27 Sep 2022 16:17:02 GMT
Date: Tue, 27 Sep 2022 15:22:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b02c0c94200033af34cda15ebbbb1d52
52e6a79df678c5d1a8288fb63fd6ac86107b30b9
52b73249d787244356d8fadc4ee2c73acfaa25ec2586b3cd5f00dba23148f94b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52B73249D787244356D8FADC4EE2C73ACFAA25EC2586B3CD5F00DBA23148F94B"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10653
Expires: Tue, 27 Sep 2022 18:19:41 GMT
Date: Tue, 27 Sep 2022 15:22:08 GMT
Connection: keep-alive
bedrapiona.com/5/4971415/?oo=1&js_build=iclick-v1.430.0
139.45.197.234200 OK 8.1 kB URL HTTP/2 bedrapiona.com/5/4971415/?oo=1&js_build=iclick-v1.430.0
IP 139.45.197.234:0
Hash 8d4cb0c070ce498439f84158429e5d4b
bf4d66ff1ddf9ec5e34e5fe805e9c948972c15bc
8403a862d76adefac96ca130a3a2eaf5a634daf4c8c79817ce4aa8f7011ed547
GET /5/4971415/?oo=1&js_build=iclick-v1.430.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dropmb.com
Connection: keep-alive
Referer: https://dropmb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:07 GMT
content-type: application/json
x-trace-id: 43e7c4cf9a1686f90695b9759828cd7b
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://dropmb.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=c1e5e63255314d5bb1b211a8c45c6dbc; expires=Wed, 27 Sep 2023 15:22:07 GMT; path=/; secure; SameSite=None
oaidts=1664292127; expires=Wed, 27 Sep 2023 15:22:07 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13210
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 15:22:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13210
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 15:22:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13210
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 15:22:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13210
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 15:22:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:07 GMT
age: 63781
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91d97447a6a35813e57d942f685544c4
3b660de9902fbfcf2efb477f40480b08545ebc5f
08c1ea19c4918273da12c9a2e962edf4463c486a30f60c8a279a45e5edcf972a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11881
x-amzn-requestid: 584a2270-56ef-4f46-8ab2-dc0e519b5f45
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YshLfEfoIAMFX9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328157c-12f8e8e31318d2da70796520;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 07:08:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bDpP2pZgrMz5bH_vy76SvyPojDGhPIHfOtv2i4dfHCs1GUuSZVC87w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:33:24 GMT
age: 60524
etag: "3b660de9902fbfcf2efb477f40480b08545ebc5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5274e770cb5a704916c8965659709f4a
1a26007f761e439db575fb80fb403031260aecf4
e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IWzfDNFlgYdqYnbQ9uWfOvqb5zl3I3mgTZrT5pU5P3EvetMRDN5P7w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:06:47 GMT
age: 51321
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0869109d63ef5270595fb34384023a90
f2ec69fdaca2a0327cd3599ac05d0051df3dee41
c4a67afda7094519228049f837e2e0c1674148bd2e564ae2dccc3458bbdb9ed4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:22:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=485589,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75153baa0ce2b50c-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p1vYTqYjOmYHjVmJ8f6qyT_nLIsyXsr7ZI-DI7JBF9RJa0ZJNPiluA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:56:23 GMT
age: 62745
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:37:50 GMT
age: 49458
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kRSg9NTTAgeAJgIZ_C9_rRodCX4bzGduJEvNPNHUya0Moa2vsmWSoQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 63791
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tovanillitechan.com/42/38?z=4971413
139.45.197.239200 OK 0 B URL HTTP/2 tovanillitechan.com/42/38?z=4971413
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /42/38?z=4971413 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropmb.com/
Cookie: scm=1; OAID=2db1a0ec95ee4bf1b8fddc67050950b3; oaidts=1664292128
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 32b31c17b1d7d395d957edcd026ee9ef
access-control-expose-headers: X-Sc
set-cookie: OAID=2db1a0ec95ee4bf1b8fddc67050950b3; expires=Wed, 27 Sep 2023 15:22:08 GMT; secure; SameSite=None
oaidts=1664292128; expires=Wed, 27 Sep 2023 15:22:08 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=c1e5e63255314d5bb1b211a8c45c6dbc
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=c1e5e63255314d5bb1b211a8c45c6dbc
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e9c63f152e426473bd427a4404715d0a
8cf3c324db12959f85391a1b25f47f904044dba1
8c471f8bf1a8966e03588983d30f03d30653cea1e2f11f6d3b37cb8658845144
GET /gid.js?userId=c1e5e63255314d5bb1b211a8c45c6dbc HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dropmb.com
Connection: keep-alive
Referer: https://dropmb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://dropmb.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c1e5e63255314d5bb1b211a8c45c6dbc; expires=Wed, 27 Sep 2023 15:22:08 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 62612091c277cd83e32d94466bcad28f
aa5d9d41e3442dcff77a7fa3d1a458aec220f4e8
38328145d631f89145de9cfcd5e82aac39454eac8f446ea59594ff988135637e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "38328145D631F89145DE9CFCD5E82AAC39454EAC8F446EA59594FF988135637E"
Last-Modified: Tue, 27 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13135
Expires: Tue, 27 Sep 2022 19:01:03 GMT
Date: Tue, 27 Sep 2022 15:22:08 GMT
Connection: keep-alive
tovanillitechan.com/9?z=4971413&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=c1e5e63255314d5bb1b211a8c45c6dbc
139.45.197.239204 No Content 0 B URL HTTP/2 tovanillitechan.com/9?z=4971413&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=c1e5e63255314d5bb1b211a8c45c6dbc
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=4971413&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=c1e5e63255314d5bb1b211a8c45c6dbc HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dropmb.com/
Origin: https://dropmb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://dropmb.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
pseepsie.com/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
OPTIONS /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dropmb.com/
Origin: https://dropmb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://dropmb.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
pseepsie.com/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
OPTIONS /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dropmb.com/
Origin: https://dropmb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://dropmb.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
pseepsie.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Malware
POST /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropmb.com/
Content-Type: application/json
Origin: https://dropmb.com
Content-Length: 399
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 39f075a8405274e4fe568856e2acfca6
access-control-allow-origin: https://dropmb.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
pseepsie.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Malware
POST /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropmb.com/
Content-Type: application/json
Origin: https://dropmb.com
Content-Length: 781
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 7650cff387e1841b396a366860cc91ed
access-control-allow-origin: https://dropmb.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dozubatan.com/500/4971412?excludes=&oaid=c1e5e63255314d5bb1b211a8c45c6dbc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 dozubatan.com/500/4971412?excludes=&oaid=c1e5e63255314d5bb1b211a8c45c6dbc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/4971412?excludes=&oaid=c1e5e63255314d5bb1b211a8c45c6dbc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://dropmb.com/
Origin: https://dropmb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://dropmb.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
tovanillitechan.com/121?rnd=803204055&z=4971413&b=14993070&c=6131524&var=&d=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3D%7Badformat%7D%26banner%3D14993070%26os%3D%7Bos%7D%26country%3D%7Bcountry%7D%26zoneid%3D4971413%26zone_type%3D%7Bzone_type%7D%26cost%3D%7Bcost%7D%26campaignid%3D6131524%26clickid%3D598647182968500224%26device%3D%7Bdevice%7D%26browser%3D%7Bbrowser%7D%26connection.type%3D%7Bconnection.type%7D%26browserversion%3D%7Bbrowserversion%7D%26carrier%3D%7Bcarrier%7D%26countryname%3D%7Bcountryname%7D%26osversion%3D%7Bosversion%7D%26region%3D%7Bregion%7D%26useragent%3D%7Buseragent%7D%26language%3D%7Blanguage%7D&cln={CELL_NUMBER}&btp=7&rb=zX2PFjovxb6qaHc22nyCoR5SjVfdieaBcq4E0a6ZMNmc04eS__jPJBT5Fod5jYIviskp90FlsT7Wnd6XWUj-C8j2RsHXR7-wEIWT85xJ5RYzgXhalNWMUVuW5W8G7FGkPvwDgnZuAyOp8zdNjXfD88vqUujLOS5GJ4gZZaDuC0q5srhCgfjcyQkvE6w0cB9rrvGwFxTAl2iygklu_UB8YT9Qc7tsIgSe1-4i23LH7-S8IPgORVz9PT2_1-7_9ZG77QyHAUeFmCO5CBt7BY3Iw6PG_JB4OQ66Ron3J46C-rgvoVR-9NbvvKhzf9-4mmYQUfkBxGRdvbXsUO5xpJ0XuZSj581uTTtbil6_wSbNXnp4mwSkd8pZcrKWdhrV432zoxWFxcLRv1HJ_pM2r4nmiBg4ILuJOwrCu6oOwOf5XXiEJBbQcPaeSiTJl70a5UBcuBQyHY3EG8hy691fMNkk5G5-85uILVWG96DI6MitnR5LDYpX6x8mHvCnPg1HtadCdMSNP5fBgzCiOp1tbGNR8zUYOPpvM2PgqsXU-pmQgxSp_m3XCU5IT7TMK9jejaEOjdxXpZsdvsYYSRi8jy6ax_eH7CIo1B_H5BhPrHU88cCRGlej9CKAg_tklLzCS_LcdZfFFWvvQ-F7E2YaHGy2CGqsbJxfZP4dMoFRfTUK66g_IlkFmVOB7iVSQ9GRK6EbOCw-YfCOdt0=&bag=0moqll4M0kV9LglnYLOVlWc2LVA7L85i&ruid=44899443-89ef-4cc2-a15c-c060d6c05d2e&subid=598647182968500224
139.45.197.239302 Found 0 B URL HTTP/2 tovanillitechan.com/121?rnd=803204055&z=4971413&b=14993070&c=6131524&var=&d=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3D%7Badformat%7D%26banner%3D14993070%26os%3D%7Bos%7D%26country%3D%7Bcountry%7D%26zoneid%3D4971413%26zone_type%3D%7Bzone_type%7D%26cost%3D%7Bcost%7D%26campaignid%3D6131524%26clickid%3D598647182968500224%26device%3D%7Bdevice%7D%26browser%3D%7Bbrowser%7D%26connection.type%3D%7Bconnection.type%7D%26browserversion%3D%7Bbrowserversion%7D%26carrier%3D%7Bcarrier%7D%26countryname%3D%7Bcountryname%7D%26osversion%3D%7Bosversion%7D%26region%3D%7Bregion%7D%26useragent%3D%7Buseragent%7D%26language%3D%7Blanguage%7D&cln={CELL_NUMBER}&btp=7&rb=zX2PFjovxb6qaHc22nyCoR5SjVfdieaBcq4E0a6ZMNmc04eS__jPJBT5Fod5jYIviskp90FlsT7Wnd6XWUj-C8j2RsHXR7-wEIWT85xJ5RYzgXhalNWMUVuW5W8G7FGkPvwDgnZuAyOp8zdNjXfD88vqUujLOS5GJ4gZZaDuC0q5srhCgfjcyQkvE6w0cB9rrvGwFxTAl2iygklu_UB8YT9Qc7tsIgSe1-4i23LH7-S8IPgORVz9PT2_1-7_9ZG77QyHAUeFmCO5CBt7BY3Iw6PG_JB4OQ66Ron3J46C-rgvoVR-9NbvvKhzf9-4mmYQUfkBxGRdvbXsUO5xpJ0XuZSj581uTTtbil6_wSbNXnp4mwSkd8pZcrKWdhrV432zoxWFxcLRv1HJ_pM2r4nmiBg4ILuJOwrCu6oOwOf5XXiEJBbQcPaeSiTJl70a5UBcuBQyHY3EG8hy691fMNkk5G5-85uILVWG96DI6MitnR5LDYpX6x8mHvCnPg1HtadCdMSNP5fBgzCiOp1tbGNR8zUYOPpvM2PgqsXU-pmQgxSp_m3XCU5IT7TMK9jejaEOjdxXpZsdvsYYSRi8jy6ax_eH7CIo1B_H5BhPrHU88cCRGlej9CKAg_tklLzCS_LcdZfFFWvvQ-F7E2YaHGy2CGqsbJxfZP4dMoFRfTUK66g_IlkFmVOB7iVSQ9GRK6EbOCw-YfCOdt0=&bag=0moqll4M0kV9LglnYLOVlWc2LVA7L85i&ruid=44899443-89ef-4cc2-a15c-c060d6c05d2e&subid=598647182968500224
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /121?rnd=803204055&z=4971413&b=14993070&c=6131524&var=&d=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3D%7Badformat%7D%26banner%3D14993070%26os%3D%7Bos%7D%26country%3D%7Bcountry%7D%26zoneid%3D4971413%26zone_type%3D%7Bzone_type%7D%26cost%3D%7Bcost%7D%26campaignid%3D6131524%26clickid%3D598647182968500224%26device%3D%7Bdevice%7D%26browser%3D%7Bbrowser%7D%26connection.type%3D%7Bconnection.type%7D%26browserversion%3D%7Bbrowserversion%7D%26carrier%3D%7Bcarrier%7D%26countryname%3D%7Bcountryname%7D%26osversion%3D%7Bosversion%7D%26region%3D%7Bregion%7D%26useragent%3D%7Buseragent%7D%26language%3D%7Blanguage%7D&cln={CELL_NUMBER}&btp=7&rb=zX2PFjovxb6qaHc22nyCoR5SjVfdieaBcq4E0a6ZMNmc04eS__jPJBT5Fod5jYIviskp90FlsT7Wnd6XWUj-C8j2RsHXR7-wEIWT85xJ5RYzgXhalNWMUVuW5W8G7FGkPvwDgnZuAyOp8zdNjXfD88vqUujLOS5GJ4gZZaDuC0q5srhCgfjcyQkvE6w0cB9rrvGwFxTAl2iygklu_UB8YT9Qc7tsIgSe1-4i23LH7-S8IPgORVz9PT2_1-7_9ZG77QyHAUeFmCO5CBt7BY3Iw6PG_JB4OQ66Ron3J46C-rgvoVR-9NbvvKhzf9-4mmYQUfkBxGRdvbXsUO5xpJ0XuZSj581uTTtbil6_wSbNXnp4mwSkd8pZcrKWdhrV432zoxWFxcLRv1HJ_pM2r4nmiBg4ILuJOwrCu6oOwOf5XXiEJBbQcPaeSiTJl70a5UBcuBQyHY3EG8hy691fMNkk5G5-85uILVWG96DI6MitnR5LDYpX6x8mHvCnPg1HtadCdMSNP5fBgzCiOp1tbGNR8zUYOPpvM2PgqsXU-pmQgxSp_m3XCU5IT7TMK9jejaEOjdxXpZsdvsYYSRi8jy6ax_eH7CIo1B_H5BhPrHU88cCRGlej9CKAg_tklLzCS_LcdZfFFWvvQ-F7E2YaHGy2CGqsbJxfZP4dMoFRfTUK66g_IlkFmVOB7iVSQ9GRK6EbOCw-YfCOdt0=&bag=0moqll4M0kV9LglnYLOVlWc2LVA7L85i&ruid=44899443-89ef-4cc2-a15c-c060d6c05d2e&subid=598647182968500224 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: scm=1; OAID=c1e5e63255314d5bb1b211a8c45c6dbc; oaidts=1664292128
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-length: 0
location: https://www.roifxtrader.com/?adformat=interstitial&banner=14993070&os=linux&country=NO&zoneid=4971413&zone_type={zone_type}&cost=&campaignid=6131524&clickid=598647182968500224&device={device}&browser=firefox&connection.type={connection.type}&browserversion={browserversion}&carrier={carrier}&countryname={countryname}&osversion=other®ion={region}&useragent={useragent}&language={language}
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: a3ac1da934b3529d95910a5c1f5ff4ae
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
tovanillitechan.com/11?rnd=527308398&z=4971413&b=14993070&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=zX2PFjovxb6qaHc22nyCoR5SjVfdieaBcq4E0a6ZMNmc04eS__jPJBT5Fod5jYIviskp90FlsT7Wnd6XWUj-C8j2RsHXR7-wEIWT85xJ5RYzgXhalNWMUVuW5W8G7FGkPvwDgnZuAyOp8zdNjXfD88vqUujLOS5GJ4gZZaDuC0q5srhCgfjcyQkvE6w0cB9rrvGwFxTAl2iygklu_UB8YT9Qc7tsIgSe1-4i23LH7-S8IPgORVz9PT2_1-7_9ZG77QyHAUeFmCO5CBt7BY3Iw6PG_JB4OQ66Ron3J46C-rgvoVR-9NbvvKhzf9-4mmYQUfkBxGRdvbXsUO5xpJ0XuZSj581uTTtbil6_wSbNXnp4mwSkd8pZcrKWdhrV432zoxWFxcLRv1HJ_pM2r4nmiBg4ILuJOwrCu6oOwOf5XXiEJBbQcPaeSiTJl70a5UBcuBQyHY3EG8hy691fMNkk5G5-85uILVWG96DI6MitnR5LDYpX6x8mHvCnPg1HtadCdMSNP5fBgzCiOp1tbGNR8zUYOPpvM2PgqsXU-pmQgxSp_m3XCU5IT7TMK9jejaEOjdxXpZsdvsYYSRi8jy6ax_eH7CIo1B_H5BhPrHU88cCRGlej9CKAg_tklLzCS_LcdZfFFWvvQ-F7E2YaHGy2CGqsbJxfZP4dMoFRfTUK66g_IlkFmVOB7iVSQ9GRK6EbOCw-YfCOdt0=&ruid=44899443-89ef-4cc2-a15c-c060d6c05d2e&subid=598647182968500224&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=84
139.45.197.239200 OK 0 B URL HTTP/2 tovanillitechan.com/11?rnd=527308398&z=4971413&b=14993070&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=zX2PFjovxb6qaHc22nyCoR5SjVfdieaBcq4E0a6ZMNmc04eS__jPJBT5Fod5jYIviskp90FlsT7Wnd6XWUj-C8j2RsHXR7-wEIWT85xJ5RYzgXhalNWMUVuW5W8G7FGkPvwDgnZuAyOp8zdNjXfD88vqUujLOS5GJ4gZZaDuC0q5srhCgfjcyQkvE6w0cB9rrvGwFxTAl2iygklu_UB8YT9Qc7tsIgSe1-4i23LH7-S8IPgORVz9PT2_1-7_9ZG77QyHAUeFmCO5CBt7BY3Iw6PG_JB4OQ66Ron3J46C-rgvoVR-9NbvvKhzf9-4mmYQUfkBxGRdvbXsUO5xpJ0XuZSj581uTTtbil6_wSbNXnp4mwSkd8pZcrKWdhrV432zoxWFxcLRv1HJ_pM2r4nmiBg4ILuJOwrCu6oOwOf5XXiEJBbQcPaeSiTJl70a5UBcuBQyHY3EG8hy691fMNkk5G5-85uILVWG96DI6MitnR5LDYpX6x8mHvCnPg1HtadCdMSNP5fBgzCiOp1tbGNR8zUYOPpvM2PgqsXU-pmQgxSp_m3XCU5IT7TMK9jejaEOjdxXpZsdvsYYSRi8jy6ax_eH7CIo1B_H5BhPrHU88cCRGlej9CKAg_tklLzCS_LcdZfFFWvvQ-F7E2YaHGy2CGqsbJxfZP4dMoFRfTUK66g_IlkFmVOB7iVSQ9GRK6EbOCw-YfCOdt0=&ruid=44899443-89ef-4cc2-a15c-c060d6c05d2e&subid=598647182968500224&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=84
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=527308398&z=4971413&b=14993070&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=zX2PFjovxb6qaHc22nyCoR5SjVfdieaBcq4E0a6ZMNmc04eS__jPJBT5Fod5jYIviskp90FlsT7Wnd6XWUj-C8j2RsHXR7-wEIWT85xJ5RYzgXhalNWMUVuW5W8G7FGkPvwDgnZuAyOp8zdNjXfD88vqUujLOS5GJ4gZZaDuC0q5srhCgfjcyQkvE6w0cB9rrvGwFxTAl2iygklu_UB8YT9Qc7tsIgSe1-4i23LH7-S8IPgORVz9PT2_1-7_9ZG77QyHAUeFmCO5CBt7BY3Iw6PG_JB4OQ66Ron3J46C-rgvoVR-9NbvvKhzf9-4mmYQUfkBxGRdvbXsUO5xpJ0XuZSj581uTTtbil6_wSbNXnp4mwSkd8pZcrKWdhrV432zoxWFxcLRv1HJ_pM2r4nmiBg4ILuJOwrCu6oOwOf5XXiEJBbQcPaeSiTJl70a5UBcuBQyHY3EG8hy691fMNkk5G5-85uILVWG96DI6MitnR5LDYpX6x8mHvCnPg1HtadCdMSNP5fBgzCiOp1tbGNR8zUYOPpvM2PgqsXU-pmQgxSp_m3XCU5IT7TMK9jejaEOjdxXpZsdvsYYSRi8jy6ax_eH7CIo1B_H5BhPrHU88cCRGlej9CKAg_tklLzCS_LcdZfFFWvvQ-F7E2YaHGy2CGqsbJxfZP4dMoFRfTUK66g_IlkFmVOB7iVSQ9GRK6EbOCw-YfCOdt0=&ruid=44899443-89ef-4cc2-a15c-c060d6c05d2e&subid=598647182968500224&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=84 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dropmb.com
Connection: keep-alive
Referer: https://dropmb.com/
Cookie: scm=1; OAID=c1e5e63255314d5bb1b211a8c45c6dbc; oaidts=1664292128
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://dropmb.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 886de098cc5756416105917d18d98a8a
access-control-expose-headers: X-Sc
set-cookie: OAID=c1e5e63255314d5bb1b211a8c45c6dbc; expires=Wed, 27 Sep 2023 15:22:08 GMT; secure; SameSite=None
oaidts=1664292128; expires=Wed, 27 Sep 2023 15:22:08 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
tovanillitechan.com/27/b7bd02994a2771796f8a835cfb750d4b
139.45.197.239200 OK 132 kB URL HTTP/2 tovanillitechan.com/27/b7bd02994a2771796f8a835cfb750d4b
IP 139.45.197.239:0
Size 132 kB (131589 bytes)
Hash 83ccf221b730824b7f711df776bdeff3
80fd4684a2569f614f2230f3deb847f87b4fbcd3
92c6479ab53b03e05e72fa8e6f912d23c745c236f317d5c694d88ba4cf661da0
GET /27/b7bd02994a2771796f8a835cfb750d4b HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropmb.com/
Cookie: scm=1; OAID=2db1a0ec95ee4bf1b8fddc67050950b3; oaidts=1664292128
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 22 Sep 2022 08:42:06 GMT
expires: Thu, 22 Oct 2082 08:42:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 008bb0f15929580c49beb48408615d01
a28e34ab71eea646efaf0a505a3bd07671bd6012
f612ef9519f2b8baad9918a77a873fb28c691518df1504fb32a47af79b8f7e18
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:22:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 00:52:20 GMT
Expires: Mon, 03 Oct 2022 00:52:19 GMT
Etag: "a28e34ab71eea646efaf0a505a3bd07671bd6012"
Cache-Control: max-age=465610,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75153bacd83db50c-OSL
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropmb.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://dropmb.com
Content-Length: 1549
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 27 Sep 2022 15:22:27 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://dropmb.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
www.roifxtrader.com/?adformat=interstitial&banner=14993070&os=linux&country=NO&zoneid=4971413&zone_type={zone_type}&cost=&campaignid=6131524&clickid=598647182968500224&device={device}&browser=firefox&connection.type={connection.type}&browserversion={browserversion}&carrier={carrier}&countryname={countryname}&osversion=other®ion={region}&useragent={useragent}&language={language}
172.67.163.98301 Moved Permanently 344 B URL HTTP/2 www.roifxtrader.com/?adformat=interstitial&banner=14993070&os=linux&country=NO&zoneid=4971413&zone_type={zone_type}&cost=&campaignid=6131524&clickid=598647182968500224&device={device}&browser=firefox&connection.type={connection.type}&browserversion={browserversion}&carrier={carrier}&countryname={countryname}&osversion=other®ion={region}&useragent={useragent}&language={language}
IP 172.67.163.98:0
Hash 42e7670c6fcf7981c5906cf7df21b755
0211960d9f8321ebe0d4003664ef7f3cc749ee81
c6fc6e7b958fdeedc023d6598098ab514df823876bb65b75ac9440c68c83a2d9
GET /?adformat=interstitial&banner=14993070&os=linux&country=NO&zoneid=4971413&zone_type={zone_type}&cost=&campaignid=6131524&clickid=598647182968500224&device={device}&browser=firefox&connection.type={connection.type}&browserversion={browserversion}&carrier={carrier}&countryname={countryname}&osversion=other®ion={region}&useragent={useragent}&language={language} HTTP/1.1
Host: www.roifxtrader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 27 Sep 2022 15:22:09 GMT
content-type: text/html; charset=UTF-8
location: https://www.roifxtrader.com/?adformat=interstitial&banner=14993070&os=linux&country=NO&zoneid=4971413&zone_type=%7Bzone_type%7D&cost&campaignid=6131524&clickid=598647182968500224&device=%7Bdevice%7D&browser=firefox&connection_type=%7Bconnection.type%7D&browserversion=%7Bbrowserversion%7D&carrier=%7Bcarrier%7D&countryname=%7Bcountryname%7D&osversion=other®ion=%7Bregion%7D&useragent=%7Buseragent%7D&language=%7Blanguage%7D
x-redirect-by: WordPress
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5SFeATa6kGpGZW4VVPKFT4qZr33KY9%2BKg7LnyMQisvTXlVK2bo4LdxIk0Q3aUIv%2BN5ZfeBjubawZOg161XAd7xj5rpMTUbQ3SWMIdNQ1XHd0PUO5J5g0JdkI4pIVrfGYjln6XQB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75153baddc581c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
offerimage.com/www/images/a563edd673308b2cd8cc1ec9c0543417.png
104.22.32.172200 OK 76 kB URL HTTP/2 offerimage.com/www/images/a563edd673308b2cd8cc1ec9c0543417.png
IP 104.22.32.172:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash a563edd673308b2cd8cc1ec9c0543417
bff09cb9d8c3dadb244db8d24b6f58b8dfab6469
bbd22caad95af25c9ccf019fe7499c74743b7ef4eaceeffe0781c3f64f054b0c
GET /www/images/a563edd673308b2cd8cc1ec9c0543417.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:22:09 GMT
content-type: image/png
content-length: 76281
last-modified: Tue, 07 Jun 2022 21:58:32 GMT
etag: "629fca08-129f9"
expires: Tue, 27 Sep 2022 22:10:39 GMT
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
timing-allow-origin: *
cf-cache-status: HIT
age: 61890
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75153bae9b1c9902-ARN
X-Firefox-Spdy: h2
www.roifxtrader.com/?adformat=interstitial&banner=14993070&os=linux&country=NO&zoneid=4971413&zone_type=%7Bzone_type%7D&cost&campaignid=6131524&clickid=598647182968500224&device=%7Bdevice%7D&browser=firefox&connection_type=%7Bconnection.type%7D&browserversion=%7Bbrowserversion%7D&carrier=%7Bcarrier%7D&countryname=%7Bcountryname%7D&osversion=other®ion=%7Bregion%7D&useragent=%7Buseragent%7D&language=%7Blanguage%7D
172.67.163.98200 OK 50 kB URL HTTP/2 www.roifxtrader.com/?adformat=interstitial&banner=14993070&os=linux&country=NO&zoneid=4971413&zone_type=%7Bzone_type%7D&cost&campaignid=6131524&clickid=598647182968500224&device=%7Bdevice%7D&browser=firefox&connection_type=%7Bconnection.type%7D&browserversion=%7Bbrowserversion%7D&carrier=%7Bcarrier%7D&countryname=%7Bcountryname%7D&osversion=other®ion=%7Bregion%7D&useragent=%7Buseragent%7D&language=%7Blanguage%7D
IP 172.67.163.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (31980), with CRLF, LF line terminators
Hash f9c52b25699b0d3c8dbb6470b61522d6
9d5dd04e29d0195f729b2e4866939fcc7dcd4bce
fc79fda6e0e7aa7cc3224f4ed8fbc451fc5598c307eff200bb786f2eb085f4b5
GET /?adformat=interstitial&banner=14993070&os=linux&country=NO&zoneid=4971413&zone_type=%7Bzone_type%7D&cost&campaignid=6131524&clickid=598647182968500224&device=%7Bdevice%7D&browser=firefox&connection_type=%7Bconnection.type%7D&browserversion=%7Bbrowserversion%7D&carrier=%7Bcarrier%7D&countryname=%7Bcountryname%7D&osversion=other®ion=%7Bregion%7D&useragent=%7Buseragent%7D&language=%7Blanguage%7D HTTP/1.1
Host: www.roifxtrader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:22:09 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://www.roifxtrader.com/wp-json/>; rel="https://api.w.org/", <https://www.roifxtrader.com/wp-json/wp/v2/pages/6635>; rel="alternate"; type="application/json", <https://www.roifxtrader.com/>; rel=shortlink
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rENqhXtHI2WDwTRWhMyddAIMfUon2q%2FyOxoRxIFt5D%2BiX%2Bq71LNhB3khlO5lXpln9qJWMUkJ%2BEG41VMPfaAwiCKid75JZXC95U9IdUxvtW13FvmDwJxkBBY%2FMe7VlS1KtGhxnuw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75153bae9d181c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.78200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.78:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Tue, 27 Sep 2022 05:35:19 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pzuIxru1GuqBQcS7X7PigLFjnwD3WsSonFBKjkKegFmcmSqL40YCLQ==
age: 35211
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:22:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dozubatan.com/500/4971412?excludes=&oaid=c1e5e63255314d5bb1b211a8c45c6dbc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 12 kB URL HTTP/2 dozubatan.com/500/4971412?excludes=&oaid=c1e5e63255314d5bb1b211a8c45c6dbc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash 63e381ec68ed99b12ca49ed671522966
43fb227cb4ec62ca21db3c826615cff19f9ce91f
e349010452ee9cf86719d0b0ba3fe7f7a84b24665ea89671559b30df417be443
GET /500/4971412?excludes=&oaid=c1e5e63255314d5bb1b211a8c45c6dbc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://dropmb.com
Connection: keep-alive
Referer: https://dropmb.com/
Cookie: OAID=650caff9becd41a7823c54678733ceff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-type: application/javascript
x-trace-id: 3df0309055dd89fe6bd3d612b4f85917
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://dropmb.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c1e5e63255314d5bb1b211a8c45c6dbc; expires=Wed, 27 Sep 2023 15:22:08 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
54.230.111.32200 OK 11 kB URL HTTP/2 s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
IP 54.230.111.32:0
File type ASCII text, with very long lines (3066)
Hash ec810cf189244421fbba88a8fb7661b4
71ddd06a5ea0b748663403dbb2ef53e553b0297c
bb51d1e5236e0daeb078e0df8e945e5a0afc06e83e0ed54281d9af4877f58df0
GET /external-embedding/embed-widget-ticker-tape.js HTTP/1.1
Host: s3.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 10745
date: Tue, 27 Sep 2022 10:11:20 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 27 Sep 2022 10:11:06 GMT
etag: "ec810cf189244421fbba88a8fb7661b4"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eIAR_vFyDVDxOPsaoszJrsGYR6UeGlrd3xYHQZkTyq5ulvXW2kaw6A==
age: 18650
X-Firefox-Spdy: h2
flagicons.lipis.dev/flags/4x3/gb.svg
185.199.110.153200 OK 331 B URL HTTP/2 flagicons.lipis.dev/flags/4x3/gb.svg
IP 185.199.110.153:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash e6143f617b44e68d423bed136fce8949
c7154e49ce9d9e64f4c1daab47373e0c5f92b7ad
b17b64bb7a109117a3492996551dbbab45fd8f44521b00295a6ca7717871d4ad
GET /flags/4x3/gb.svg HTTP/1.1
Host: flagicons.lipis.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: GitHub.com
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Sun, 11 Sep 2022 10:36:31 GMT
access-control-allow-origin: *
etag: W/"631dba2f-217"
expires: Sun, 25 Sep 2022 01:52:37 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 3A74:1967:138144E:1BE579D:632FB20D
accept-ranges: bytes
date: Tue, 27 Sep 2022 15:22:09 GMT
via: 1.1 varnish
age: 190
x-served-by: cache-bma1644-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664292130.780969,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 0f453293581c57e2fc3156ae92f7967364c38395
content-length: 331
X-Firefox-Spdy: h2
flagicons.lipis.dev/flags/4x3/it.svg
185.199.110.153200 OK 208 B URL HTTP/2 flagicons.lipis.dev/flags/4x3/it.svg
IP 185.199.110.153:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash c08a2da07f2c5a52da29268db93d165b
f87a1da0d5fe1524463fb90a7dafd2588bb75043
d012f6255909efae4049381abf5aea7890f8c5f3f9d12cc4a8bb41ce67309997
GET /flags/4x3/it.svg HTTP/1.1
Host: flagicons.lipis.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: GitHub.com
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Sun, 11 Sep 2022 10:36:31 GMT
access-control-allow-origin: *
etag: W/"631dba2f-121"
expires: Tue, 27 Sep 2022 03:37:51 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: A78A:111B:6A732E:6DCA27:63326E03
accept-ranges: bytes
date: Tue, 27 Sep 2022 15:22:09 GMT
via: 1.1 varnish
age: 3
x-served-by: cache-bma1644-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664292130.788123,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: c675258a5de0665cdcca181977ef8b98c95b8f7e
content-length: 208
X-Firefox-Spdy: h2
s3.tradingview.com/external-embedding/embed-widget-market-quotes.js
54.230.111.32304 Not Modified 1.2 kB URL HTTP/2 s3.tradingview.com/external-embedding/embed-widget-market-quotes.js
IP 54.230.111.32:0
Hash 3cd0964c3dc2d7c460a5d4a6a77b0991
7f3acf9be4fb650cfbef397ec6f49c56ade97543
d59767b5a9fc15bdd17a49e533e4a993b9a2baf9e530723a97a565f2c2e9e841
GET /external-embedding/embed-widget-market-quotes.js HTTP/1.1
Host: s3.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 27 Sep 2022 10:11:03 GMT
If-None-Match: "3da96dfe346bd193547af675cb8b60ca"
TE: trailers
HTTP/2 304 Not Modified
date: Tue, 27 Sep 2022 10:11:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 27 Sep 2022 10:11:03 GMT
etag: "3da96dfe346bd193547af675cb8b60ca"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X-CpLZ1P8MBIAYhVmIwPmUZ_-YnnqxEfav8svlWvicryEY8LNdTn-A==
age: 18651
X-Firefox-Spdy: h2
s3.tradingview.com/external-embedding/embed-widget-market-quotes.js
54.230.111.32304 Not Modified 319 B URL HTTP/2 s3.tradingview.com/external-embedding/embed-widget-market-quotes.js
IP 54.230.111.32:0
Hash 4377cf3bc76f3e694aa2e90f8d1e1c95
900b4aeb5ccb109f1d746190c042378aead6aa11
e591e07d7fa47ad40c62d2c453a05b9f4a979956ef7ffc2252d99915fd60b8d0
GET /external-embedding/embed-widget-market-quotes.js HTTP/1.1
Host: s3.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 27 Sep 2022 10:11:03 GMT
If-None-Match: "3da96dfe346bd193547af675cb8b60ca"
TE: trailers
HTTP/2 304 Not Modified
date: Tue, 27 Sep 2022 10:11:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 27 Sep 2022 10:11:03 GMT
etag: "3da96dfe346bd193547af675cb8b60ca"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -VpEQZ5Ia15nS00pf5LJLQ7BrP4AOToMJcqcLY2Ai64PFKZeN9QbSA==
age: 18651
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-1CZCP7MM89
142.250.74.72200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-1CZCP7MM89
IP 142.250.74.72:0
File type ASCII text, with very long lines (20189)
Hash 426037016d762b899930275debb46326
3c302e06557a94752b2c4dd15a292b55554423bf
c93dead4a069c5ce3b93ba14d4d077a42a4ac08455a831d99d53d49d92b8c390
GET /gtag/js?id=G-1CZCP7MM89 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 15:22:09 GMT
expires: Tue, 27 Sep 2022 15:22:09 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75230
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s3.tradingview.com/external-embedding/embed-widget-market-quotes.js
54.230.111.32304 Not Modified 0 B URL HTTP/2 s3.tradingview.com/external-embedding/embed-widget-market-quotes.js
IP 54.230.111.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /external-embedding/embed-widget-market-quotes.js HTTP/1.1
Host: s3.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 27 Sep 2022 10:11:03 GMT
If-None-Match: "3da96dfe346bd193547af675cb8b60ca"
TE: trailers
HTTP/2 304 Not Modified
date: Tue, 27 Sep 2022 10:11:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 27 Sep 2022 10:11:03 GMT
etag: "3da96dfe346bd193547af675cb8b60ca"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gNxM8-EysYFRbNJ1zuIOSaPlKlYEkYNaqYnbTgoRMALVf9iW5xuNNg==
age: 18651
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:22:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
engingrepare.com/d/.js?oref=&ourl=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D4971413%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598647182968500224%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&opt=ROIFX%20Trader%20%E2%80%93%20Trading%20in%20Forex%2C%20Cryptocurrencies%20and%20Stocks&vtm=1664292127624
3.123.187.149400 Bad Request 152 B URL HTTP/2 engingrepare.com/d/.js?oref=&ourl=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D4971413%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598647182968500224%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&opt=ROIFX%20Trader%20%E2%80%93%20Trading%20in%20Forex%2C%20Cryptocurrencies%20and%20Stocks&vtm=1664292127624
IP 3.123.187.149:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash d9bacc468aa23334526933389545e120
e26288b4bada404ce340ca72989f9f1193dc649c
0605685efb44dd3decd77517436c575731b61f807247587de67080c579ffa2d4
GET /d/.js?oref=&ourl=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D4971413%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598647182968500224%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&opt=ROIFX%20Trader%20%E2%80%93%20Trading%20in%20Forex%2C%20Cryptocurrencies%20and%20Stocks&vtm=1664292127624 HTTP/1.1
Host: engingrepare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
server: nginx
date: Tue, 27 Sep 2022 15:22:09 GMT
content-type: text/html
content-length: 152
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
tovanillitechan.com/15?rnd=4022835360&z=4971413&var=&rb=zX2PFjovxb6qaHc22nyCoR5SjVfdieaBcq4E0a6ZMNmc04eS__jPJBT5Fod5jYIviskp90FlsT7Wnd6XWUj-C8j2RsHXR7-wEIWT85xJ5RYzgXhalNWMUVuW5W8G7FGkPvwDgnZuAyOp8zdNjXfD88vqUujLOS5GJ4gZZaDuC0q5srhCgfjcyQkvE6w0cB9rrvGwFxTAl2iygklu_UB8YT9Qc7tsIgSe1-4i23LH7-S8IPgORVz9PT2_1-7_9ZG77QyHAUeFmCO5CBt7BY3Iw6PG_JB4OQ66Ron3J46C-rgvoVR-9NbvvKhzf9-4mmYQUfkBxGRdvbXsUO5xpJ0XuZSj581uTTtbil6_wSbNXnp4mwSkd8pZcrKWdhrV432zoxWFxcLRv1HJ_pM2r4nmiBg4ILuJOwrCu6oOwOf5XXiEJBbQcPaeSiTJl70a5UBcuBQyHY3EG8hy691fMNkk5G5-85uILVWG96DI6MitnR5LDYpX6x8mHvCnPg1HtadCdMSNP5fBgzCiOp1tbGNR8zUYOPpvM2PgqsXU-pmQgxSp_m3XCU5IT7TMK9jejaEOjdxXpZsdvsYYSRi8jy6ax_eH7CIo1B_H5BhPrHU88cCRGlej9CKAg_tklLzCS_LcdZfFFWvvQ-F7E2YaHGy2CGqsbJxfZP4dMoFRfTUK66g_IlkFmVOB7iVSQ9GRK6EbOCw-YfCOdt0=&ruid=44899443-89ef-4cc2-a15c-c060d6c05d2e&subid=598647182968500224&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.22%2C%22location%22%3A%22https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D
139.45.197.239204 No Content 2.4 kB URL HTTP/2 tovanillitechan.com/15?rnd=4022835360&z=4971413&var=&rb=zX2PFjovxb6qaHc22nyCoR5SjVfdieaBcq4E0a6ZMNmc04eS__jPJBT5Fod5jYIviskp90FlsT7Wnd6XWUj-C8j2RsHXR7-wEIWT85xJ5RYzgXhalNWMUVuW5W8G7FGkPvwDgnZuAyOp8zdNjXfD88vqUujLOS5GJ4gZZaDuC0q5srhCgfjcyQkvE6w0cB9rrvGwFxTAl2iygklu_UB8YT9Qc7tsIgSe1-4i23LH7-S8IPgORVz9PT2_1-7_9ZG77QyHAUeFmCO5CBt7BY3Iw6PG_JB4OQ66Ron3J46C-rgvoVR-9NbvvKhzf9-4mmYQUfkBxGRdvbXsUO5xpJ0XuZSj581uTTtbil6_wSbNXnp4mwSkd8pZcrKWdhrV432zoxWFxcLRv1HJ_pM2r4nmiBg4ILuJOwrCu6oOwOf5XXiEJBbQcPaeSiTJl70a5UBcuBQyHY3EG8hy691fMNkk5G5-85uILVWG96DI6MitnR5LDYpX6x8mHvCnPg1HtadCdMSNP5fBgzCiOp1tbGNR8zUYOPpvM2PgqsXU-pmQgxSp_m3XCU5IT7TMK9jejaEOjdxXpZsdvsYYSRi8jy6ax_eH7CIo1B_H5BhPrHU88cCRGlej9CKAg_tklLzCS_LcdZfFFWvvQ-F7E2YaHGy2CGqsbJxfZP4dMoFRfTUK66g_IlkFmVOB7iVSQ9GRK6EbOCw-YfCOdt0=&ruid=44899443-89ef-4cc2-a15c-c060d6c05d2e&subid=598647182968500224&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.22%2C%22location%22%3A%22https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D
IP 139.45.197.239:0
Hash 88bb7b705f237157d3a94841e479ca63
c8bd2620bce8c622823ba9bef664ac436b1c0467
1b5727a6727fa80ba013f2dc86b6bd504dd0f490aa25f478ca91124207f1ff7f
GET /15?rnd=4022835360&z=4971413&var=&rb=zX2PFjovxb6qaHc22nyCoR5SjVfdieaBcq4E0a6ZMNmc04eS__jPJBT5Fod5jYIviskp90FlsT7Wnd6XWUj-C8j2RsHXR7-wEIWT85xJ5RYzgXhalNWMUVuW5W8G7FGkPvwDgnZuAyOp8zdNjXfD88vqUujLOS5GJ4gZZaDuC0q5srhCgfjcyQkvE6w0cB9rrvGwFxTAl2iygklu_UB8YT9Qc7tsIgSe1-4i23LH7-S8IPgORVz9PT2_1-7_9ZG77QyHAUeFmCO5CBt7BY3Iw6PG_JB4OQ66Ron3J46C-rgvoVR-9NbvvKhzf9-4mmYQUfkBxGRdvbXsUO5xpJ0XuZSj581uTTtbil6_wSbNXnp4mwSkd8pZcrKWdhrV432zoxWFxcLRv1HJ_pM2r4nmiBg4ILuJOwrCu6oOwOf5XXiEJBbQcPaeSiTJl70a5UBcuBQyHY3EG8hy691fMNkk5G5-85uILVWG96DI6MitnR5LDYpX6x8mHvCnPg1HtadCdMSNP5fBgzCiOp1tbGNR8zUYOPpvM2PgqsXU-pmQgxSp_m3XCU5IT7TMK9jejaEOjdxXpZsdvsYYSRi8jy6ax_eH7CIo1B_H5BhPrHU88cCRGlej9CKAg_tklLzCS_LcdZfFFWvvQ-F7E2YaHGy2CGqsbJxfZP4dMoFRfTUK66g_IlkFmVOB7iVSQ9GRK6EbOCw-YfCOdt0=&ruid=44899443-89ef-4cc2-a15c-c060d6c05d2e&subid=598647182968500224&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.22%2C%22location%22%3A%22https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dropmb.com
Connection: keep-alive
Referer: https://dropmb.com/
Cookie: scm=1; OAID=c1e5e63255314d5bb1b211a8c45c6dbc; oaidts=1664292128
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 15:22:09 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://dropmb.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 5ebb072d793558bde08564178fa3382b
access-control-expose-headers: X-Sc
set-cookie: OAID=c1e5e63255314d5bb1b211a8c45c6dbc; expires=Wed, 27 Sep 2023 15:22:09 GMT; secure; SameSite=None
oaidts=1664292128; expires=Wed, 27 Sep 2023 15:22:09 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
static.tradingview.com/static/localization/translations/en.f61fd521202094b5.js
54.230.111.84200 OK 92 kB URL HTTP/2 static.tradingview.com/static/localization/translations/en.f61fd521202094b5.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (62534)
Hash ff6810942259c0a56772f2a2230017ad
5817deb6c778a15641b1ea9db6c57d26b0c2a512
597c2a05fe0f2c54461e653c2a9e32ecca7e58d6b2b01865620ec531bd82427f
GET /static/localization/translations/en.f61fd521202094b5.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 91421
date: Mon, 26 Sep 2022 10:27:07 GMT
last-modified: Mon, 26 Sep 2022 08:24:24 GMT
etag: "633161b8-1651d"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DHyKcLxo_9QwFjCvt19i-uXeHhzh1tqjrCpTFkted-uVfFDvyZ3KWA==
age: 104103
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/3086.0d1fcc5f4fdd633672c7.css
54.230.111.84200 OK 275 B URL HTTP/2 static.tradingview.com/static/bundles/embed/3086.0d1fcc5f4fdd633672c7.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (948), with no line terminators
Hash fed499f0b2313d63adf3417b0bae8e27
a8541f56b888a27d47cbd2f298bd0ba024831be9
ea584321e666a290e526cb885982143175d4324dc21947a9c53b58dc60b56f1e
GET /static/bundles/embed/3086.0d1fcc5f4fdd633672c7.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 275
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:37 GMT
etag: "62fdfac9-113"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r6U8gxyRH7jm1WRHGhJXYEJwQOkyCltPgQErdJavb_S2-FIZI7jqRg==
age: 3474244
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/72066.f1aaa4b56bfc5daefd58.css
54.230.111.84200 OK 272 B URL HTTP/2 static.tradingview.com/static/bundles/embed/72066.f1aaa4b56bfc5daefd58.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (1187), with no line terminators
Hash 2c94a40a0cdaab30536f9ff9aac30780
13e3a1701670362dc0356126be21982f8a371247
12b841c633c6498d1604f4d6dc199c8d61b22a45abb7b2d4aacbc364d16c21b6
GET /static/bundles/embed/72066.f1aaa4b56bfc5daefd58.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 272
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:38 GMT
etag: "62fdfaca-110"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Mw7LV8Bo6-4majBAqkk-dtNDDDMhzVbW2Ng-AgutXZoDj0XUiJOKqA==
age: 3474244
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/93419.83330e98cd0f13f52e0f.css
54.230.111.84200 OK 1.3 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/93419.83330e98cd0f13f52e0f.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (9662), with no line terminators
Hash 1590890d2b95e5dd26b6619078fc3716
7f099065b77017303b41d575174d0506404c2422
0f2d89b30ed40c9645acec4a6708531eb2489aff5aca6f0639d92e6de208c97b
GET /static/bundles/embed/93419.83330e98cd0f13f52e0f.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 1254
date: Tue, 06 Sep 2022 10:02:46 GMT
last-modified: Tue, 06 Sep 2022 09:02:07 GMT
etag: "63170c8f-4e6"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GcrHpdFLlvGtYdd0W6UxVE-X5Y-9hlfi_2r3CkparyVbs-mB8LJo8Q==
age: 1833564
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/4704.721cbfb1a5d6784e3109.css
54.230.111.84200 OK 482 B URL HTTP/2 static.tradingview.com/static/bundles/embed/4704.721cbfb1a5d6784e3109.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (2185), with no line terminators
Hash 58cbe331cf45c85a52eb02587adc9fef
13f08c64e54a3f211e26f97b80af35abd49b670b
53adcb676377768d48af24466b08fb38f141ede6a9e84b20d72ed3c209aaf647
GET /static/bundles/embed/4704.721cbfb1a5d6784e3109.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 482
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
etag: "62fdfacb-1e2"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gndRHyWbmwwMw9kBeZqc3pUf593vItZiFKFpqzNJrOKS1LxLzpJTHw==
age: 3474244
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/5735.c773d84ae2dfa00f5f7e.css
54.230.111.84200 OK 458 B URL HTTP/2 static.tradingview.com/static/bundles/embed/5735.c773d84ae2dfa00f5f7e.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (1649), with no line terminators
Hash 7497343e286bffb0f77343a72c52c807
a0b16b6844fec13e7e4f05c5ec1dff354a843128
f775ccacb10b864665283b42df806044d4c07d2b103c4a3d15fc6fa967890a87
GET /static/bundles/embed/5735.c773d84ae2dfa00f5f7e.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 458
date: Tue, 06 Sep 2022 10:02:17 GMT
last-modified: Tue, 06 Sep 2022 09:02:06 GMT
etag: "63170c8e-1ca"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K_oeMSigfqbMd2LU5WxSYlrUk2EB66s8WU5c-2zuzN--yu-qpDvnHg==
age: 1833593
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/9610.4b9f8462aa3659c59d53.css
54.230.111.84200 OK 613 B URL HTTP/2 static.tradingview.com/static/bundles/embed/9610.4b9f8462aa3659c59d53.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (1510), with no line terminators
Hash 2ed39ab10b595276b053cddd1eb97895
681c53e78e44ed13467fecce18ea2601876c4928
0b15d02d18e4d0166410d14ed6b9a4c0dabebc4c6216ff6a449a8d16c2666aea
GET /static/bundles/embed/9610.4b9f8462aa3659c59d53.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 613
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
etag: "62fdfacb-265"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V0fzgCHI-OmD3TuEUz81SP8sger2nIB82NE-uvPh5Ww452uMUuXyXg==
age: 3474244
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/69952.06b0e333ddc07ff1bde0.js
54.230.111.84200 OK 4.1 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/69952.06b0e333ddc07ff1bde0.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (11868)
Hash 82c0166d07dafbc60c0256135ff70c1d
2640a815ffbed854738cf29d2ab876d55f8c60dc
5a880fd727f2a0141993963276994f900261db54dc1e62577c23d0f1dc03192a
GET /static/bundles/embed/69952.06b0e333ddc07ff1bde0.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 4128
date: Wed, 21 Sep 2022 10:20:06 GMT
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
etag: "632ace12-1020"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xImZ7LdOb4l9oO_y9retXsUQHd7v8vqma9uIhOC2XJ_aK7_gcq4KqA==
age: 536523
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/59349.06c5af95e99eb360e0d3.js
54.230.111.84200 OK 4.5 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/59349.06c5af95e99eb360e0d3.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (3036)
Hash 222668586f47e46b73c5c28e18e2f785
9613ae8405a964b43dfa22e4bd8ffb835981970a
7cadd0fb593df958580a40f6e191e5b5b007a50a731ed48f384605748f01d53a
GET /static/bundles/embed/59349.06c5af95e99eb360e0d3.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 4541
date: Wed, 07 Sep 2022 10:11:06 GMT
last-modified: Wed, 07 Sep 2022 08:33:52 GMT
etag: "63185770-11bd"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6AJed1L6OSlpgq6RsJWyZgb80Jy_JftcMTqEHu-hojA3vqDBlTRMeg==
age: 1746664
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/95170.8c229ea611144b3d939d.js
54.230.111.84200 OK 9.5 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/95170.8c229ea611144b3d939d.js
IP 54.230.111.84:0
Hash 8c170de320ebb7c6f900257cbf738b43
0821e30fccf461fdb72ad175f98d282717dfd8ed
d475074b9099fa4d156c8ef37a1e054f2c129554cd1086d4630471660ab1b0f8
GET /static/bundles/embed/95170.8c229ea611144b3d939d.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 8938
date: Sat, 30 Jul 2022 06:28:07 GMT
last-modified: Fri, 29 Jul 2022 13:14:57 GMT
etag: "62e3dd51-22ea"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kgCz52L5klIbLEvyBz-Afa0DVXPVJYdboh0GGzCweGq5tDmXMiGsMA==
age: 5129643
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/6373.cbf79a416472d97ee266.js
54.230.111.84200 OK 8.9 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/6373.cbf79a416472d97ee266.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (3071)
Hash 2bb2f6ec14e1b7033a1efb7bfd636f22
36218963433e51d8c95ecf68abdbf37fff1c7b24
71ea00c5c9d3ce9cbe2faede0ca2dfef8c741de04257d8a9b2ab1c14518621e6
GET /static/bundles/embed/6373.cbf79a416472d97ee266.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 8861
date: Wed, 21 Sep 2022 10:20:06 GMT
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
etag: "632ace12-229d"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VkXAizDEdsmZeJj41bY0H8qoSpUKXwUBJijpOyL7xly8Xph91sNxMg==
age: 536523
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/72369.9291747e1fab1074d523.js
54.230.111.84200 OK 39 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/72369.9291747e1fab1074d523.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (64385), with CRLF line terminators
Hash b72c40cca01c035bed0286890c772cd9
a7865640406acce651ece577daca98800dbbc78e
27b48d1dfd5de7e098a41cdfd885d97514a029934d1cb5180d31ab6780be3b88
GET /static/bundles/embed/72369.9291747e1fab1074d523.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 33014
date: Tue, 30 Aug 2022 10:48:07 GMT
last-modified: Tue, 30 Aug 2022 10:04:53 GMT
etag: "630de0c5-80f6"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qIXsYZNtxd-udYXML-O20RJ_GBJRo1yr4mRSG6Yrnr5y_zRnrryWhQ==
age: 2435643
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/61165.669f518fb3ca12a08781.js
54.230.111.84200 OK 9.6 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/61165.669f518fb3ca12a08781.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (3071)
Hash 5d9570cd52c8c73b9e1a2e9865429c3e
eb47e79aebf1eb741a9018b31d22c7c10de0e7fd
4729a1722a0cc609a32e59ee76174287c4711b72cde258d0441014f43991b4ee
GET /static/bundles/embed/61165.669f518fb3ca12a08781.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 9641
date: Tue, 30 Aug 2022 10:48:07 GMT
last-modified: Tue, 30 Aug 2022 10:04:54 GMT
etag: "630de0c6-25a9"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8q7M5nebpdb1jzgil2h1g0f5FvB7ugNw8wa7VMCzXuhV6SZnZrEF0Q==
age: 2435643
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/21629.59ea3f34e1413a77f290.js
54.230.111.84200 OK 11 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/21629.59ea3f34e1413a77f290.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (15650)
Hash b3a404cb516ade1695c0705696d97ad1
e63067338645699570f486a7a13f126f16944156
30eddd13db49b8c00d8e64e7bb79266f0ff8b1f76e7699842e60a05ed317fdb4
GET /static/bundles/embed/21629.59ea3f34e1413a77f290.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 11131
date: Thu, 15 Sep 2022 10:58:07 GMT
last-modified: Thu, 15 Sep 2022 08:58:09 GMT
etag: "6322e921-2b7b"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nVcvB99_DfMjYGAC_8tWKOTik6F8Q_JbczFZdkzlOUXxB9cLMmllMQ==
age: 1052643
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/49859.57ed1f0e14de0ce7dcbb.css
54.230.111.84200 OK 275 B URL HTTP/2 static.tradingview.com/static/bundles/embed/49859.57ed1f0e14de0ce7dcbb.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (868), with no line terminators
Hash baa8242f859530e38f8b32a9c0615593
c883ab6d475cbd4fea077661f25bbca065950a08
c7b10129b6beba6afdd65d4b6079e7952447d0a79c094ee6a850c7a583fb7406
GET /static/bundles/embed/49859.57ed1f0e14de0ce7dcbb.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 275
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
etag: "62fdfacb-113"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 72Tb0Z02apFsOY6y7n3LJphUkBHVnAMCHg6g3RpN_2kc7yZM97EsOw==
age: 3474244
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/22641.c7183a76dc0599de9f42.css
54.230.111.84200 OK 566 B URL HTTP/2 static.tradingview.com/static/bundles/embed/22641.c7183a76dc0599de9f42.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (3872), with no line terminators
Hash 6e6b52d09836b19a082054796f9fbadf
47f855654aca16bb3d22b0a261028c07bfbf3ac1
b66836dc4dcb259fd7f709598dc05417bc69fe1c7f6382e3be864e124f711186
GET /static/bundles/embed/22641.c7183a76dc0599de9f42.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 566
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
etag: "62fdfacb-236"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AMVZsL1Qh5sx8DvCshlamGthhbZwNxd42mou15KRRq88QrOXLWCIxQ==
age: 3474244
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/runtime.55d8483e42e5d6ab1a14.js
54.230.111.84200 OK 21 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/runtime.55d8483e42e5d6ab1a14.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (3068)
Hash bab5f0aedda3fe5131ba839215bc3920
8fa9ad34bd3ad302d8e1ee7ef82af47e8201c7e3
8b0991464a7082fb25dbc7c97529a3a0b391e1fc9b209390e2615793bca6b790
GET /static/bundles/embed/runtime.55d8483e42e5d6ab1a14.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 20735
date: Tue, 27 Sep 2022 10:13:06 GMT
last-modified: Tue, 27 Sep 2022 08:34:04 GMT
etag: "6332b57c-50ff"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BrxG5UcG5u3yX9dCVMnXrrjc1s6iawJI2gILI8OP9MeX91ImveLgJQ==
age: 18544
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/41848.a819f80182db62e2c3b6.css
54.230.111.84200 OK 1.1 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/41848.a819f80182db62e2c3b6.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (6539), with no line terminators
Hash 314a88cb707c312d3d20310eb6e16b27
06a733bacfaa9706a6b3fff13a8aa9325f464ca9
92824d9ce9a58e064ff1b14673fc316221dea9f55122b027e58ea4470e9b3233
GET /static/bundles/embed/41848.a819f80182db62e2c3b6.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 1102
date: Tue, 06 Sep 2022 10:02:30 GMT
last-modified: Tue, 06 Sep 2022 09:02:09 GMT
etag: "63170c91-44e"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9aVIy1RkFmoM4e4m4NWyvFFQjNdH3cPPh3kVEWbDyTYNO1P2DNHcBw==
age: 1833579
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/9594.68f7335652cbfdf7e67c.js
54.230.111.84200 OK 7.2 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/9594.68f7335652cbfdf7e67c.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (5750)
Hash 6d25a025eb6edd164ef789ea89e7c814
d9df16238f5e4ef4619b5eeb2f391af629df9ce2
a6aeb8f1eec4623d7f42086e7f76a241b24a43d044c377a0663dff3b23ba2fc6
GET /static/bundles/embed/9594.68f7335652cbfdf7e67c.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 7197
date: Wed, 21 Sep 2022 10:20:26 GMT
last-modified: Wed, 21 Sep 2022 08:40:49 GMT
etag: "632ace11-1c1d"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BF6jhFF2xxVQC_TIGfZxt-vrjF_78qqIttEyOjZfqsO3YxvHfMzoKw==
age: 536504
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/97029.aec87eec8d0ca240b268.css
54.230.111.84200 OK 1.1 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/97029.aec87eec8d0ca240b268.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (6181), with no line terminators
Hash 36c5de656ee5ac6c3687030dae4ac897
c4cdf0cf6f8996a6bb2bb3d275c19113ed350953
e3a85219b604b7535c69f1ae7ef8d9d4df795997954b6174ef8344d1ec0023c7
GET /static/bundles/embed/97029.aec87eec8d0ca240b268.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 1080
date: Thu, 18 Aug 2022 10:18:24 GMT
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
etag: "62fdfacb-438"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HnKYlmfXMaWyqGWF6Rhs6ChRy4EcKGE3w36GdoKBSJWPb-9NkfX9eQ==
age: 3474226
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/embed_market_quotes_widget.075f77fa1afd167026d2.js
54.230.111.84200 OK 12 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/embed_market_quotes_widget.075f77fa1afd167026d2.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (15650)
Hash 80b4d79fd5b0d5b2227c5e37244d6e1b
13cb4488a6aab85b9ccfa5a3e35c408bd6911eca
a11c6f63b551ddcaf446d1ddb38f7d496afcfe9d98d91b44cb9a878c471bc6e0
GET /static/bundles/embed/embed_market_quotes_widget.075f77fa1afd167026d2.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 12044
date: Wed, 21 Sep 2022 10:20:26 GMT
last-modified: Wed, 21 Sep 2022 08:40:49 GMT
etag: "632ace11-2f0c"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YF3GganHlesMGMvAQAzZY54ylXcC9Kl7bMzqUTAlaA7OxM2kUxcJ5A==
age: 536504
X-Firefox-Spdy: h2
widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fticker-tape%2F&date=2022_09_27-11_30
213.156.140.161101 Switching Protocols 0 B URL HTTP/1.1 widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fticker-tape%2F&date=2022_09_27-11_30
IP 213.156.140.161:0
ASN #199524 G-Core Labs S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/websocket?from=embed-widget%2Fticker-tape%2F&date=2022_09_27-11_30 HTTP/1.1
Host: widgetdata.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: h9SFvVyngvL8N9jLffygXA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 27 Sep 2022 15:22:11 GMT
Connection: upgrade
sec-websocket-accept: LsQeRMBJ9dMwEiPJUHgZu2RyHq0=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv
static.tradingview.com/static/bundles/embed/28903.415109541489380d12f6.css
54.230.111.84200 OK 219 B URL HTTP/2 static.tradingview.com/static/bundles/embed/28903.415109541489380d12f6.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (801), with no line terminators
Hash 97f7a20e8f5b5aab89e7323c3f952f93
0a86a43d70147185f1f356ac3061d461f498a0af
51e40ba29ca9c9b7f89f255331a616a93beb9fb033c029e058a6a45483c0209c
GET /static/bundles/embed/28903.415109541489380d12f6.css HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 219
date: Tue, 06 Sep 2022 10:02:46 GMT
last-modified: Tue, 06 Sep 2022 09:02:06 GMT
etag: "63170c8e-db"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 44EXPWGDPP50na4UbzmRNyTJSxA31pas7X-ekHkrWwlvyN31xO6bMA==
age: 1833565
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.8fddca2ccd8456d34a10.js
54.230.111.84200 OK 2.1 kB URL HTTP/2 static.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.8fddca2ccd8456d34a10.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (3332)
Hash e6796590284ab6cfb534e922a2ebca47
a18fcd51aab7f7a2510583126f25f33f94bf1626
fa3c19b48ad254a9cd1bc6753b098c4db439979efae0b12705e89087a1541da9
GET /static/bundles/embed/tradingview-copyright-data-impl.8fddca2ccd8456d34a10.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 2082
date: Tue, 06 Sep 2022 10:03:06 GMT
last-modified: Tue, 06 Sep 2022 09:02:07 GMT
etag: "63170c8f-822"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QNMb5eF6_hGPaKPQD1iCvBr7uPfxfIWd_k6HE2fmJsOTS9s5Bn8XlQ==
age: 1833545
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2
widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30
213.156.140.161101 Switching Protocols 0 B URL HTTP/1.1 widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30
IP 213.156.140.161:0
ASN #199524 G-Core Labs S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30 HTTP/1.1
Host: widgetdata.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NTqtj7nkDzJYYRwDapzFuQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 27 Sep 2022 15:22:11 GMT
Connection: upgrade
sec-websocket-accept: 3d507mPiTSh8rhfTPBzMvNCIS5s=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv
widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=62bc0c115fe9507ba430b5ef
143.204.55.78200 OK 2.0 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=62bc0c115fe9507ba430b5ef
IP 143.204.55.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6390)
Hash 31a9b5fa35e99cbb958f8facd1967e11
5885c836b1be01370bed43fbb96278e2fc0e40f9
b2a7e35547d699bc046c22f88eadb882a55c67e89408cc7a61cdc0c443384fa4
GET /trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=62bc0c115fe9507ba430b5ef HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 2028
date: Tue, 27 Sep 2022 03:52:51 GMT
last-modified: Tue, 16 Aug 2022 12:42:13 GMT
etag: "31a9b5fa35e99cbb958f8facd1967e11"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: C-217J6fl8NNGHgs7iY9cxrRLgyHtSRytjl7lje8QiR9KC9nHe1hGw==
age: 41361
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js
143.204.55.78200 OK 18 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js
IP 143.204.55.78:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (58329)
Hash a935a0a0daf8a792b6f622a79037eb14
ce630181500fec9f5805e83f6a8ff08bf94d915f
3a4186a7ce71e0e3c50edade71422496a78db2317f107e953c5aa6dee8f683c7
GET /trustboxes/5419b6a8b0d04a076446a9ad/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=62bc0c115fe9507ba430b5ef
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 17866
last-modified: Tue, 16 Aug 2022 12:42:15 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Tue, 27 Sep 2022 01:46:22 GMT
cache-control: max-age=86400
etag: "a935a0a0daf8a792b6f622a79037eb14"
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DlqcSnR3jR4otJH8q72fAgktlQww_jDq1fl3RN5gjJXxajm3KpUz2A==
age: 48956
X-Firefox-Spdy: h2
tovanillitechan.com/15?rnd=4022835360&z=4971413&var=&rb=zX2PFjovxb6qaHc22nyCoR5SjVfdieaBcq4E0a6ZMNmc04eS__jPJBT5Fod5jYIviskp90FlsT7Wnd6XWUj-C8j2RsHXR7-wEIWT85xJ5RYzgXhalNWMUVuW5W8G7FGkPvwDgnZuAyOp8zdNjXfD88vqUujLOS5GJ4gZZaDuC0q5srhCgfjcyQkvE6w0cB9rrvGwFxTAl2iygklu_UB8YT9Qc7tsIgSe1-4i23LH7-S8IPgORVz9PT2_1-7_9ZG77QyHAUeFmCO5CBt7BY3Iw6PG_JB4OQ66Ron3J46C-rgvoVR-9NbvvKhzf9-4mmYQUfkBxGRdvbXsUO5xpJ0XuZSj581uTTtbil6_wSbNXnp4mwSkd8pZcrKWdhrV432zoxWFxcLRv1HJ_pM2r4nmiBg4ILuJOwrCu6oOwOf5XXiEJBbQcPaeSiTJl70a5UBcuBQyHY3EG8hy691fMNkk5G5-85uILVWG96DI6MitnR5LDYpX6x8mHvCnPg1HtadCdMSNP5fBgzCiOp1tbGNR8zUYOPpvM2PgqsXU-pmQgxSp_m3XCU5IT7TMK9jejaEOjdxXpZsdvsYYSRi8jy6ax_eH7CIo1B_H5BhPrHU88cCRGlej9CKAg_tklLzCS_LcdZfFFWvvQ-F7E2YaHGy2CGqsbJxfZP4dMoFRfTUK66g_IlkFmVOB7iVSQ9GRK6EbOCw-YfCOdt0=&ruid=44899443-89ef-4cc2-a15c-c060d6c05d2e&subid=598647182968500224&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A3.276%2C%22location%22%3A%22https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D
139.45.197.239204 No Content 0 B URL HTTP/2 tovanillitechan.com/15?rnd=4022835360&z=4971413&var=&rb=zX2PFjovxb6qaHc22nyCoR5SjVfdieaBcq4E0a6ZMNmc04eS__jPJBT5Fod5jYIviskp90FlsT7Wnd6XWUj-C8j2RsHXR7-wEIWT85xJ5RYzgXhalNWMUVuW5W8G7FGkPvwDgnZuAyOp8zdNjXfD88vqUujLOS5GJ4gZZaDuC0q5srhCgfjcyQkvE6w0cB9rrvGwFxTAl2iygklu_UB8YT9Qc7tsIgSe1-4i23LH7-S8IPgORVz9PT2_1-7_9ZG77QyHAUeFmCO5CBt7BY3Iw6PG_JB4OQ66Ron3J46C-rgvoVR-9NbvvKhzf9-4mmYQUfkBxGRdvbXsUO5xpJ0XuZSj581uTTtbil6_wSbNXnp4mwSkd8pZcrKWdhrV432zoxWFxcLRv1HJ_pM2r4nmiBg4ILuJOwrCu6oOwOf5XXiEJBbQcPaeSiTJl70a5UBcuBQyHY3EG8hy691fMNkk5G5-85uILVWG96DI6MitnR5LDYpX6x8mHvCnPg1HtadCdMSNP5fBgzCiOp1tbGNR8zUYOPpvM2PgqsXU-pmQgxSp_m3XCU5IT7TMK9jejaEOjdxXpZsdvsYYSRi8jy6ax_eH7CIo1B_H5BhPrHU88cCRGlej9CKAg_tklLzCS_LcdZfFFWvvQ-F7E2YaHGy2CGqsbJxfZP4dMoFRfTUK66g_IlkFmVOB7iVSQ9GRK6EbOCw-YfCOdt0=&ruid=44899443-89ef-4cc2-a15c-c060d6c05d2e&subid=598647182968500224&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A3.276%2C%22location%22%3A%22https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /15?rnd=4022835360&z=4971413&var=&rb=zX2PFjovxb6qaHc22nyCoR5SjVfdieaBcq4E0a6ZMNmc04eS__jPJBT5Fod5jYIviskp90FlsT7Wnd6XWUj-C8j2RsHXR7-wEIWT85xJ5RYzgXhalNWMUVuW5W8G7FGkPvwDgnZuAyOp8zdNjXfD88vqUujLOS5GJ4gZZaDuC0q5srhCgfjcyQkvE6w0cB9rrvGwFxTAl2iygklu_UB8YT9Qc7tsIgSe1-4i23LH7-S8IPgORVz9PT2_1-7_9ZG77QyHAUeFmCO5CBt7BY3Iw6PG_JB4OQ66Ron3J46C-rgvoVR-9NbvvKhzf9-4mmYQUfkBxGRdvbXsUO5xpJ0XuZSj581uTTtbil6_wSbNXnp4mwSkd8pZcrKWdhrV432zoxWFxcLRv1HJ_pM2r4nmiBg4ILuJOwrCu6oOwOf5XXiEJBbQcPaeSiTJl70a5UBcuBQyHY3EG8hy691fMNkk5G5-85uILVWG96DI6MitnR5LDYpX6x8mHvCnPg1HtadCdMSNP5fBgzCiOp1tbGNR8zUYOPpvM2PgqsXU-pmQgxSp_m3XCU5IT7TMK9jejaEOjdxXpZsdvsYYSRi8jy6ax_eH7CIo1B_H5BhPrHU88cCRGlej9CKAg_tklLzCS_LcdZfFFWvvQ-F7E2YaHGy2CGqsbJxfZP4dMoFRfTUK66g_IlkFmVOB7iVSQ9GRK6EbOCw-YfCOdt0=&ruid=44899443-89ef-4cc2-a15c-c060d6c05d2e&subid=598647182968500224&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A3.276%2C%22location%22%3A%22https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dropmb.com
Connection: keep-alive
Referer: https://dropmb.com/
Cookie: scm=1; OAID=c1e5e63255314d5bb1b211a8c45c6dbc; oaidts=1664292128
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 15:22:11 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://dropmb.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: e1b13deb559b4f3507d5ba837ef952d9
access-control-expose-headers: X-Sc
set-cookie: OAID=c1e5e63255314d5bb1b211a8c45c6dbc; expires=Wed, 27 Sep 2023 15:22:11 GMT; secure; SameSite=None
oaidts=1664292128; expires=Wed, 27 Sep 2023 15:22:11 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.tradingview.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 14:41:09 GMT
expires: Tue, 27 Sep 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 2463
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-main.js
172.67.38.66200 OK 10 kB URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-main.js
IP 172.67.38.66:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash d885c414b9514dddf7439864aab50e9f
fda3257848af104e8d995c1f58c3776ace2dede7
3011503cfb50e7c4bbbe45e12a5159a2d9055dde82ffe7ba202de25cc27ce5a6
GET /_s/v4/app/63258f417d7/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:22:12 GMT
content-type: application/javascript
age: 166062
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75153bc129b90b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=light&minReviewCount=10&withoutReviewsPreferredStringId=1&url=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D4971413%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598647182968500224%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=62bc0c115fe9507ba430b5ef&widgetId=5419b6a8b0d04a076446a9ad
143.204.55.78204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=light&minReviewCount=10&withoutReviewsPreferredStringId=1&url=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D4971413%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598647182968500224%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=62bc0c115fe9507ba430b5ef&widgetId=5419b6a8b0d04a076446a9ad
IP 143.204.55.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=light&minReviewCount=10&withoutReviewsPreferredStringId=1&url=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D4971413%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598647182968500224%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=62bc0c115fe9507ba430b5ef&widgetId=5419b6a8b0d04a076446a9ad HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=62bc0c115fe9507ba430b5ef
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Tue, 27 Sep 2022 15:22:11 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: R1J_uMjbBaDxy-5Cmm-OA3V4CnadPY5-35kUjpCc4u5cblJiMWYv0g==
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=light&minReviewCount=10&withoutReviewsPreferredStringId=1&url=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D4971413%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598647182968500224%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=62bc0c115fe9507ba430b5ef&widgetId=5419b6a8b0d04a076446a9ad
143.204.55.78204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=light&minReviewCount=10&withoutReviewsPreferredStringId=1&url=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D4971413%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598647182968500224%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=62bc0c115fe9507ba430b5ef&widgetId=5419b6a8b0d04a076446a9ad
IP 143.204.55.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxView?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=light&minReviewCount=10&withoutReviewsPreferredStringId=1&url=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D4971413%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598647182968500224%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=62bc0c115fe9507ba430b5ef&widgetId=5419b6a8b0d04a076446a9ad HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=62bc0c115fe9507ba430b5ef
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Tue, 27 Sep 2022 15:22:11 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZAv2CzqKvx5JLGA0yJNQpTKljTUqW8hc_vBoCRqIfy1T_vfdyVEQew==
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-app.js
172.67.38.66200 OK 153 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-app.js
IP 172.67.38.66:0
File type ASCII text, with no line terminators
Hash cda4e714f8789fa77ecd04bc1c74351d
612b96465f7302468f781cedcf48fd2bc0658c62
f9bc5790fb0521158f9e80a459e7cb3dbd64f3ac0e8a170611e44ce8250e5668
GET /_s/v4/app/63258f417d7/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:22:12 GMT
content-type: application/javascript
age: 166062
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75153bc139d00b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/country/AU.svg
143.204.55.35200 OK 937 B URL HTTP/2 s3-symbol-logo.tradingview.com/country/AU.svg
IP 143.204.55.35:0
File type exported SGML document, ASCII text, with very long lines (937), with no line terminators
Hash ffaa89557725b51eb58753956db0a148
af4c43200c5a85ad2d525412bf83e55e90138bd3
27c815d48181359be416f858593d35e363b546bf3f237e0458cccf01fefbdf30
GET /country/AU.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 937
last-modified: Wed, 08 Sep 2021 09:02:00 GMT
x-amz-meta-hash: ffaa89557725b51eb58753956db0a148
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 15:04:49 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "ffaa89557725b51eb58753956db0a148"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: S9ET4Ki3mDSK2oYlR7dsqrPZff9q0P20rx5kttvjW9YkBvLOGBNEzA==
age: 1058
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/country/CH.svg
143.204.55.35200 OK 236 B URL HTTP/2 s3-symbol-logo.tradingview.com/country/CH.svg
IP 143.204.55.35:0
File type exported SGML document, ASCII text, with no line terminators
Hash 2390cb6eb08128c8300b6a29c41f2842
de96debc38e1b541ef81692120f1099d1f1e9d20
3b66ebe14df724fa1f4efc29bf7b8658975e89be92202238d75fad8badc68d36
GET /country/CH.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 236
last-modified: Wed, 08 Sep 2021 09:01:10 GMT
x-amz-meta-hash: 2390cb6eb08128c8300b6a29c41f2842
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 15:10:48 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "2390cb6eb08128c8300b6a29c41f2842"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zuM0ZErU7BndlzBUtj1UU5lE0T92TnFnNKF3iqc_HpFQt9Py-Vkhfg==
age: 686
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/country/JP.svg
143.204.55.35200 OK 215 B URL HTTP/2 s3-symbol-logo.tradingview.com/country/JP.svg
IP 143.204.55.35:0
File type exported SGML document, ASCII text, with no line terminators
Hash dd1bc2f51b952d5c3421a69d6febe6ce
b501eef8705cc2c8e9d8b9a9ce431d70e1ef0f71
147aa1297638071607ef5cf0d722c1953c6716e61ef32f58e3fb7fd132ce84ee
GET /country/JP.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 215
last-modified: Wed, 08 Sep 2021 09:00:59 GMT
x-amz-meta-hash: dd1bc2f51b952d5c3421a69d6febe6ce
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:43:39 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "dd1bc2f51b952d5c3421a69d6febe6ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: v0mUkb3CqQFYmqHnsWN6EYJ4OP8fM5-0C4An3TNiOa445RjZ4NBfEQ==
age: 2322
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
143.204.55.35200 OK 523 B URL HTTP/2 s3-symbol-logo.tradingview.com/crypto/XTVCETH.svg
IP 143.204.55.35:0
File type exported SGML document, ASCII text, with very long lines (523), with no line terminators
Hash 4542d4ecd73f04c73affa787a4522596
6e7129a5417dac4d4547b375e8b23d5a7dc5b714
955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774
GET /crypto/XTVCETH.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 523
last-modified: Wed, 08 Sep 2021 09:05:18 GMT
x-amz-meta-hash: 4542d4ecd73f04c73affa787a4522596
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:37:04 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "4542d4ecd73f04c73affa787a4522596"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nm-3ay8OAsT5eUXngbdBT9SlEbpu-B9zV0g94OPFq9Aje7Ul7G5Yug==
age: 2715
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-vendor.js
172.67.38.66200 OK 28 kB URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-vendor.js
IP 172.67.38.66:0
File type ASCII text, with very long lines (65472)
Hash 6e4f116d059e48434648a00917de674f
c92cb5699884b9821bcb42d719e993c580ae8ae0
e37cc5f4c92f19600097e41769d916e152be6cecd88c0fc1356af45c9dc61768
GET /_s/v4/app/63258f417d7/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:22:12 GMT
content-type: application/javascript
age: 166062
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75153bc139c80b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
172.67.38.66200 OK 14 kB URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
IP 172.67.38.66:0
File type ASCII text, with very long lines (2306), with no line terminators
Hash 5b2774e8ba5904c305d5edd034492c78
b643dea022f667b3872b7be2ed8a79b21abb2f1e
88dfcbedc331df1b21b3accb02bf23c21015688d66c9f26a8a3035fb037ab875
GET /_s/v4/app/63258f417d7/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:22:12 GMT
content-type: application/javascript
age: 166062
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"31ca85b2b61bb42db4e40c2e9429f7dc"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75153bc139cf0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/country/EU.svg
143.204.55.35200 OK 870 B URL HTTP/2 s3-symbol-logo.tradingview.com/country/EU.svg
IP 143.204.55.35:0
File type exported SGML document, ASCII text, with very long lines (870), with no line terminators
Hash e9173ef4613c3da43c45885ea39c4b96
218b28ec16584e3f2326b778d3cca1d5c6a682d1
b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03
GET /country/EU.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 870
last-modified: Wed, 08 Sep 2021 09:01:40 GMT
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:46:55 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "e9173ef4613c3da43c45885ea39c4b96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _d6IM0drZMJRepWLmkVefWSm8fmfvsjBtw62CfD7ey04ZZ7iGjoHtw==
age: 2118
X-Firefox-Spdy: h2
widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30
213.156.140.161101 Switching Protocols 0 B URL HTTP/1.1 widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30
IP 213.156.140.161:0
ASN #199524 G-Core Labs S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30 HTTP/1.1
Host: widgetdata.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: r+Fw9hUNkhYJXTYBZ8FSvg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 27 Sep 2022 15:22:12 GMT
Connection: upgrade
sec-websocket-accept: Ve4E1uefbtnG5HDJaFJ0dF7/VRU=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv
s3-symbol-logo.tradingview.com/country/GB.svg
143.204.55.35200 OK 468 B URL HTTP/2 s3-symbol-logo.tradingview.com/country/GB.svg
IP 143.204.55.35:0
File type exported SGML document, ASCII text, with very long lines (468), with no line terminators
Hash 09bfac5408302ee8c52fa2ed008c4f13
ec2b53eba8ec1a31fc6745cd9c4fc09518db1c2f
b3e463d925abc879f5b76428144c0da44bc02fae2188f71bc9e7aa7ab6f46037
GET /country/GB.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 468
last-modified: Wed, 08 Sep 2021 09:01:59 GMT
x-amz-meta-hash: 09bfac5408302ee8c52fa2ed008c4f13
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:44:47 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "09bfac5408302ee8c52fa2ed008c4f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fGrEw701wC4ZnEVu1qZRM5e7j3rjNLhc8cnPxxswvxK1HT8rp00WYg==
age: 2261
X-Firefox-Spdy: h2
va.tawk.to/v1/widget-settings?propertyId=6281b6ff7b967b11798f7d77&widgetId=1g35b5lj0&sv=undefined
172.67.38.66200 OK 5.7 kB URL HTTP/2 va.tawk.to/v1/widget-settings?propertyId=6281b6ff7b967b11798f7d77&widgetId=1g35b5lj0&sv=undefined
IP 172.67.38.66:0
File type Unicode text, UTF-8 text, with very long lines (3729), with no line terminators
Hash 8311c6f4223afade2022cf01749d9827
531ba39bcb71b43de4522dbdfcbbba55c5301e72
48b97094842519b7d145294b00cdf8de38474feef5d64b6a5f04dce826c0704a
GET /v1/widget-settings?propertyId=6281b6ff7b967b11798f7d77&widgetId=1g35b5lj0&sv=undefined HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.roifxtrader.com/
Origin: https://www.roifxtrader.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:22:12 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-q413
access-control-allow-origin: *
access-control-allow-methods: GET,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
cache-control: public, max-age=7200, s-maxage=1800
etag: W/"2-57-0"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 231
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75153bc2ab060b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/indices/s-and-p-500.svg
143.204.55.35200 OK 970 B URL HTTP/2 s3-symbol-logo.tradingview.com/indices/s-and-p-500.svg
IP 143.204.55.35:0
Hash 89d1ffc9f3e19973594189b04ef9c025
7461914c92a4433a81470449ac4ae0b4d126db54
fb802ee5f17597d2e6bc47237e665d11b237cb7f568e9e1365cdf766e819b788
GET /indices/s-and-p-500.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 26 May 2022 07:17:22 GMT
x-amz-meta-hash: f120e635d6a57528861fe87233bc6c11
server: AmazonS3
content-encoding: gzip
date: Tue, 27 Sep 2022 15:12:46 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: W/"f120e635d6a57528861fe87233bc6c11"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jcjCDyQwNtl6APl9-TlnLeri1upAujrWwr_Ynxdf62-SvPpbZSbnLQ==
age: 583
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/microsoft.svg
143.204.55.35200 OK 304 B URL HTTP/2 s3-symbol-logo.tradingview.com/microsoft.svg
IP 143.204.55.35:0
File type exported SGML document, ASCII text, with very long lines (304), with no line terminators
Hash 074d127e2f9fd8c2e79c01a5f002979c
a180afde05902cdc100a83180fa387201f992401
6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85
GET /microsoft.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 304
last-modified: Wed, 08 Sep 2021 09:00:12 GMT
x-amz-meta-hash: 074d127e2f9fd8c2e79c01a5f002979c
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:58:01 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "074d127e2f9fd8c2e79c01a5f002979c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W8JmdvimKZesT4TRblgbHXBCtYEmtltNfgVqC0oPjPqb9GEgwuMPCQ==
age: 1457
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/meta-platforms.svg
143.204.55.35200 OK 786 B URL HTTP/2 s3-symbol-logo.tradingview.com/meta-platforms.svg
IP 143.204.55.35:0
File type exported SGML document, ASCII text, with very long lines (786), with no line terminators
Hash cafd1d7d717ad67e5dbe45b88fa3d47b
0e858c59cd7a560d09b0792bf34621446fc4cf4b
293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643
GET /meta-platforms.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 786
last-modified: Fri, 05 Nov 2021 11:07:13 GMT
x-amz-meta-hash: cafd1d7d717ad67e5dbe45b88fa3d47b
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:46:29 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "cafd1d7d717ad67e5dbe45b88fa3d47b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BjKhEtjpSCfdKWz7dn3gddQ--B3_wUNJj5OGOA03SGvw_jPttQiQKg==
age: 2159
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/spdr-sandp500-etf-tr.svg
143.204.55.35200 OK 548 B URL HTTP/2 s3-symbol-logo.tradingview.com/spdr-sandp500-etf-tr.svg
IP 143.204.55.35:0
File type exported SGML document, ASCII text, with very long lines (548), with no line terminators
Hash 739b8a1d4950ef3e563a4527ba38d111
5bb4b592092552384154d47e64a8c65216969b7b
cad088efc0978bf886800020a056e4eb07359385addebd54ad4422991689b844
GET /spdr-sandp500-etf-tr.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 548
last-modified: Wed, 15 Jun 2022 10:23:36 GMT
x-amz-meta-hash: 739b8a1d4950ef3e563a4527ba38d111
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:23:51 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "739b8a1d4950ef3e563a4527ba38d111"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wDJDwHu83yce0UZCWFuQxQ8_18HEpLsORyZzFaWqJ82ZBj4nBf88IA==
age: 3503
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/netflix.svg
143.204.55.35200 OK 453 B URL HTTP/2 s3-symbol-logo.tradingview.com/netflix.svg
IP 143.204.55.35:0
File type exported SGML document, ASCII text, with very long lines (453), with no line terminators
Hash 088f20cd1f479350f02d9aada3709050
114bd591e902fc05d93e966453b74b252b88dd58
c5f5b9304726376ee2b8f6b47ad85c5c7509c14e10fca4c4b1ebda33e76983e6
GET /netflix.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 453
last-modified: Wed, 08 Sep 2021 08:53:57 GMT
x-amz-meta-hash: 088f20cd1f479350f02d9aada3709050
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:52:25 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "088f20cd1f479350f02d9aada3709050"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KOVfhjDfSEJD83dHj4LQFL2v8WcGoP25vTJ3NXGythPnUHmT9PlHSQ==
age: 1792
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/amazon.svg
143.204.55.35200 OK 1.9 kB URL HTTP/2 s3-symbol-logo.tradingview.com/amazon.svg
IP 143.204.55.35:0
Hash 49ec75882706e829f3ce5c76317a1f82
cba068323e18db766aa5fcc4793bf761b881fe8d
f253a4c9c7df19f438fb9b0b688a85307d1bd984943afe5e1548b430291ad10c
GET /amazon.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 08 Sep 2021 08:57:49 GMT
x-amz-meta-hash: 839d24db4574bb8543cec9624d3e1007
server: AmazonS3
content-encoding: gzip
date: Tue, 27 Sep 2022 14:37:05 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: W/"839d24db4574bb8543cec9624d3e1007"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2yj5-3VvlFc6myfO-gb3uHpcgQbYBUX0wGD0C2lTXBCV2Nm7HpYd-A==
age: 2716
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/country/US.svg
143.204.55.35200 OK 386 B URL HTTP/2 s3-symbol-logo.tradingview.com/country/US.svg
IP 143.204.55.35:0
File type exported SGML document, ASCII text, with very long lines (2813), with no line terminators
Hash 5d7024e270ed809e958656aff06b8551
2a1e2f15d59dad51e02acd110e1ce1d07a9a03a0
8aa189ebb546b1a466f273c68e0bfa1a9f10fcbd5b6658181074891458cb6101
GET /country/US.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 08 Sep 2021 09:01:07 GMT
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
server: AmazonS3
content-encoding: gzip
date: Tue, 27 Sep 2022 15:10:48 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZQhBJ33CgMDaJ_UyGh2UMoB3za9dhBdyfl4LkNI7BNz7nJfM48eDVw==
age: 688
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/apple.svg
143.204.55.35200 OK 1.5 kB URL HTTP/2 s3-symbol-logo.tradingview.com/apple.svg
IP 143.204.55.35:0
Hash 73258b68952ff9bb60f4ace6a50c7d62
7e316d898c67bb70a6636aef324fea70226b0f06
0d7823502f288535fbc56f98b6b06c216509c5235e772802e6c3b05a0196a679
GET /apple.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 08 Sep 2021 08:59:47 GMT
x-amz-meta-hash: 725d4f188fecc7d857c5a8e668ec4dac
server: AmazonS3
content-encoding: gzip
date: Tue, 27 Sep 2022 14:39:40 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: W/"725d4f188fecc7d857c5a8e668ec4dac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zpMUli6VdClfGcxy77DiJWC0R7jXaFxGn7wevhSQV1xoNraTwYrDng==
age: 2554
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/crypto/XTVCLTC.svg
143.204.55.35200 OK 291 B URL HTTP/2 s3-symbol-logo.tradingview.com/crypto/XTVCLTC.svg
IP 143.204.55.35:0
File type exported SGML document, ASCII text, with no line terminators
Hash 135fed0ba41e2cc6f0be38d91f6d4327
4cf7a4ad00909e8b92e5c9a428f71721481a78b0
fea85b7101beb79844d8b4396a6df981f4757c150cdf3f61bc59453dd2f440ba
GET /crypto/XTVCLTC.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 291
last-modified: Wed, 08 Sep 2021 09:03:49 GMT
x-amz-meta-hash: 135fed0ba41e2cc6f0be38d91f6d4327
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:50:19 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "135fed0ba41e2cc6f0be38d91f6d4327"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: O8eskStFv5btD4ol-4bXLwj_5GCvgO0k-PyQ13M0AMHSeHXTtCiZiQ==
age: 1916
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/crypto/XTVCXRP.svg
143.204.55.35200 OK 661 B URL HTTP/2 s3-symbol-logo.tradingview.com/crypto/XTVCXRP.svg
IP 143.204.55.35:0
File type exported SGML document, ASCII text, with very long lines (661), with no line terminators
Hash 4cc138d1e09d2133eeca65966f3894f0
cf40ee7fc2a18c2f6ae3c7522b6234ca45743623
b2296bde0cbe8bc2cd069e06dcc26ebcd6cd3203dea044abf5a2fed0dc4ffbf6
GET /crypto/XTVCXRP.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 661
last-modified: Wed, 08 Sep 2021 09:01:05 GMT
x-amz-meta-hash: 4cc138d1e09d2133eeca65966f3894f0
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:56:53 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "4cc138d1e09d2133eeca65966f3894f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gXKYkZYUoZNHrRW1vU2yJEkupVWhjVcC7nqDIyJhHbb4os2oK7XC_Q==
age: 1526
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/crypto/XTVCEOS.svg
143.204.55.35200 OK 942 B URL HTTP/2 s3-symbol-logo.tradingview.com/crypto/XTVCEOS.svg
IP 143.204.55.35:0
Hash e73f0b734a6da54937e116c743fadaed
7f271eeb142a01eb7f4b1444a339a808c4b6fe41
a81be36c1ea2c1645341019d0c5864bd916fc17a27802dac993f1f43011e76f7
GET /crypto/XTVCEOS.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 08 Sep 2021 09:04:44 GMT
x-amz-meta-hash: b5bb09f3f95c87ffa9a07fc8c225f1bd
server: AmazonS3
content-encoding: gzip
date: Tue, 27 Sep 2022 15:16:47 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: W/"b5bb09f3f95c87ffa9a07fc8c225f1bd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SOkeb1RqnMglm4sUPyz8WHCv8yf892xExn1ehm6Zj2iwcihDY1NbNA==
age: 335
X-Firefox-Spdy: h2
widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30
213.156.140.161101 Switching Protocols 0 B URL HTTP/1.1 widgetdata.tradingview.com/socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30
IP 213.156.140.161:0
ASN #199524 G-Core Labs S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30 HTTP/1.1
Host: widgetdata.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8bM6gjPv9P1cjZMuGagyUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 27 Sep 2022 15:22:13 GMT
Connection: upgrade
sec-websocket-accept: AYubzNS2wqUOS5oXBDHs/xgZCMo=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv
dozubatan.com/impression/AxCE663Ra1TUIJKiVBsaXAHmmmVCGzicIdb304XLE4N4U1J3zBx8BA7xpEfg8LfCJnKZvlP4Cri9OASzhSLvEkDME9kp49z2xFOVbfI2_hWf2d9yi1RatTL0ew8qA7srWn9YHCcWl_XfKW_eKKGGj-NbG1XmgecaTH9ftZOiHwVefMft2NqJWcsP0C1HN_AU1eUtpsDBYwwcRtQ-9Tq9nV4FO9uXNu5YTusM_JiOP5xJ9xHS0KN_hQVv3UQ7VsPR8Y2-P1eZPDGBqdqJGZun8Br7LxBAB7BwvmTH7x3JCbY-6YPq7kdxxt-qXF6Cmm4U1SKHhXzT6grIIIEU6lRI0GL2vEHRQKeiMKt-jKscjn2U-a2Sxv4wlUx4Rlc-D-Q1pCAfHulKI-AhNrIUlI5j7gAZ9MvuhDiU4nznR-AgUY327j5UxcDE6kXMa9HHuh6ZKGPdoUrRwmNVsITjNoh-vwSo8dyeWiIujfrgyirRzoRTZ-zQ72WXJ5q-5HnFF7Z7ES6UvxdrCmYQhdIIm4M5fdR-yU_1sQ-svabJTrMLWayo54FjlB32mL47QApiLSEuUAuan8aTpCeg3_nAOEM6BZVeDKMAkTFPMc30KVmSOfSHJ3TBFgt9c3sS0ZaTYdbUZDq0bmMe7-1fQ4bU?_z=4971412&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 43 B URL HTTP/2 dozubatan.com/impression/AxCE663Ra1TUIJKiVBsaXAHmmmVCGzicIdb304XLE4N4U1J3zBx8BA7xpEfg8LfCJnKZvlP4Cri9OASzhSLvEkDME9kp49z2xFOVbfI2_hWf2d9yi1RatTL0ew8qA7srWn9YHCcWl_XfKW_eKKGGj-NbG1XmgecaTH9ftZOiHwVefMft2NqJWcsP0C1HN_AU1eUtpsDBYwwcRtQ-9Tq9nV4FO9uXNu5YTusM_JiOP5xJ9xHS0KN_hQVv3UQ7VsPR8Y2-P1eZPDGBqdqJGZun8Br7LxBAB7BwvmTH7x3JCbY-6YPq7kdxxt-qXF6Cmm4U1SKHhXzT6grIIIEU6lRI0GL2vEHRQKeiMKt-jKscjn2U-a2Sxv4wlUx4Rlc-D-Q1pCAfHulKI-AhNrIUlI5j7gAZ9MvuhDiU4nznR-AgUY327j5UxcDE6kXMa9HHuh6ZKGPdoUrRwmNVsITjNoh-vwSo8dyeWiIujfrgyirRzoRTZ-zQ72WXJ5q-5HnFF7Z7ES6UvxdrCmYQhdIIm4M5fdR-yU_1sQ-svabJTrMLWayo54FjlB32mL47QApiLSEuUAuan8aTpCeg3_nAOEM6BZVeDKMAkTFPMc30KVmSOfSHJ3TBFgt9c3sS0ZaTYdbUZDq0bmMe7-1fQ4bU?_z=4971412&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/AxCE663Ra1TUIJKiVBsaXAHmmmVCGzicIdb304XLE4N4U1J3zBx8BA7xpEfg8LfCJnKZvlP4Cri9OASzhSLvEkDME9kp49z2xFOVbfI2_hWf2d9yi1RatTL0ew8qA7srWn9YHCcWl_XfKW_eKKGGj-NbG1XmgecaTH9ftZOiHwVefMft2NqJWcsP0C1HN_AU1eUtpsDBYwwcRtQ-9Tq9nV4FO9uXNu5YTusM_JiOP5xJ9xHS0KN_hQVv3UQ7VsPR8Y2-P1eZPDGBqdqJGZun8Br7LxBAB7BwvmTH7x3JCbY-6YPq7kdxxt-qXF6Cmm4U1SKHhXzT6grIIIEU6lRI0GL2vEHRQKeiMKt-jKscjn2U-a2Sxv4wlUx4Rlc-D-Q1pCAfHulKI-AhNrIUlI5j7gAZ9MvuhDiU4nznR-AgUY327j5UxcDE6kXMa9HHuh6ZKGPdoUrRwmNVsITjNoh-vwSo8dyeWiIujfrgyirRzoRTZ-zQ72WXJ5q-5HnFF7Z7ES6UvxdrCmYQhdIIm4M5fdR-yU_1sQ-svabJTrMLWayo54FjlB32mL47QApiLSEuUAuan8aTpCeg3_nAOEM6BZVeDKMAkTFPMc30KVmSOfSHJ3TBFgt9c3sS0ZaTYdbUZDq0bmMe7-1fQ4bU?_z=4971412&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropmb.com/
Cookie: OAID=c1e5e63255314d5bb1b211a8c45c6dbc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:13 GMT
content-type: image/gif
content-length: 43
x-trace-id: 94ff709ab8da4084bdfb52ad9acaaa12
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/metal/silver.svg
143.204.55.35200 OK 565 B URL HTTP/2 s3-symbol-logo.tradingview.com/metal/silver.svg
IP 143.204.55.35:0
File type exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash dce62cd8bdd46fc425f784329fcffe2c
0ad2df26d62c45e2a97a57d122d32f5cc7a70b2b
73fc3f194fea75788959fbf4099dba6c48fcd70deef2293d7d797fe697671764
GET /metal/silver.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 565
last-modified: Wed, 08 Sep 2021 09:03:04 GMT
x-amz-meta-hash: dce62cd8bdd46fc425f784329fcffe2c
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:43:39 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "dce62cd8bdd46fc425f784329fcffe2c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zdqoGK0qJ1RPzN3Cr6XX5ho8oNpb91FnsvfPQKqA5Yodw0kp_qdghg==
age: 2323
X-Firefox-Spdy: h2
s3-symbol-logo.tradingview.com/crude-oil.svg
143.204.55.35200 OK 443 B URL HTTP/2 s3-symbol-logo.tradingview.com/crude-oil.svg
IP 143.204.55.35:0
File type exported SGML document, ASCII text, with very long lines (443), with no line terminators
Hash 5e4e832aa47ec693a3c1de44c8b222b5
2d5947bfa54cf87422a3d02c46de823d55613400
106132134d99b813f417630a48b4ad75f75423f05cf1ecca333928d67e2e9aaa
GET /crude-oil.svg HTTP/1.1
Host: s3-symbol-logo.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 443
last-modified: Wed, 08 Sep 2021 08:59:22 GMT
x-amz-meta-hash: 5e4e832aa47ec693a3c1de44c8b222b5
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:40:16 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "5e4e832aa47ec693a3c1de44c8b222b5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OkexZ_MNiWYy-It0WJALpof41B3yNy7sSJ3v19Q62ZSKSxFd2t5BGg==
age: 2518
X-Firefox-Spdy: h2
dozubatan.com/500/4971412?excludes=14745758&oaid=c1e5e63255314d5bb1b211a8c45c6dbc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 dozubatan.com/500/4971412?excludes=14745758&oaid=c1e5e63255314d5bb1b211a8c45c6dbc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/4971412?excludes=14745758&oaid=c1e5e63255314d5bb1b211a8c45c6dbc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://dropmb.com/
Origin: https://dropmb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:13 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://dropmb.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
dozubatan.com/500/4971412?excludes=14745758&oaid=c1e5e63255314d5bb1b211a8c45c6dbc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 14 kB URL HTTP/2 dozubatan.com/500/4971412?excludes=14745758&oaid=c1e5e63255314d5bb1b211a8c45c6dbc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash 2a39da94fcd3f80b812a73564b527a73
882dc5a1829b87558855d13bd59c52cae96a7de8
06a7b08e6f1a513694afcc5e55d7cf4347f88eff15725f449d84b3b5c1d3c1b7
GET /500/4971412?excludes=14745758&oaid=c1e5e63255314d5bb1b211a8c45c6dbc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://dropmb.com
Connection: keep-alive
Referer: https://dropmb.com/
Cookie: OAID=c1e5e63255314d5bb1b211a8c45c6dbc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:13 GMT
content-type: application/javascript
x-trace-id: cbc981900adc83a4c3b03165e71ac0fb
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://dropmb.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c1e5e63255314d5bb1b211a8c45c6dbc; expires=Wed, 27 Sep 2023 15:22:13 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
172.67.38.66200 OK 41 kB URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
IP 172.67.38.66:0
File type ASCII text, with very long lines (65466)
Hash 8a99d116785af2a7eaad230485c93067
1bfd626cc2518715b0d134b9394e30d3b952d85c
700dce115339ef423510b7111378bd388fb68b783f823c17acfc2fcaba690db1
GET /_s/v4/app/63258f417d7/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:22:12 GMT
content-type: application/javascript
age: 166062
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"c262969ff89da8a8b3994883a0f57085"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75153bc139cd0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=b61f9072380547d89ed3b3f19be43e54&zoneId=4971414&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=b61f9072380547d89ed3b3f19be43e54&zoneId=4971414&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e9c63f152e426473bd427a4404715d0a
8cf3c324db12959f85391a1b25f47f904044dba1
8c471f8bf1a8966e03588983d30f03d30653cea1e2f11f6d3b37cb8658845144
GET /gid.js?pub=0&userId=b61f9072380547d89ed3b3f19be43e54&zoneId=4971414&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropmb.com/
Origin: https://dropmb.com
Connection: keep-alive
Cookie: ID=c1e5e63255314d5bb1b211a8c45c6dbc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:15 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://dropmb.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c1e5e63255314d5bb1b211a8c45c6dbc; expires=Wed, 27 Sep 2023 15:22:15 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
onmarshtompor.com/?rb=G3aZCWHqRqYgd5PeqgfjXEcrvmewbptEMCRyaG3Cay_7QUkrqfdj2K5ahBLKggqK6_V7Ty-D9ivjkF21BUNDdVfmfj0aV0-74rbXzjCOISS9AryKjYSN5W7MKwXBoCCj6VYMPQtk_0nPshl3dBDq4Ba4C7mawr2_qKOTN4pf25jnylGjf_017nAxfSEV54x7bC0MnWlzECTh-leXgf-UrQ%3D%3D&request_ab2=0&zoneid=4971415&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=a5649649-8a2d-4c67-96a3-a3152bc0cab3&userId=c1e5e63255314d5bb1b211a8c45c6dbc&m=link
139.45.197.243200 OK 0 B URL HTTP/2 onmarshtompor.com/?rb=G3aZCWHqRqYgd5PeqgfjXEcrvmewbptEMCRyaG3Cay_7QUkrqfdj2K5ahBLKggqK6_V7Ty-D9ivjkF21BUNDdVfmfj0aV0-74rbXzjCOISS9AryKjYSN5W7MKwXBoCCj6VYMPQtk_0nPshl3dBDq4Ba4C7mawr2_qKOTN4pf25jnylGjf_017nAxfSEV54x7bC0MnWlzECTh-leXgf-UrQ%3D%3D&request_ab2=0&zoneid=4971415&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=a5649649-8a2d-4c67-96a3-a3152bc0cab3&userId=c1e5e63255314d5bb1b211a8c45c6dbc&m=link
IP 139.45.197.243:0
GET /?rb=G3aZCWHqRqYgd5PeqgfjXEcrvmewbptEMCRyaG3Cay_7QUkrqfdj2K5ahBLKggqK6_V7Ty-D9ivjkF21BUNDdVfmfj0aV0-74rbXzjCOISS9AryKjYSN5W7MKwXBoCCj6VYMPQtk_0nPshl3dBDq4Ba4C7mawr2_qKOTN4pf25jnylGjf_017nAxfSEV54x7bC0MnWlzECTh-leXgf-UrQ%3D%3D&request_ab2=0&zoneid=4971415&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=a5649649-8a2d-4c67-96a3-a3152bc0cab3&userId=c1e5e63255314d5bb1b211a8c45c6dbc&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropmb.com/
Origin: https://dropmb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-type: application/json
x-trace-id: a956631df3d576ccf8b95bed927300f2
access-control-allow-origin: https://dropmb.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=c1e5e63255314d5bb1b211a8c45c6dbc; expires=Wed, 27 Sep 2023 15:22:08 GMT; path=/; secure; SameSite=None
oaidts=1664292128; expires=Wed, 27 Sep 2023 15:22:08 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 04 Oct 2022 15:22:08 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
phcorner.net/
104.26.8.158405 Method Not Allowed 0 B IP 104.26.8.158:0
OPTIONS / HTTP/1.1
Host: phcorner.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Referer: https://dropmb.com/
Origin: https://dropmb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 405 Method Not Allowed
date: Tue, 27 Sep 2022 15:22:07 GMT
content-type: text/html; charset=utf-8
cf-ray: 75153ba28cbab4f9-OSL
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPvNlxkgihRInkA3%2FueCPwvOYdAsXl68CinpSxPSdenXCROJBGn5nxEJkJpuuk4IVMiv6iXhLOYFQUbMNrx3PSXHQgjP%2Beaw%2B1eCZzdFcUu%2BBq238zTYOIs%2BL8zqpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dozubatan.com/400/4971412
139.45.197.237200 OK 0 B URL HTTP/2 dozubatan.com/400/4971412
IP 139.45.197.237:0
GET /400/4971412 HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-type: application/javascript
x-trace-id: c521ddd3ae8f7a11e2d003977972f52f
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=650caff9becd41a7823c54678733ceff; expires=Wed, 27 Sep 2023 15:22:08 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
pseepsie.com/pfe/current/universal.min.js?v=3.1.396
139.45.197.250200 OK 0 B URL HTTP/2 pseepsie.com/pfe/current/universal.min.js?v=3.1.396
IP 139.45.197.250:0
GET /pfe/current/universal.min.js?v=3.1.396 HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropmb.com/
Origin: https://dropmb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-1fafa"
access-control-allow-origin: https://dropmb.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
104.21.84.149200 OK 0 B IP 104.21.84.149:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:22:08 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5556
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOC1%2BUuErKl%2BWGSn660wCCtlPYsHFdxDkvdJxNQnz9Bi%2FCZzQt09OTRtmwD63raDuKvLSG5PMR60yzmGCAHK0uu%2FzGHfa3Qq%2FQCQhdj%2BN7gxaxx37clyFMEaQXpF2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75153bab49c9b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tovanillitechan.com/9?z=4971413&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=c1e5e63255314d5bb1b211a8c45c6dbc
139.45.197.239200 OK 0 B URL HTTP/2 tovanillitechan.com/9?z=4971413&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=c1e5e63255314d5bb1b211a8c45c6dbc
IP 139.45.197.239:0
POST /9?z=4971413&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=c1e5e63255314d5bb1b211a8c45c6dbc HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 132
Origin: https://dropmb.com
Connection: keep-alive
Referer: https://dropmb.com/
Cookie: scm=1; OAID=2db1a0ec95ee4bf1b8fddc67050950b3; oaidts=1664292128
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://dropmb.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: a8e5d53327fc816cd0a94156e680c1c3
access-control-expose-headers: X-Sc
set-cookie: OAID=c1e5e63255314d5bb1b211a8c45c6dbc; expires=Wed, 27 Sep 2023 15:22:08 GMT; secure; SameSite=None
oaidts=1664292128; expires=Wed, 27 Sep 2023 15:22:08 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
s.tradingview.com/embed-widget/market-quotes/?locale=en
54.230.111.73200 OK 0 B URL HTTP/2 s.tradingview.com/embed-widget/market-quotes/?locale=en
IP 54.230.111.73:0
GET /embed-widget/market-quotes/?locale=en HTTP/1.1
Host: s.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Tue, 27 Sep 2022 15:21:16 GMT
expires: Tue, 27 Sep 2022 15:23:16 GMT
cache-control: max-age=120
content-security-policy: base-uri 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-90XcA17jvgaB8oDkdm3f6A=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; object-src 'none'
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jvkqX6uZkn6Zn_tCPG5Guf4gArM8qgoB1_rEbSNyK_nGQ9PLEktz0A==
age: 54
X-Firefox-Spdy: h2
s.tradingview.com/embed-widget/ticker-tape/?locale=en
54.230.111.73200 OK 0 B URL HTTP/2 s.tradingview.com/embed-widget/ticker-tape/?locale=en
IP 54.230.111.73:0
GET /embed-widget/ticker-tape/?locale=en HTTP/1.1
Host: s.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Tue, 27 Sep 2022 15:20:52 GMT
expires: Tue, 27 Sep 2022 15:22:52 GMT
cache-control: max-age=120
content-security-policy: base-uri 'none'; default-src 'self' https: data: blob: wss: 'unsafe-inline'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-QSHrNv6CBpnx2LlkYGUMbQ=='; object-src 'none'
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iET0gaSeglWoUG0cUWrb_AYV44-1szlLRLwIV7OZ0Ye6RcWPEtH3Vw==
age: 77
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-vendors.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-vendors.js
IP 172.67.38.66:0
GET /_s/v4/app/63258f417d7/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:22:12 GMT
content-type: application/javascript
age: 166062
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"81c2642aac0b88b6b237d279f5f8ce67"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75153bc139ca0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/47872.b614638f482af661b1f9.js
54.230.111.84200 OK 0 B URL HTTP/2 static.tradingview.com/static/bundles/embed/47872.b614638f482af661b1f9.js
IP 54.230.111.84:0
GET /static/bundles/embed/47872.b614638f482af661b1f9.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 18927
date: Wed, 21 Sep 2022 10:20:06 GMT
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
etag: "632ace12-49ef"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hWuyPEwzuzSGvP6RJw0Oq5hHuJ2jgh18ikk8CAhfAsssBp4GCOa5YQ==
age: 536524
X-Firefox-Spdy: h2
iclickcdn.com/tag.min.js
172.67.75.9200 OK 0 B IP 172.67.75.9:0
GET /tag.min.js HTTP/1.1
Host: iclickcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:22:06 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 165741882d95ce0f39bc82e0a0739600
cache-control: max-age=86400
last-modified: Fri, 23 Sep 2022 16:05:44 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Wed, 28 Sep 2022 00:15:14 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 54412
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJbCuYNZOkjn2HwbEfBB9wvs6CxPSq8V1EFe%2BAjUnera3lxvWhPJXUnX7F3EGgKE9u1yblrw5Mnz3nAawvgF32luyTlEDp0uYsI9f4LNfLD9EzaxBg62ujiXxmi8buY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75153ba0ae78b506-OSL
content-encoding: br
X-Firefox-Spdy: h2
tovanillitechan.com/1?z=4971413
139.45.197.239200 OK 0 B URL HTTP/2 tovanillitechan.com/1?z=4971413
IP 139.45.197.239:0
GET /1?z=4971413 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: dc72bfbd78dfcfa7d4f469e673e33c68
access-control-expose-headers: X-Sc
x-sc: sj-NZFJeHB7SUMnWsJ_PKaGzaoaK7TGysbKBamnJiT0sTydTnoFGzjIwaxWwy06u5ZpLAX9FQmdLAfma2C7htxnX4aU=
set-cookie: scm=1; expires=Wed, 27 Sep 2023 15:22:08 GMT; secure; SameSite=None
OAID=2db1a0ec95ee4bf1b8fddc67050950b3; expires=Wed, 27 Sep 2023 15:22:08 GMT; secure; SameSite=None
oaidts=1664292128; expires=Wed, 27 Sep 2023 15:22:08 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
s.tradingview.com/embed-widget/market-quotes/?locale=en
54.230.111.73200 OK 0 B URL HTTP/2 s.tradingview.com/embed-widget/market-quotes/?locale=en
IP 54.230.111.73:0
GET /embed-widget/market-quotes/?locale=en HTTP/1.1
Host: s.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Tue, 27 Sep 2022 15:21:16 GMT
expires: Tue, 27 Sep 2022 15:23:16 GMT
cache-control: max-age=120
content-security-policy: base-uri 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-90XcA17jvgaB8oDkdm3f6A=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; object-src 'none'
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PMzRKsPkdgIghh8Pvk_C5H96Uw0tkjQPWXnvDcHPSvithJXtcT6Brw==
age: 54
X-Firefox-Spdy: h2
s.tradingview.com/embed-widget/market-quotes/?locale=en
54.230.111.73200 OK 0 B URL HTTP/2 s.tradingview.com/embed-widget/market-quotes/?locale=en
IP 54.230.111.73:0
GET /embed-widget/market-quotes/?locale=en HTTP/1.1
Host: s.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Tue, 27 Sep 2022 15:21:16 GMT
expires: Tue, 27 Sep 2022 15:23:16 GMT
cache-control: max-age=120
content-security-policy: base-uri 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-90XcA17jvgaB8oDkdm3f6A=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; object-src 'none'
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C5CCLxMG9MMuIp_ppeoR4ei2DTvPcr5IJOLNx4iP5bGI41N-x7upZg==
age: 54
X-Firefox-Spdy: h2
s.tradingview.com/embed-widget/market-quotes/?locale=en
54.230.111.73200 OK 0 B URL HTTP/2 s.tradingview.com/embed-widget/market-quotes/?locale=en
IP 54.230.111.73:0
GET /embed-widget/market-quotes/?locale=en HTTP/1.1
Host: s.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Tue, 27 Sep 2022 15:21:16 GMT
expires: Tue, 27 Sep 2022 15:23:16 GMT
cache-control: max-age=120
content-security-policy: base-uri 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-90XcA17jvgaB8oDkdm3f6A=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; object-src 'none'
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sJTm9ybm7BIv5WNN2kOHteQ3z3kq4PnXuyZUurjP8atlINMhbpYaEQ==
age: 54
X-Firefox-Spdy: h2
embed.tawk.to/6281b6ff7b967b11798f7d77/1g35b5lj0
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/6281b6ff7b967b11798f7d77/1g35b5lj0
IP 172.67.38.66:0
GET /6281b6ff7b967b11798f7d77/1g35b5lj0 HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:22:10 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-63258f417d7"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 326
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75153bb4bcd50b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/87461.aa126d16f4609615d7a4.js
54.230.111.84200 OK 0 B URL HTTP/2 static.tradingview.com/static/bundles/embed/87461.aa126d16f4609615d7a4.js
IP 54.230.111.84:0
GET /static/bundles/embed/87461.aa126d16f4609615d7a4.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Sep 2022 10:11:07 GMT
last-modified: Wed, 07 Sep 2022 08:33:53 GMT
etag: W/"63185771-1518"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: muNzSRO9u0naKbyQwhskhm6QbEX6mCrbrJQ3iMwa0lUNM-sqmO1oGQ==
age: 1746663
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:400,700,400italic&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:400,700,400italic&display=swap
IP 142.250.74.10:0
GET /css?family=Lato:400,700,400italic&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 15:22:06 GMT
date: Tue, 27 Sep 2022 15:22:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.530a55e441c55d6c8446.js
54.230.111.84200 OK 0 B URL HTTP/2 static.tradingview.com/static/bundles/embed/embed_ticker_tape_widget.530a55e441c55d6c8446.js
IP 54.230.111.84:0
GET /static/bundles/embed/embed_ticker_tape_widget.530a55e441c55d6c8446.js HTTP/1.1
Host: static.tradingview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 21 Sep 2022 10:20:18 GMT
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
etag: W/"632ace12-1b8a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: z3lWWlTxb1UAUcwMVv2CSTtJ8NGrnmyToccLc0mvmjuMNA2fzIyl7Q==
age: 536512
X-Firefox-Spdy: h2