Overview

URL dropmb.com/files/fd873d3ffad7265c9125a14881f3c0cc.rar
IP104.21.235.160
ASNCLOUDFLARENET
Location
Report completed2022-09-27 15:22:17 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-27 2 pseepsie.com/custom Malware
2022-09-27 2 pseepsie.com/custom Malware
2022-09-27 2 pseepsie.com/custom Malware
2022-09-27 2 pseepsie.com/custom Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-27 2 fleraprt.com Sinkholed


Files

No files detected



Passive DNS (37)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS iclickcdn.com (1) 45415 2020-03-25 19:06:34 UTC 2022-09-27 15:22:06 UTC 172.67.75.9
mnemonic passive DNS embed.tawk.to (7) 8650 2014-03-19 21:03:49 UTC 2022-09-27 07:45:55 UTC 172.67.38.66
mnemonic passive DNS tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-09-27 06:38:43 UTC 104.21.84.149 Unknown ranking
mnemonic passive DNS s.tradingview.com (5) 22849 2018-12-05 09:16:50 UTC 2022-09-27 15:22:09 UTC 54.230.111.73
mnemonic passive DNS dozubatan.com (6) 33479 2021-05-18 14:02:27 UTC 2022-09-27 15:22:08 UTC 139.45.197.237
mnemonic passive DNS fleraprt.com (1) 0 2022-01-14 22:55:14 UTC 2022-09-27 15:22:08 UTC 139.45.195.254 Unknown ranking
mnemonic passive DNS va.tawk.to (1) 8297 2017-01-30 04:20:46 UTC 2022-09-27 07:45:55 UTC 172.67.38.66
mnemonic passive DNS bedrapiona.com (1) 34930 2020-05-08 13:43:48 UTC 2022-09-27 08:27:56 UTC 139.45.197.234
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-09-27 09:44:42 UTC 104.18.32.68
mnemonic passive DNS pseepsie.com (5) 132332 2021-03-12 04:11:08 UTC 2022-09-27 15:22:08 UTC 139.45.197.250
mnemonic passive DNS dropmb.com (2) 0 2017-07-18 23:54:58 UTC 2022-09-27 15:20:57 UTC 104.21.235.159 Unknown ranking
mnemonic passive DNS tovanillitechan.com (9) 0 2022-07-22 05:21:08 UTC 2022-09-27 15:22:08 UTC 139.45.197.239 Unknown ranking
mnemonic passive DNS engingrepare.com (1) 0 2022-09-23 16:46:03 UTC 2022-09-27 15:22:09 UTC 3.123.187.149 Unknown ranking
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-27 12:39:40 UTC 142.250.74.10
mnemonic passive DNS r3.o.lencr.org (10) 344 2020-12-02 08:52:13 UTC 2022-09-27 04:52:25 UTC 23.36.76.226
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 05:14:54 UTC 143.204.55.35
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-27 04:52:54 UTC 142.250.74.72
mnemonic passive DNS static.tradingview.com (26) 0 2022-07-30 10:38:04 UTC 2022-09-27 13:21:51 UTC 54.230.111.84 Domain (tradingview.com) ranked at: 4416
mnemonic passive DNS widgetdata.tradingview.com (4) 22043 2017-01-29 09:29:02 UTC 2022-09-27 15:22:10 UTC 213.156.140.161
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-27 07:51:08 UTC 142.250.74.174
mnemonic passive DNS onmarshtompor.com (1) 24517 2020-10-19 12:36:32 UTC 2022-09-27 04:59:03 UTC 139.45.197.243
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-27 11:41:54 UTC 143.204.55.35
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-27 13:22:33 UTC 34.120.237.76
mnemonic passive DNS s3.tradingview.com (4) 18525 2018-12-09 17:38:16 UTC 2022-09-27 06:27:35 UTC 54.230.111.32
mnemonic passive DNS phcorner.net (1) 206680 2012-11-08 13:40:42 UTC 2022-09-27 15:22:07 UTC 104.26.8.158
mnemonic passive DNS s3-symbol-logo.tradingview.com (19) 20447 2020-11-23 08:22:37 UTC 2022-09-27 09:59:03 UTC 143.204.55.35
mnemonic passive DNS dropmb.com (2) 0 2017-07-18 23:54:58 UTC 2022-09-27 15:20:57 UTC 104.21.235.160 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.3
mnemonic passive DNS my.rtmark.net (2) 9054 2017-08-22 14:11:49 UTC 2022-09-27 04:54:13 UTC 139.45.195.8
mnemonic passive DNS widget.trustpilot.com (5) 6018 2017-09-05 07:45:53 UTC 2022-09-27 12:56:11 UTC 143.204.55.78
mnemonic passive DNS flagicons.lipis.dev (2) 527996 2020-02-27 09:46:04 UTC 2022-09-27 15:22:09 UTC 185.199.110.153
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-27 09:08:20 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 54.191.251.76
mnemonic passive DNS offerimage.com (1) 304078 2019-06-10 11:11:53 UTC 2022-09-27 06:38:44 UTC 104.22.32.172
mnemonic passive DNS www.roifxtrader.com (2) 0 2022-03-14 22:13:40 UTC 2022-09-27 12:35:25 UTC 172.67.163.98 Unknown ranking
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-27 04:53:14 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.21.235.160

Date UQ / IDS / BL URL IP
2022-12-04 18:01:32 +0000
0 - 0 - 9 dropmb.com/files/73ea5474ecc99276342229cdaa75 (...) 104.21.235.160
2022-11-26 17:15:44 +0000
0 - 0 - 12 dropmb.com/files/a671d90add9a66821d8ee5d78ed7 (...) 104.21.235.160
2022-11-24 06:40:58 +0000
0 - 0 - 11 dropmb.com/files/80914e90f195cd867599a15d03a5 (...) 104.21.235.160
2022-11-08 21:28:27 +0000
0 - 0 - 8 dropmb.com/files/ac39b1e1fd4023538404bb1648b9 (...) 104.21.235.160
2022-11-08 20:01:50 +0000
0 - 0 - 9 dropmb.com/files/61ece5efe3fe893365d7f19e5e91 (...) 104.21.235.160

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-04 22:58:11 +0000
0 - 0 - 1 important-messages.info/4/cllps/27ptdl.php 172.67.158.36
2022-12-04 22:57:48 +0000
0 - 0 - 1 ricechronic.top/ 188.114.96.1
2022-12-04 22:57:41 +0000
0 - 0 - 4 gdfvmhq.connatual.tk/e22d0 104.21.92.235
2022-12-04 22:57:24 +0000
0 - 0 - 2 iossecure.com/en/imitatenobr/en/ 172.67.209.206
2022-12-04 22:55:32 +0000
0 - 0 - 7 saturationedible.cn/usps/tb.php?uc=lc1670181634336 188.114.97.1

Last 5 reports on domain: dropmb.com

Date UQ / IDS / BL URL IP
2022-12-04 18:01:32 +0000
0 - 0 - 9 dropmb.com/files/73ea5474ecc99276342229cdaa75 (...) 104.21.235.160
2022-11-29 17:06:26 +0000
0 - 0 - 11 dropmb.com/files/12bd77d787d6b825acf8642be2fb (...) 104.21.235.159
2022-11-26 17:15:44 +0000
0 - 0 - 12 dropmb.com/files/a671d90add9a66821d8ee5d78ed7 (...) 104.21.235.160
2022-11-24 06:40:58 +0000
0 - 0 - 11 dropmb.com/files/80914e90f195cd867599a15d03a5 (...) 104.21.235.160
2022-11-09 22:05:31 +0000
0 - 0 - 12 dropmb.com/files/b868fc74e03d7e4863faafbf9f1e (...) 104.21.235.159

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-09-27 15:22:17 +0000
0 - 0 - 6 dropmb.com/files/9112b4f7ea2b439347cfc14aa39f (...) 104.21.235.160
2022-09-26 16:00:12 +0000
0 - 0 - 14 dropmb.com/files/5c0276484966b240fb0c208d4e93 (...) 104.21.235.159
2022-09-26 02:37:06 +0000
0 - 0 - 14 dropmb.com/files/8fa7164833646f6485087e651844 (...) 104.21.235.160
2022-09-06 22:29:14 +0000
0 - 0 - 14 dropmb.com/files/08838e89fc3e150758d5c51d1b40 (...) 104.21.235.159
2022-09-06 01:55:15 +0000
0 - 0 - 17 dropmb.com/files/08838e89fc3e150758d5c51d1b40 (...) 104.21.235.160


JavaScript

Executed Scripts (98)


Executed Evals (1)

#1 JavaScript::Eval (size: 80, repeated: 1) - SHA256: 8a79e7bd6b8e417b4b5ba785bb5d3d245eb1ee5e5af911a830482f8b57999259

                                        (() => {
    const a = async
    function name() {};
    window['5kxryoq5nsx'] = true;
})()
                                    

Executed Writes (0)



HTTP Transactions (142)


Request Response
                                        
                                            GET /files/fd873d3ffad7265c9125a14881f3c0cc.rar HTTP/1.1 
Host: dropmb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.235.160
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 27 Sep 2022 15:22:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 27 Sep 2022 16:22:05 GMT
Location: https://dropmb.com/files/fd873d3ffad7265c9125a14881f3c0cc.rar
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IFoRPuaXHDWWwxK3Bka5E78YKzgs8ngs8l201u5BEoDkQUtAXLnyPZAUEzG%2FrOxw0tQlKb%2FAKOMSH1AUtiIswWtvKo%2BJ8I6f5tvxO6m%2FkdvMf%2BS7XMKnfyMUOKN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 75153b9b6a6adc45-LHR
alt-svc: h2=":443"; ma=60

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 15:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wuj4WTyhRWcw0Y843c3fpIL1nBjdzUA9zvOUNLD9W--HEuinTpOmAQ==
Age: 396


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9143
Expires: Tue, 27 Sep 2022 17:54:29 GMT
Date: Tue, 27 Sep 2022 15:22:06 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TynnsIWzpdWgZ5m1JxIErIalUADd5r7uN7ycgXTB6HyRVUhjNSj3cg==
age: 21473
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3996
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 15:22:06 GMT
Last-Modified: Tue, 27 Sep 2022 14:15:30 GMT
Server: ECS (amb/6BB8)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:06 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3996
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 15:22:06 GMT
Last-Modified: Tue, 27 Sep 2022 14:15:30 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 15:22:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 15:10:46 GMT
Expires: Tue, 27 Sep 2022 16:02:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: S6RI0FcpvefmeB0dP-HjjymNhZ1lOu77KBjyl87XjypAxVC9mAounw==
Age: 680


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4451
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 15:22:06 GMT
Last-Modified: Tue, 27 Sep 2022 14:07:55 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 15:22:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /files/fd873d3ffad7265c9125a14881f3c0cc.rar HTTP/1.1 
Host: dropmb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.21.235.159
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Tue, 27 Sep 2022 15:22:06 GMT
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=2678400, must-revalidate
pragma: no-cache
x-60-cache-status: HIT
last-modified: Thu, 15 Sep 2022 19:44:19 GMT
cf-cache-status: HIT
age: 971699
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgbc4xd77U2%2F%2FUmFK%2FYd20XhcYGmrFezbIX6mDt1HZkQERNVnJx0XGcR4%2FUJGXRQH1H1cILIMON1VGWFlW%2B%2FIa6eQOvsbDWaULsKNLGPD6JsUT9RBhCFFnSfdjwl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75153b9d7dcf775c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1487), with CRLF, LF line terminators
Size:   24015
Md5:    03cd71f0d30b00256b0f1e65f06ce202
Sha1:   ed680b9b5056bd869bb61a562512ffef7e4d024c
Sha256: 06d3ce203ee4e867c4fbf0840f85314b5e33cdaab58ee47549ea941cab6b5da7
                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dropmb.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 598305
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   58019
Md5:    2c277130d113ed67c15ad133cf9a1ce6
Sha1:   059b5163939ad3082a6b5a2176e2797a42d1bbe2
Sha256: 80e139f544290068e93d8c346e5e17a2f20116d90b84a1e115164c9f2ed84591
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 15:22:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AWQNS6dOpDe2M/AlegdqrA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.191.251.76
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: okwIHbBsREM8zSLetKthKiAEN+s=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "42393BBEBC5BDA5422C410ADB413DDEBF976D70FEA8CA3AE50BD8DFDDEE645DF"
Last-Modified: Sun, 25 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16404
Expires: Tue, 27 Sep 2022 19:55:31 GMT
Date: Tue, 27 Sep 2022 15:22:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EAB28ED0DCB51BF3EE024B4CCAA3CF1F2770E0FA191E45FC8465A4F3E9E4DE09"
Last-Modified: Sun, 25 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18060
Expires: Tue, 27 Sep 2022 20:23:08 GMT
Date: Tue, 27 Sep 2022 15:22:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FB817EEB13578A3DAA360DC6769FBAC02AE3DC903449EFEE995F7570AB76465B"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3294
Expires: Tue, 27 Sep 2022 16:17:02 GMT
Date: Tue, 27 Sep 2022 15:22:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "52B73249D787244356D8FADC4EE2C73ACFAA25EC2586B3CD5F00DBA23148F94B"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10653
Expires: Tue, 27 Sep 2022 18:19:41 GMT
Date: Tue, 27 Sep 2022 15:22:08 GMT
Connection: keep-alive

                                        
                                            GET /5/4971415/?oo=1&js_build=iclick-v1.430.0 HTTP/1.1 
Host: bedrapiona.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dropmb.com
Connection: keep-alive
Referer: https://dropmb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.234
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:07 GMT
x-trace-id: 43e7c4cf9a1686f90695b9759828cd7b
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://dropmb.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=c1e5e63255314d5bb1b211a8c45c6dbc; expires=Wed, 27 Sep 2023 15:22:07 GMT; path=/; secure; SameSite=None oaidts=1664292127; expires=Wed, 27 Sep 2023 15:22:07 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   8078
Md5:    8d4cb0c070ce498439f84158429e5d4b
Sha1:   bf4d66ff1ddf9ec5e34e5fe805e9c948972c15bc
Sha256: 8403a862d76adefac96ca130a3a2eaf5a634daf4c8c79817ce4aa8f7011ed547
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13210
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 15:22:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13210
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 15:22:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13210
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 15:22:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13210
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 15:22:08 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:07 GMT
age: 63781
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9163
Md5:    deb8d1e3b6d7fbc8c8ba478269621676
Sha1:   84f5a4c8b38acde814bc790e5b514347718d5bb9
Sha256: ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11881
x-amzn-requestid: 584a2270-56ef-4f46-8ab2-dc0e519b5f45
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YshLfEfoIAMFX9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328157c-12f8e8e31318d2da70796520;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 07:08:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bDpP2pZgrMz5bH_vy76SvyPojDGhPIHfOtv2i4dfHCs1GUuSZVC87w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:33:24 GMT
age: 60524
etag: "3b660de9902fbfcf2efb477f40480b08545ebc5f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11881
Md5:    91d97447a6a35813e57d942f685544c4
Sha1:   3b660de9902fbfcf2efb477f40480b08545ebc5f
Sha256: 08c1ea19c4918273da12c9a2e962edf4463c486a30f60c8a279a45e5edcf972a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IWzfDNFlgYdqYnbQ9uWfOvqb5zl3I3mgTZrT5pU5P3EvetMRDN5P7w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:06:47 GMT
age: 51321
etag: "1a26007f761e439db575fb80fb403031260aecf4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7455
Md5:    5274e770cb5a704916c8965659709f4a
Sha1:   1a26007f761e439db575fb80fb403031260aecf4
Sha256: e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 15:22:08 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=485589,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75153baa0ce2b50c-OSL

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p1vYTqYjOmYHjVmJ8f6qyT_nLIsyXsr7ZI-DI7JBF9RJa0ZJNPiluA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:56:23 GMT
age: 62745
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10211
Md5:    347dca206e13a3b13953f0ab398310b4
Sha1:   be60bbc96c832ae385cc9ae5828bd32703011b21
Sha256: f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:37:50 GMT
age: 49458
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6390
Md5:    14218a43c5e5bbce546735a780c8ccce
Sha1:   61676358cdbb2373bc644e66f8a84fbc8cc5daf6
Sha256: 905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kRSg9NTTAgeAJgIZ_C9_rRodCX4bzGduJEvNPNHUya0Moa2vsmWSoQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 63791
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13213
Md5:    62e68c3cd08dd94d910507512a67e85f
Sha1:   3d4fa8701f17e8818c25584ef5f04bfbee8440cd
Sha256: 058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
                                        
                                            GET /42/38?z=4971413 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropmb.com/
Cookie: scm=1; OAID=2db1a0ec95ee4bf1b8fddc67050950b3; oaidts=1664292128
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 32b31c17b1d7d395d957edcd026ee9ef
access-control-expose-headers: X-Sc
set-cookie: OAID=2db1a0ec95ee4bf1b8fddc67050950b3; expires=Wed, 27 Sep 2023 15:22:08 GMT; secure; SameSite=None oaidts=1664292128; expires=Wed, 27 Sep 2023 15:22:08 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /gid.js?userId=c1e5e63255314d5bb1b211a8c45c6dbc HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dropmb.com
Connection: keep-alive
Referer: https://dropmb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-length: 65
access-control-allow-origin: https://dropmb.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c1e5e63255314d5bb1b211a8c45c6dbc; expires=Wed, 27 Sep 2023 15:22:08 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    e9c63f152e426473bd427a4404715d0a
Sha1:   8cf3c324db12959f85391a1b25f47f904044dba1
Sha256: 8c471f8bf1a8966e03588983d30f03d30653cea1e2f11f6d3b37cb8658845144
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "38328145D631F89145DE9CFCD5E82AAC39454EAC8F446EA59594FF988135637E"
Last-Modified: Tue, 27 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13135
Expires: Tue, 27 Sep 2022 19:01:03 GMT
Date: Tue, 27 Sep 2022 15:22:08 GMT
Connection: keep-alive

                                        
                                            OPTIONS /9?z=4971413&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=c1e5e63255314d5bb1b211a8c45c6dbc HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dropmb.com/
Origin: https://dropmb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://dropmb.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dropmb.com/
Origin: https://dropmb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-length: 0
access-control-allow-origin: https://dropmb.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            OPTIONS /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dropmb.com/
Origin: https://dropmb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-length: 0
access-control-allow-origin: https://dropmb.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropmb.com/
Content-Type: application/json
Origin: https://dropmb.com
Content-Length: 399
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-length: 39
x-trace-id: 39f075a8405274e4fe568856e2acfca6
access-control-allow-origin: https://dropmb.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropmb.com/
Content-Type: application/json
Origin: https://dropmb.com
Content-Length: 781
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-length: 39
x-trace-id: 7650cff387e1841b396a366860cc91ed
access-control-allow-origin: https://dropmb.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            OPTIONS /500/4971412?excludes=&oaid=c1e5e63255314d5bb1b211a8c45c6dbc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://dropmb.com/
Origin: https://dropmb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.237
HTTP/2 200 OK
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://dropmb.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /121?rnd=803204055&z=4971413&b=14993070&c=6131524&var=&d=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3D%7Badformat%7D%26banner%3D14993070%26os%3D%7Bos%7D%26country%3D%7Bcountry%7D%26zoneid%3D4971413%26zone_type%3D%7Bzone_type%7D%26cost%3D%7Bcost%7D%26campaignid%3D6131524%26clickid%3D598647182968500224%26device%3D%7Bdevice%7D%26browser%3D%7Bbrowser%7D%26connection.type%3D%7Bconnection.type%7D%26browserversion%3D%7Bbrowserversion%7D%26carrier%3D%7Bcarrier%7D%26countryname%3D%7Bcountryname%7D%26osversion%3D%7Bosversion%7D%26region%3D%7Bregion%7D%26useragent%3D%7Buseragent%7D%26language%3D%7Blanguage%7D&cln={CELL_NUMBER}&btp=7&rb=zX2PFjovxb6qaHc22nyCoR5SjVfdieaBcq4E0a6ZMNmc04eS__jPJBT5Fod5jYIviskp90FlsT7Wnd6XWUj-C8j2RsHXR7-wEIWT85xJ5RYzgXhalNWMUVuW5W8G7FGkPvwDgnZuAyOp8zdNjXfD88vqUujLOS5GJ4gZZaDuC0q5srhCgfjcyQkvE6w0cB9rrvGwFxTAl2iygklu_UB8YT9Qc7tsIgSe1-4i23LH7-S8IPgORVz9PT2_1-7_9ZG77QyHAUeFmCO5CBt7BY3Iw6PG_JB4OQ66Ron3J46C-rgvoVR-9NbvvKhzf9-4mmYQUfkBxGRdvbXsUO5xpJ0XuZSj581uTTtbil6_wSbNXnp4mwSkd8pZcrKWdhrV432zoxWFxcLRv1HJ_pM2r4nmiBg4ILuJOwrCu6oOwOf5XXiEJBbQcPaeSiTJl70a5UBcuBQyHY3EG8hy691fMNkk5G5-85uILVWG96DI6MitnR5LDYpX6x8mHvCnPg1HtadCdMSNP5fBgzCiOp1tbGNR8zUYOPpvM2PgqsXU-pmQgxSp_m3XCU5IT7TMK9jejaEOjdxXpZsdvsYYSRi8jy6ax_eH7CIo1B_H5BhPrHU88cCRGlej9CKAg_tklLzCS_LcdZfFFWvvQ-F7E2YaHGy2CGqsbJxfZP4dMoFRfTUK66g_IlkFmVOB7iVSQ9GRK6EbOCw-YfCOdt0=&bag=0moqll4M0kV9LglnYLOVlWc2LVA7L85i&ruid=44899443-89ef-4cc2-a15c-c060d6c05d2e&subid=598647182968500224 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: scm=1; OAID=c1e5e63255314d5bb1b211a8c45c6dbc; oaidts=1664292128
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 302 Found
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-length: 0
location: https://www.roifxtrader.com/?adformat=interstitial&banner=14993070&os=linux&country=NO&zoneid=4971413&zone_type={zone_type}&cost=&campaignid=6131524&clickid=598647182968500224&device={device}&browser=firefox&connection.type={connection.type}&browserversion={browserversion}&carrier={carrier}&countryname={countryname}&osversion=other&region={region}&useragent={useragent}&language={language}
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: a3ac1da934b3529d95910a5c1f5ff4ae
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /11?rnd=527308398&z=4971413&b=14993070&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=zX2PFjovxb6qaHc22nyCoR5SjVfdieaBcq4E0a6ZMNmc04eS__jPJBT5Fod5jYIviskp90FlsT7Wnd6XWUj-C8j2RsHXR7-wEIWT85xJ5RYzgXhalNWMUVuW5W8G7FGkPvwDgnZuAyOp8zdNjXfD88vqUujLOS5GJ4gZZaDuC0q5srhCgfjcyQkvE6w0cB9rrvGwFxTAl2iygklu_UB8YT9Qc7tsIgSe1-4i23LH7-S8IPgORVz9PT2_1-7_9ZG77QyHAUeFmCO5CBt7BY3Iw6PG_JB4OQ66Ron3J46C-rgvoVR-9NbvvKhzf9-4mmYQUfkBxGRdvbXsUO5xpJ0XuZSj581uTTtbil6_wSbNXnp4mwSkd8pZcrKWdhrV432zoxWFxcLRv1HJ_pM2r4nmiBg4ILuJOwrCu6oOwOf5XXiEJBbQcPaeSiTJl70a5UBcuBQyHY3EG8hy691fMNkk5G5-85uILVWG96DI6MitnR5LDYpX6x8mHvCnPg1HtadCdMSNP5fBgzCiOp1tbGNR8zUYOPpvM2PgqsXU-pmQgxSp_m3XCU5IT7TMK9jejaEOjdxXpZsdvsYYSRi8jy6ax_eH7CIo1B_H5BhPrHU88cCRGlej9CKAg_tklLzCS_LcdZfFFWvvQ-F7E2YaHGy2CGqsbJxfZP4dMoFRfTUK66g_IlkFmVOB7iVSQ9GRK6EbOCw-YfCOdt0=&ruid=44899443-89ef-4cc2-a15c-c060d6c05d2e&subid=598647182968500224&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=84 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dropmb.com
Connection: keep-alive
Referer: https://dropmb.com/
Cookie: scm=1; OAID=c1e5e63255314d5bb1b211a8c45c6dbc; oaidts=1664292128
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://dropmb.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 886de098cc5756416105917d18d98a8a
access-control-expose-headers: X-Sc
set-cookie: OAID=c1e5e63255314d5bb1b211a8c45c6dbc; expires=Wed, 27 Sep 2023 15:22:08 GMT; secure; SameSite=None oaidts=1664292128; expires=Wed, 27 Sep 2023 15:22:08 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /27/b7bd02994a2771796f8a835cfb750d4b HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropmb.com/
Cookie: scm=1; OAID=2db1a0ec95ee4bf1b8fddc67050950b3; oaidts=1664292128
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 22 Sep 2022 08:42:06 GMT
expires: Thu, 22 Oct 2082 08:42:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   131589
Md5:    83ccf221b730824b7f711df776bdeff3
Sha1:   80fd4684a2569f614f2230f3deb847f87b4fbcd3
Sha256: 92c6479ab53b03e05e72fa8e6f912d23c745c236f317d5c694d88ba4cf661da0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 15:22:08 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 00:52:20 GMT
Expires: Mon, 03 Oct 2022 00:52:19 GMT
Etag: "a28e34ab71eea646efaf0a505a3bd07671bd6012"
Cache-Control: max-age=465610,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75153bacd83db50c-OSL

                                        
                                            POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1 
Host: fleraprt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropmb.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://dropmb.com
Content-Length: 1549
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.254
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Tue, 27 Sep 2022 15:22:27 GMT
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://dropmb.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    adb4650bfc9d2a73d4dd69583b0ceb14
Sha1:   1ce399d6e936232aaf2192cd7903a279c5015f22
Sha256: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /?adformat=interstitial&banner=14993070&os=linux&country=NO&zoneid=4971413&zone_type={zone_type}&cost=&campaignid=6131524&clickid=598647182968500224&device={device}&browser=firefox&connection.type={connection.type}&browserversion={browserversion}&carrier={carrier}&countryname={countryname}&osversion=other&region={region}&useragent={useragent}&language={language} HTTP/1.1 
Host: www.roifxtrader.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         172.67.163.98
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
date: Tue, 27 Sep 2022 15:22:09 GMT
location: https://www.roifxtrader.com/?adformat=interstitial&banner=14993070&os=linux&country=NO&zoneid=4971413&zone_type=%7Bzone_type%7D&cost&campaignid=6131524&clickid=598647182968500224&device=%7Bdevice%7D&browser=firefox&connection_type=%7Bconnection.type%7D&browserversion=%7Bbrowserversion%7D&carrier=%7Bcarrier%7D&countryname=%7Bcountryname%7D&osversion=other&region=%7Bregion%7D&useragent=%7Buseragent%7D&language=%7Blanguage%7D
x-redirect-by: WordPress
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5SFeATa6kGpGZW4VVPKFT4qZr33KY9%2BKg7LnyMQisvTXlVK2bo4LdxIk0Q3aUIv%2BN5ZfeBjubawZOg161XAd7xj5rpMTUbQ3SWMIdNQ1XHd0PUO5J5g0JdkI4pIVrfGYjln6XQB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75153baddc581c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /www/images/a563edd673308b2cd8cc1ec9c0543417.png HTTP/1.1 
Host: offerimage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.22.32.172
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 27 Sep 2022 15:22:09 GMT
content-length: 76281
last-modified: Tue, 07 Jun 2022 21:58:32 GMT
etag: "629fca08-129f9"
expires: Tue, 27 Sep 2022 22:10:39 GMT
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
timing-allow-origin: *
cf-cache-status: HIT
age: 61890
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75153bae9b1c9902-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   76281
Md5:    a563edd673308b2cd8cc1ec9c0543417
Sha1:   bff09cb9d8c3dadb244db8d24b6f58b8dfab6469
Sha256: bbd22caad95af25c9ccf019fe7499c74743b7ef4eaceeffe0781c3f64f054b0c
                                        
                                            GET /?adformat=interstitial&banner=14993070&os=linux&country=NO&zoneid=4971413&zone_type=%7Bzone_type%7D&cost&campaignid=6131524&clickid=598647182968500224&device=%7Bdevice%7D&browser=firefox&connection_type=%7Bconnection.type%7D&browserversion=%7Bbrowserversion%7D&carrier=%7Bcarrier%7D&countryname=%7Bcountryname%7D&osversion=other&region=%7Bregion%7D&useragent=%7Buseragent%7D&language=%7Blanguage%7D HTTP/1.1 
Host: www.roifxtrader.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.163.98
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 27 Sep 2022 15:22:09 GMT
vary: Accept-Encoding
link: <https://www.roifxtrader.com/wp-json/>; rel="https://api.w.org/", <https://www.roifxtrader.com/wp-json/wp/v2/pages/6635>; rel="alternate"; type="application/json", <https://www.roifxtrader.com/>; rel=shortlink
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rENqhXtHI2WDwTRWhMyddAIMfUon2q%2FyOxoRxIFt5D%2BiX%2Bq71LNhB3khlO5lXpln9qJWMUkJ%2BEG41VMPfaAwiCKid75JZXC95U9IdUxvtW13FvmDwJxkBBY%2FMe7VlS1KtGhxnuw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75153bae9d181c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (31980), with CRLF, LF line terminators
Size:   49961
Md5:    f9c52b25699b0d3c8dbb6470b61522d6
Sha1:   9d5dd04e29d0195f729b2e4866939fcc7dcd4bce
Sha256: fc79fda6e0e7aa7cc3224f4ed8fbc451fc5598c307eff200bb786f2eb085f4b5
                                        
                                            GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1 
Host: widget.trustpilot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.78
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Tue, 27 Sep 2022 05:35:19 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pzuIxru1GuqBQcS7X7PigLFjnwD3WsSonFBKjkKegFmcmSqL40YCLQ==
age: 35211
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Size:   6124
Md5:    5add60196e5f96a414fb4b9586764e5d
Sha1:   633f471b3c2fcedeef9cad90cb5bf56f5fe55588
Sha256: 5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 15:22:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /500/4971412?excludes=&oaid=c1e5e63255314d5bb1b211a8c45c6dbc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://dropmb.com
Connection: keep-alive
Referer: https://dropmb.com/
Cookie: OAID=650caff9becd41a7823c54678733ceff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
x-trace-id: 3df0309055dd89fe6bd3d612b4f85917
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://dropmb.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c1e5e63255314d5bb1b211a8c45c6dbc; expires=Wed, 27 Sep 2023 15:22:08 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   12538
Md5:    63e381ec68ed99b12ca49ed671522966
Sha1:   43fb227cb4ec62ca21db3c826615cff19f9ce91f
Sha256: e349010452ee9cf86719d0b0ba3fe7f7a84b24665ea89671559b30df417be443
                                        
                                            GET /external-embedding/embed-widget-ticker-tape.js HTTP/1.1 
Host: s3.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.32
HTTP/2 200 OK
content-type: text/javascript
                                        
content-length: 10745
date: Tue, 27 Sep 2022 10:11:20 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 27 Sep 2022 10:11:06 GMT
etag: "ec810cf189244421fbba88a8fb7661b4"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eIAR_vFyDVDxOPsaoszJrsGYR6UeGlrd3xYHQZkTyq5ulvXW2kaw6A==
age: 18650
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3066)
Size:   10745
Md5:    ec810cf189244421fbba88a8fb7661b4
Sha1:   71ddd06a5ea0b748663403dbb2ef53e553b0297c
Sha256: bb51d1e5236e0daeb078e0df8e945e5a0afc06e83e0ed54281d9af4877f58df0
                                        
                                            GET /flags/4x3/gb.svg HTTP/1.1 
Host: flagicons.lipis.dev
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.199.110.153
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: GitHub.com
x-origin-cache: HIT
last-modified: Sun, 11 Sep 2022 10:36:31 GMT
access-control-allow-origin: *
etag: W/"631dba2f-217"
expires: Sun, 25 Sep 2022 01:52:37 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 3A74:1967:138144E:1BE579D:632FB20D
accept-ranges: bytes
date: Tue, 27 Sep 2022 15:22:09 GMT
via: 1.1 varnish
age: 190
x-served-by: cache-bma1644-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664292130.780969,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 0f453293581c57e2fc3156ae92f7967364c38395
content-length: 331
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   331
Md5:    e6143f617b44e68d423bed136fce8949
Sha1:   c7154e49ce9d9e64f4c1daab47373e0c5f92b7ad
Sha256: b17b64bb7a109117a3492996551dbbab45fd8f44521b00295a6ca7717871d4ad
                                        
                                            GET /flags/4x3/it.svg HTTP/1.1 
Host: flagicons.lipis.dev
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.199.110.153
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: GitHub.com
x-origin-cache: HIT
last-modified: Sun, 11 Sep 2022 10:36:31 GMT
access-control-allow-origin: *
etag: W/"631dba2f-121"
expires: Tue, 27 Sep 2022 03:37:51 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: A78A:111B:6A732E:6DCA27:63326E03
accept-ranges: bytes
date: Tue, 27 Sep 2022 15:22:09 GMT
via: 1.1 varnish
age: 3
x-served-by: cache-bma1644-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664292130.788123,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: c675258a5de0665cdcca181977ef8b98c95b8f7e
content-length: 208
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   208
Md5:    c08a2da07f2c5a52da29268db93d165b
Sha1:   f87a1da0d5fe1524463fb90a7dafd2588bb75043
Sha256: d012f6255909efae4049381abf5aea7890f8c5f3f9d12cc4a8bb41ce67309997
                                        
                                            GET /external-embedding/embed-widget-market-quotes.js HTTP/1.1 
Host: s3.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 27 Sep 2022 10:11:03 GMT
If-None-Match: "3da96dfe346bd193547af675cb8b60ca"
TE: trailers

                                         
                                         54.230.111.32
HTTP/2 304 Not Modified
                                        
date: Tue, 27 Sep 2022 10:11:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 27 Sep 2022 10:11:03 GMT
etag: "3da96dfe346bd193547af675cb8b60ca"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X-CpLZ1P8MBIAYhVmIwPmUZ_-YnnqxEfav8svlWvicryEY8LNdTn-A==
age: 18651
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1166
Md5:    3cd0964c3dc2d7c460a5d4a6a77b0991
Sha1:   7f3acf9be4fb650cfbef397ec6f49c56ade97543
Sha256: d59767b5a9fc15bdd17a49e533e4a993b9a2baf9e530723a97a565f2c2e9e841
                                        
                                            GET /external-embedding/embed-widget-market-quotes.js HTTP/1.1 
Host: s3.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 27 Sep 2022 10:11:03 GMT
If-None-Match: "3da96dfe346bd193547af675cb8b60ca"
TE: trailers

                                         
                                         54.230.111.32
HTTP/2 304 Not Modified
                                        
date: Tue, 27 Sep 2022 10:11:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 27 Sep 2022 10:11:03 GMT
etag: "3da96dfe346bd193547af675cb8b60ca"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -VpEQZ5Ia15nS00pf5LJLQ7BrP4AOToMJcqcLY2Ai64PFKZeN9QbSA==
age: 18651
X-Firefox-Spdy: h2

                                        
                                            GET /gtag/js?id=G-1CZCP7MM89 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 15:22:09 GMT
expires: Tue, 27 Sep 2022 15:22:09 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75230
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (20189)
Size:   75230
Md5:    426037016d762b899930275debb46326
Sha1:   3c302e06557a94752b2c4dd15a292b55554423bf
Sha256: c93dead4a069c5ce3b93ba14d4d077a42a4ac08455a831d99d53d49d92b8c390
                                        
                                            GET /external-embedding/embed-widget-market-quotes.js HTTP/1.1 
Host: s3.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 27 Sep 2022 10:11:03 GMT
If-None-Match: "3da96dfe346bd193547af675cb8b60ca"
TE: trailers

                                         
                                         54.230.111.32
HTTP/2 304 Not Modified
                                        
date: Tue, 27 Sep 2022 10:11:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 27 Sep 2022 10:11:03 GMT
etag: "3da96dfe346bd193547af675cb8b60ca"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gNxM8-EysYFRbNJ1zuIOSaPlKlYEkYNaqYnbTgoRMALVf9iW5xuNNg==
age: 18651
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 15:22:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /d/.js?oref=&ourl=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D4971413%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598647182968500224%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&opt=ROIFX%20Trader%20%E2%80%93%20Trading%20in%20Forex%2C%20Cryptocurrencies%20and%20Stocks&vtm=1664292127624 HTTP/1.1 
Host: engingrepare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.123.187.149
HTTP/2 400 Bad Request
content-type: text/html
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:09 GMT
content-length: 152
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size:   152
Md5:    d9bacc468aa23334526933389545e120
Sha1:   e26288b4bada404ce340ca72989f9f1193dc649c
Sha256: 0605685efb44dd3decd77517436c575731b61f807247587de67080c579ffa2d4
                                        
                                            GET /15?rnd=4022835360&z=4971413&var=&rb=zX2PFjovxb6qaHc22nyCoR5SjVfdieaBcq4E0a6ZMNmc04eS__jPJBT5Fod5jYIviskp90FlsT7Wnd6XWUj-C8j2RsHXR7-wEIWT85xJ5RYzgXhalNWMUVuW5W8G7FGkPvwDgnZuAyOp8zdNjXfD88vqUujLOS5GJ4gZZaDuC0q5srhCgfjcyQkvE6w0cB9rrvGwFxTAl2iygklu_UB8YT9Qc7tsIgSe1-4i23LH7-S8IPgORVz9PT2_1-7_9ZG77QyHAUeFmCO5CBt7BY3Iw6PG_JB4OQ66Ron3J46C-rgvoVR-9NbvvKhzf9-4mmYQUfkBxGRdvbXsUO5xpJ0XuZSj581uTTtbil6_wSbNXnp4mwSkd8pZcrKWdhrV432zoxWFxcLRv1HJ_pM2r4nmiBg4ILuJOwrCu6oOwOf5XXiEJBbQcPaeSiTJl70a5UBcuBQyHY3EG8hy691fMNkk5G5-85uILVWG96DI6MitnR5LDYpX6x8mHvCnPg1HtadCdMSNP5fBgzCiOp1tbGNR8zUYOPpvM2PgqsXU-pmQgxSp_m3XCU5IT7TMK9jejaEOjdxXpZsdvsYYSRi8jy6ax_eH7CIo1B_H5BhPrHU88cCRGlej9CKAg_tklLzCS_LcdZfFFWvvQ-F7E2YaHGy2CGqsbJxfZP4dMoFRfTUK66g_IlkFmVOB7iVSQ9GRK6EbOCw-YfCOdt0=&ruid=44899443-89ef-4cc2-a15c-c060d6c05d2e&subid=598647182968500224&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.22%2C%22location%22%3A%22https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dropmb.com
Connection: keep-alive
Referer: https://dropmb.com/
Cookie: scm=1; OAID=c1e5e63255314d5bb1b211a8c45c6dbc; oaidts=1664292128
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:09 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://dropmb.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 5ebb072d793558bde08564178fa3382b
access-control-expose-headers: X-Sc
set-cookie: OAID=c1e5e63255314d5bb1b211a8c45c6dbc; expires=Wed, 27 Sep 2023 15:22:09 GMT; secure; SameSite=None oaidts=1664292128; expires=Wed, 27 Sep 2023 15:22:09 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2363
Md5:    88bb7b705f237157d3a94841e479ca63
Sha1:   c8bd2620bce8c622823ba9bef664ac436b1c0467
Sha256: 1b5727a6727fa80ba013f2dc86b6bd504dd0f490aa25f478ca91124207f1ff7f
                                        
                                            GET /static/localization/translations/en.f61fd521202094b5.js HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 91421
date: Mon, 26 Sep 2022 10:27:07 GMT
last-modified: Mon, 26 Sep 2022 08:24:24 GMT
etag: "633161b8-1651d"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DHyKcLxo_9QwFjCvt19i-uXeHhzh1tqjrCpTFkted-uVfFDvyZ3KWA==
age: 104103
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (62534)
Size:   91835
Md5:    ff6810942259c0a56772f2a2230017ad
Sha1:   5817deb6c778a15641b1ea9db6c57d26b0c2a512
Sha256: 597c2a05fe0f2c54461e653c2a9e32ecca7e58d6b2b01865620ec531bd82427f
                                        
                                            GET /static/bundles/embed/3086.0d1fcc5f4fdd633672c7.css HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 275
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:37 GMT
etag: "62fdfac9-113"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r6U8gxyRH7jm1WRHGhJXYEJwQOkyCltPgQErdJavb_S2-FIZI7jqRg==
age: 3474244
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (948), with no line terminators
Size:   275
Md5:    fed499f0b2313d63adf3417b0bae8e27
Sha1:   a8541f56b888a27d47cbd2f298bd0ba024831be9
Sha256: ea584321e666a290e526cb885982143175d4324dc21947a9c53b58dc60b56f1e
                                        
                                            GET /static/bundles/embed/72066.f1aaa4b56bfc5daefd58.css HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 272
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:38 GMT
etag: "62fdfaca-110"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Mw7LV8Bo6-4majBAqkk-dtNDDDMhzVbW2Ng-AgutXZoDj0XUiJOKqA==
age: 3474244
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1187), with no line terminators
Size:   272
Md5:    2c94a40a0cdaab30536f9ff9aac30780
Sha1:   13e3a1701670362dc0356126be21982f8a371247
Sha256: 12b841c633c6498d1604f4d6dc199c8d61b22a45abb7b2d4aacbc364d16c21b6
                                        
                                            GET /static/bundles/embed/93419.83330e98cd0f13f52e0f.css HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 1254
date: Tue, 06 Sep 2022 10:02:46 GMT
last-modified: Tue, 06 Sep 2022 09:02:07 GMT
etag: "63170c8f-4e6"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GcrHpdFLlvGtYdd0W6UxVE-X5Y-9hlfi_2r3CkparyVbs-mB8LJo8Q==
age: 1833564
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9662), with no line terminators
Size:   1254
Md5:    1590890d2b95e5dd26b6619078fc3716
Sha1:   7f099065b77017303b41d575174d0506404c2422
Sha256: 0f2d89b30ed40c9645acec4a6708531eb2489aff5aca6f0639d92e6de208c97b
                                        
                                            GET /static/bundles/embed/4704.721cbfb1a5d6784e3109.css HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 482
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
etag: "62fdfacb-1e2"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gndRHyWbmwwMw9kBeZqc3pUf593vItZiFKFpqzNJrOKS1LxLzpJTHw==
age: 3474244
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2185), with no line terminators
Size:   482
Md5:    58cbe331cf45c85a52eb02587adc9fef
Sha1:   13f08c64e54a3f211e26f97b80af35abd49b670b
Sha256: 53adcb676377768d48af24466b08fb38f141ede6a9e84b20d72ed3c209aaf647
                                        
                                            GET /static/bundles/embed/5735.c773d84ae2dfa00f5f7e.css HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 458
date: Tue, 06 Sep 2022 10:02:17 GMT
last-modified: Tue, 06 Sep 2022 09:02:06 GMT
etag: "63170c8e-1ca"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K_oeMSigfqbMd2LU5WxSYlrUk2EB66s8WU5c-2zuzN--yu-qpDvnHg==
age: 1833593
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1649), with no line terminators
Size:   458
Md5:    7497343e286bffb0f77343a72c52c807
Sha1:   a0b16b6844fec13e7e4f05c5ec1dff354a843128
Sha256: f775ccacb10b864665283b42df806044d4c07d2b103c4a3d15fc6fa967890a87
                                        
                                            GET /static/bundles/embed/9610.4b9f8462aa3659c59d53.css HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 613
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
etag: "62fdfacb-265"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V0fzgCHI-OmD3TuEUz81SP8sger2nIB82NE-uvPh5Ww452uMUuXyXg==
age: 3474244
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1510), with no line terminators
Size:   613
Md5:    2ed39ab10b595276b053cddd1eb97895
Sha1:   681c53e78e44ed13467fecce18ea2601876c4928
Sha256: 0b15d02d18e4d0166410d14ed6b9a4c0dabebc4c6216ff6a449a8d16c2666aea
                                        
                                            GET /static/bundles/embed/69952.06b0e333ddc07ff1bde0.js HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 4128
date: Wed, 21 Sep 2022 10:20:06 GMT
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
etag: "632ace12-1020"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xImZ7LdOb4l9oO_y9retXsUQHd7v8vqma9uIhOC2XJ_aK7_gcq4KqA==
age: 536523
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11868)
Size:   4128
Md5:    82c0166d07dafbc60c0256135ff70c1d
Sha1:   2640a815ffbed854738cf29d2ab876d55f8c60dc
Sha256: 5a880fd727f2a0141993963276994f900261db54dc1e62577c23d0f1dc03192a
                                        
                                            GET /static/bundles/embed/59349.06c5af95e99eb360e0d3.js HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 4541
date: Wed, 07 Sep 2022 10:11:06 GMT
last-modified: Wed, 07 Sep 2022 08:33:52 GMT
etag: "63185770-11bd"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6AJed1L6OSlpgq6RsJWyZgb80Jy_JftcMTqEHu-hojA3vqDBlTRMeg==
age: 1746664
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3036)
Size:   4541
Md5:    222668586f47e46b73c5c28e18e2f785
Sha1:   9613ae8405a964b43dfa22e4bd8ffb835981970a
Sha256: 7cadd0fb593df958580a40f6e191e5b5b007a50a731ed48f384605748f01d53a
                                        
                                            GET /static/bundles/embed/95170.8c229ea611144b3d939d.js HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 8938
date: Sat, 30 Jul 2022 06:28:07 GMT
last-modified: Fri, 29 Jul 2022 13:14:57 GMT
etag: "62e3dd51-22ea"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kgCz52L5klIbLEvyBz-Afa0DVXPVJYdboh0GGzCweGq5tDmXMiGsMA==
age: 5129643
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   9546
Md5:    8c170de320ebb7c6f900257cbf738b43
Sha1:   0821e30fccf461fdb72ad175f98d282717dfd8ed
Sha256: d475074b9099fa4d156c8ef37a1e054f2c129554cd1086d4630471660ab1b0f8
                                        
                                            GET /static/bundles/embed/6373.cbf79a416472d97ee266.js HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 8861
date: Wed, 21 Sep 2022 10:20:06 GMT
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
etag: "632ace12-229d"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VkXAizDEdsmZeJj41bY0H8qoSpUKXwUBJijpOyL7xly8Xph91sNxMg==
age: 536523
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (3071)
Size:   8861
Md5:    2bb2f6ec14e1b7033a1efb7bfd636f22
Sha1:   36218963433e51d8c95ecf68abdbf37fff1c7b24
Sha256: 71ea00c5c9d3ce9cbe2faede0ca2dfef8c741de04257d8a9b2ab1c14518621e6
                                        
                                            GET /static/bundles/embed/72369.9291747e1fab1074d523.js HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 33014
date: Tue, 30 Aug 2022 10:48:07 GMT
last-modified: Tue, 30 Aug 2022 10:04:53 GMT
etag: "630de0c5-80f6"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qIXsYZNtxd-udYXML-O20RJ_GBJRo1yr4mRSG6Yrnr5y_zRnrryWhQ==
age: 2435643
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64385), with CRLF line terminators
Size:   39324
Md5:    b72c40cca01c035bed0286890c772cd9
Sha1:   a7865640406acce651ece577daca98800dbbc78e
Sha256: 27b48d1dfd5de7e098a41cdfd885d97514a029934d1cb5180d31ab6780be3b88
                                        
                                            GET /static/bundles/embed/61165.669f518fb3ca12a08781.js HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 9641
date: Tue, 30 Aug 2022 10:48:07 GMT
last-modified: Tue, 30 Aug 2022 10:04:54 GMT
etag: "630de0c6-25a9"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8q7M5nebpdb1jzgil2h1g0f5FvB7ugNw8wa7VMCzXuhV6SZnZrEF0Q==
age: 2435643
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3071)
Size:   9641
Md5:    5d9570cd52c8c73b9e1a2e9865429c3e
Sha1:   eb47e79aebf1eb741a9018b31d22c7c10de0e7fd
Sha256: 4729a1722a0cc609a32e59ee76174287c4711b72cde258d0441014f43991b4ee
                                        
                                            GET /static/bundles/embed/21629.59ea3f34e1413a77f290.js HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 11131
date: Thu, 15 Sep 2022 10:58:07 GMT
last-modified: Thu, 15 Sep 2022 08:58:09 GMT
etag: "6322e921-2b7b"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nVcvB99_DfMjYGAC_8tWKOTik6F8Q_JbczFZdkzlOUXxB9cLMmllMQ==
age: 1052643
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15650)
Size:   11131
Md5:    b3a404cb516ade1695c0705696d97ad1
Sha1:   e63067338645699570f486a7a13f126f16944156
Sha256: 30eddd13db49b8c00d8e64e7bb79266f0ff8b1f76e7699842e60a05ed317fdb4
                                        
                                            GET /static/bundles/embed/49859.57ed1f0e14de0ce7dcbb.css HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 275
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
etag: "62fdfacb-113"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 72Tb0Z02apFsOY6y7n3LJphUkBHVnAMCHg6g3RpN_2kc7yZM97EsOw==
age: 3474244
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (868), with no line terminators
Size:   275
Md5:    baa8242f859530e38f8b32a9c0615593
Sha1:   c883ab6d475cbd4fea077661f25bbca065950a08
Sha256: c7b10129b6beba6afdd65d4b6079e7952447d0a79c094ee6a850c7a583fb7406
                                        
                                            GET /static/bundles/embed/22641.c7183a76dc0599de9f42.css HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 566
date: Thu, 18 Aug 2022 10:18:06 GMT
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
etag: "62fdfacb-236"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AMVZsL1Qh5sx8DvCshlamGthhbZwNxd42mou15KRRq88QrOXLWCIxQ==
age: 3474244
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3872), with no line terminators
Size:   566
Md5:    6e6b52d09836b19a082054796f9fbadf
Sha1:   47f855654aca16bb3d22b0a261028c07bfbf3ac1
Sha256: b66836dc4dcb259fd7f709598dc05417bc69fe1c7f6382e3be864e124f711186
                                        
                                            GET /static/bundles/embed/runtime.55d8483e42e5d6ab1a14.js HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 20735
date: Tue, 27 Sep 2022 10:13:06 GMT
last-modified: Tue, 27 Sep 2022 08:34:04 GMT
etag: "6332b57c-50ff"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BrxG5UcG5u3yX9dCVMnXrrjc1s6iawJI2gILI8OP9MeX91ImveLgJQ==
age: 18544
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (3068)
Size:   20735
Md5:    bab5f0aedda3fe5131ba839215bc3920
Sha1:   8fa9ad34bd3ad302d8e1ee7ef82af47e8201c7e3
Sha256: 8b0991464a7082fb25dbc7c97529a3a0b391e1fc9b209390e2615793bca6b790
                                        
                                            GET /static/bundles/embed/41848.a819f80182db62e2c3b6.css HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 1102
date: Tue, 06 Sep 2022 10:02:30 GMT
last-modified: Tue, 06 Sep 2022 09:02:09 GMT
etag: "63170c91-44e"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9aVIy1RkFmoM4e4m4NWyvFFQjNdH3cPPh3kVEWbDyTYNO1P2DNHcBw==
age: 1833579
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6539), with no line terminators
Size:   1102
Md5:    314a88cb707c312d3d20310eb6e16b27
Sha1:   06a733bacfaa9706a6b3fff13a8aa9325f464ca9
Sha256: 92824d9ce9a58e064ff1b14673fc316221dea9f55122b027e58ea4470e9b3233
                                        
                                            GET /static/bundles/embed/9594.68f7335652cbfdf7e67c.js HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 7197
date: Wed, 21 Sep 2022 10:20:26 GMT
last-modified: Wed, 21 Sep 2022 08:40:49 GMT
etag: "632ace11-1c1d"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BF6jhFF2xxVQC_TIGfZxt-vrjF_78qqIttEyOjZfqsO3YxvHfMzoKw==
age: 536504
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5750)
Size:   7197
Md5:    6d25a025eb6edd164ef789ea89e7c814
Sha1:   d9df16238f5e4ef4619b5eeb2f391af629df9ce2
Sha256: a6aeb8f1eec4623d7f42086e7f76a241b24a43d044c377a0663dff3b23ba2fc6
                                        
                                            GET /static/bundles/embed/97029.aec87eec8d0ca240b268.css HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 1080
date: Thu, 18 Aug 2022 10:18:24 GMT
last-modified: Thu, 18 Aug 2022 08:39:39 GMT
etag: "62fdfacb-438"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HnKYlmfXMaWyqGWF6Rhs6ChRy4EcKGE3w36GdoKBSJWPb-9NkfX9eQ==
age: 3474226
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6181), with no line terminators
Size:   1080
Md5:    36c5de656ee5ac6c3687030dae4ac897
Sha1:   c4cdf0cf6f8996a6bb2bb3d275c19113ed350953
Sha256: e3a85219b604b7535c69f1ae7ef8d9d4df795997954b6174ef8344d1ec0023c7
                                        
                                            GET /static/bundles/embed/embed_market_quotes_widget.075f77fa1afd167026d2.js HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 12044
date: Wed, 21 Sep 2022 10:20:26 GMT
last-modified: Wed, 21 Sep 2022 08:40:49 GMT
etag: "632ace11-2f0c"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YF3GganHlesMGMvAQAzZY54ylXcC9Kl7bMzqUTAlaA7OxM2kUxcJ5A==
age: 536504
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15650)
Size:   12044
Md5:    80b4d79fd5b0d5b2227c5e37244d6e1b
Sha1:   13cb4488a6aab85b9ccfa5a3e35c408bd6911eca
Sha256: a11c6f63b551ddcaf446d1ddb38f7d496afcfe9d98d91b44cb9a878c471bc6e0
                                        
                                            GET /socket.io/websocket?from=embed-widget%2Fticker-tape%2F&date=2022_09_27-11_30 HTTP/1.1 
Host: widgetdata.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: h9SFvVyngvL8N9jLffygXA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         213.156.140.161
HTTP/1.1 101 Switching Protocols
                                        
Date: Tue, 27 Sep 2022 15:22:11 GMT
Connection: upgrade
sec-websocket-accept: LsQeRMBJ9dMwEiPJUHgZu2RyHq0=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv

                                        
                                            GET /static/bundles/embed/28903.415109541489380d12f6.css HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 219
date: Tue, 06 Sep 2022 10:02:46 GMT
last-modified: Tue, 06 Sep 2022 09:02:06 GMT
etag: "63170c8e-db"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 44EXPWGDPP50na4UbzmRNyTJSxA31pas7X-ekHkrWwlvyN31xO6bMA==
age: 1833565
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (801), with no line terminators
Size:   219
Md5:    97f7a20e8f5b5aab89e7323c3f952f93
Sha1:   0a86a43d70147185f1f356ac3061d461f498a0af
Sha256: 51e40ba29ca9c9b7f89f255331a616a93beb9fb033c029e058a6a45483c0209c
                                        
                                            GET /static/bundles/embed/tradingview-copyright-data-impl.8fddca2ccd8456d34a10.js HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 2082
date: Tue, 06 Sep 2022 10:03:06 GMT
last-modified: Tue, 06 Sep 2022 09:02:07 GMT
etag: "63170c8f-822"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QNMb5eF6_hGPaKPQD1iCvBr7uPfxfIWd_k6HE2fmJsOTS9s5Bn8XlQ==
age: 1833545
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3332)
Size:   2082
Md5:    e6796590284ab6cfb534e922a2ebca47
Sha1:   a18fcd51aab7f7a2510583126f25f33f94bf1626
Sha256: fa3c19b48ad254a9cd1bc6753b098c4db439979efae0b12705e89087a1541da9
                                        
                                            GET /socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30 HTTP/1.1 
Host: widgetdata.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NTqtj7nkDzJYYRwDapzFuQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         213.156.140.161
HTTP/1.1 101 Switching Protocols
                                        
Date: Tue, 27 Sep 2022 15:22:11 GMT
Connection: upgrade
sec-websocket-accept: 3d507mPiTSh8rhfTPBzMvNCIS5s=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv

                                        
                                            GET /trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=62bc0c115fe9507ba430b5ef HTTP/1.1 
Host: widget.trustpilot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.78
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 2028
date: Tue, 27 Sep 2022 03:52:51 GMT
last-modified: Tue, 16 Aug 2022 12:42:13 GMT
etag: "31a9b5fa35e99cbb958f8facd1967e11"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: C-217J6fl8NNGHgs7iY9cxrRLgyHtSRytjl7lje8QiR9KC9nHe1hGw==
age: 41361
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6390)
Size:   2028
Md5:    31a9b5fa35e99cbb958f8facd1967e11
Sha1:   5885c836b1be01370bed43fbb96278e2fc0e40f9
Sha256: b2a7e35547d699bc046c22f88eadb882a55c67e89408cc7a61cdc0c443384fa4
                                        
                                            GET /trustboxes/5419b6a8b0d04a076446a9ad/main.js HTTP/1.1 
Host: widget.trustpilot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=62bc0c115fe9507ba430b5ef
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         143.204.55.78
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-length: 17866
last-modified: Tue, 16 Aug 2022 12:42:15 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Tue, 27 Sep 2022 01:46:22 GMT
cache-control: max-age=86400
etag: "a935a0a0daf8a792b6f622a79037eb14"
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DlqcSnR3jR4otJH8q72fAgktlQww_jDq1fl3RN5gjJXxajm3KpUz2A==
age: 48956
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (58329)
Size:   17866
Md5:    a935a0a0daf8a792b6f622a79037eb14
Sha1:   ce630181500fec9f5805e83f6a8ff08bf94d915f
Sha256: 3a4186a7ce71e0e3c50edade71422496a78db2317f107e953c5aa6dee8f683c7
                                        
                                            GET /15?rnd=4022835360&z=4971413&var=&rb=zX2PFjovxb6qaHc22nyCoR5SjVfdieaBcq4E0a6ZMNmc04eS__jPJBT5Fod5jYIviskp90FlsT7Wnd6XWUj-C8j2RsHXR7-wEIWT85xJ5RYzgXhalNWMUVuW5W8G7FGkPvwDgnZuAyOp8zdNjXfD88vqUujLOS5GJ4gZZaDuC0q5srhCgfjcyQkvE6w0cB9rrvGwFxTAl2iygklu_UB8YT9Qc7tsIgSe1-4i23LH7-S8IPgORVz9PT2_1-7_9ZG77QyHAUeFmCO5CBt7BY3Iw6PG_JB4OQ66Ron3J46C-rgvoVR-9NbvvKhzf9-4mmYQUfkBxGRdvbXsUO5xpJ0XuZSj581uTTtbil6_wSbNXnp4mwSkd8pZcrKWdhrV432zoxWFxcLRv1HJ_pM2r4nmiBg4ILuJOwrCu6oOwOf5XXiEJBbQcPaeSiTJl70a5UBcuBQyHY3EG8hy691fMNkk5G5-85uILVWG96DI6MitnR5LDYpX6x8mHvCnPg1HtadCdMSNP5fBgzCiOp1tbGNR8zUYOPpvM2PgqsXU-pmQgxSp_m3XCU5IT7TMK9jejaEOjdxXpZsdvsYYSRi8jy6ax_eH7CIo1B_H5BhPrHU88cCRGlej9CKAg_tklLzCS_LcdZfFFWvvQ-F7E2YaHGy2CGqsbJxfZP4dMoFRfTUK66g_IlkFmVOB7iVSQ9GRK6EbOCw-YfCOdt0=&ruid=44899443-89ef-4cc2-a15c-c060d6c05d2e&subid=598647182968500224&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A3.276%2C%22location%22%3A%22https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dropmb.com
Connection: keep-alive
Referer: https://dropmb.com/
Cookie: scm=1; OAID=c1e5e63255314d5bb1b211a8c45c6dbc; oaidts=1664292128
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:11 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://dropmb.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: e1b13deb559b4f3507d5ba837ef952d9
access-control-expose-headers: X-Sc
set-cookie: OAID=c1e5e63255314d5bb1b211a8c45c6dbc; expires=Wed, 27 Sep 2023 15:22:11 GMT; secure; SameSite=None oaidts=1664292128; expires=Wed, 27 Sep 2023 15:22:11 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.tradingview.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 14:41:09 GMT
expires: Tue, 27 Sep 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 2463
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            GET /_s/v4/app/63258f417d7/js/twk-main.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.38.66
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 15:22:12 GMT
age: 166062
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75153bc129b90b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   10534
Md5:    d885c414b9514dddf7439864aab50e9f
Sha1:   fda3257848af104e8d995c1f58c3776ace2dede7
Sha256: 3011503cfb50e7c4bbbe45e12a5159a2d9055dde82ffe7ba202de25cc27ce5a6
                                        
                                            GET /stats/TrustboxImpression?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=light&minReviewCount=10&withoutReviewsPreferredStringId=1&url=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D4971413%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598647182968500224%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=62bc0c115fe9507ba430b5ef&widgetId=5419b6a8b0d04a076446a9ad HTTP/1.1 
Host: widget.trustpilot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=62bc0c115fe9507ba430b5ef
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         143.204.55.78
HTTP/2 204 No Content
                                        
cache-control: no-store,no-cache
date: Tue, 27 Sep 2022 15:22:11 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: R1J_uMjbBaDxy-5Cmm-OA3V4CnadPY5-35kUjpCc4u5cblJiMWYv0g==
X-Firefox-Spdy: h2

                                        
                                            GET /stats/TrustboxView?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=light&minReviewCount=10&withoutReviewsPreferredStringId=1&url=https%3A%2F%2Fwww.roifxtrader.com%2F%3Fadformat%3Dinterstitial%26banner%3D14993070%26os%3Dlinux%26country%3DNO%26zoneid%3D4971413%26zone_type%3D%257Bzone_type%257D%26cost%26campaignid%3D6131524%26clickid%3D598647182968500224%26device%3D%257Bdevice%257D%26browser%3Dfirefox%26connection_type%3D%257Bconnection.type%257D%26browserversion%3D%257Bbrowserversion%257D%26carrier%3D%257Bcarrier%257D%26countryname%3D%257Bcountryname%257D%26osversion%3Dother%26region%3D%257Bregion%257D%26useragent%3D%257Buseragent%257D%26language%3D%257Blanguage%257D&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=62bc0c115fe9507ba430b5ef&widgetId=5419b6a8b0d04a076446a9ad HTTP/1.1 
Host: widget.trustpilot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=62bc0c115fe9507ba430b5ef
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         143.204.55.78
HTTP/2 204 No Content
                                        
cache-control: no-store,no-cache
date: Tue, 27 Sep 2022 15:22:11 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZAv2CzqKvx5JLGA0yJNQpTKljTUqW8hc_vBoCRqIfy1T_vfdyVEQew==
X-Firefox-Spdy: h2

                                        
                                            GET /_s/v4/app/63258f417d7/js/twk-app.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.38.66
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 15:22:12 GMT
age: 166062
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75153bc139d00b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   153
Md5:    cda4e714f8789fa77ecd04bc1c74351d
Sha1:   612b96465f7302468f781cedcf48fd2bc0658c62
Sha256: f9bc5790fb0521158f9e80a459e7cb3dbd64f3ac0e8a170611e44ce8250e5668
                                        
                                            GET /country/AU.svg HTTP/1.1 
Host: s3-symbol-logo.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 937
last-modified: Wed, 08 Sep 2021 09:02:00 GMT
x-amz-meta-hash: ffaa89557725b51eb58753956db0a148
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 15:04:49 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "ffaa89557725b51eb58753956db0a148"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: S9ET4Ki3mDSK2oYlR7dsqrPZff9q0P20rx5kttvjW9YkBvLOGBNEzA==
age: 1058
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (937), with no line terminators
Size:   937
Md5:    ffaa89557725b51eb58753956db0a148
Sha1:   af4c43200c5a85ad2d525412bf83e55e90138bd3
Sha256: 27c815d48181359be416f858593d35e363b546bf3f237e0458cccf01fefbdf30
                                        
                                            GET /country/CH.svg HTTP/1.1 
Host: s3-symbol-logo.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 236
last-modified: Wed, 08 Sep 2021 09:01:10 GMT
x-amz-meta-hash: 2390cb6eb08128c8300b6a29c41f2842
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 15:10:48 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "2390cb6eb08128c8300b6a29c41f2842"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zuM0ZErU7BndlzBUtj1UU5lE0T92TnFnNKF3iqc_HpFQt9Py-Vkhfg==
age: 686
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with no line terminators
Size:   236
Md5:    2390cb6eb08128c8300b6a29c41f2842
Sha1:   de96debc38e1b541ef81692120f1099d1f1e9d20
Sha256: 3b66ebe14df724fa1f4efc29bf7b8658975e89be92202238d75fad8badc68d36
                                        
                                            GET /country/JP.svg HTTP/1.1 
Host: s3-symbol-logo.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 215
last-modified: Wed, 08 Sep 2021 09:00:59 GMT
x-amz-meta-hash: dd1bc2f51b952d5c3421a69d6febe6ce
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:43:39 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "dd1bc2f51b952d5c3421a69d6febe6ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: v0mUkb3CqQFYmqHnsWN6EYJ4OP8fM5-0C4An3TNiOa445RjZ4NBfEQ==
age: 2322
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with no line terminators
Size:   215
Md5:    dd1bc2f51b952d5c3421a69d6febe6ce
Sha1:   b501eef8705cc2c8e9d8b9a9ce431d70e1ef0f71
Sha256: 147aa1297638071607ef5cf0d722c1953c6716e61ef32f58e3fb7fd132ce84ee
                                        
                                            GET /crypto/XTVCETH.svg HTTP/1.1 
Host: s3-symbol-logo.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 523
last-modified: Wed, 08 Sep 2021 09:05:18 GMT
x-amz-meta-hash: 4542d4ecd73f04c73affa787a4522596
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:37:04 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "4542d4ecd73f04c73affa787a4522596"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nm-3ay8OAsT5eUXngbdBT9SlEbpu-B9zV0g94OPFq9Aje7Ul7G5Yug==
age: 2715
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (523), with no line terminators
Size:   523
Md5:    4542d4ecd73f04c73affa787a4522596
Sha1:   6e7129a5417dac4d4547b375e8b23d5a7dc5b714
Sha256: 955bd5f554e5d8270b845efa8be72101716a41e43d07288b7619bbb5f2039774
                                        
                                            GET /_s/v4/app/63258f417d7/js/twk-vendor.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.38.66
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 15:22:12 GMT
age: 166062
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75153bc139c80b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65472)
Size:   28334
Md5:    6e4f116d059e48434648a00917de674f
Sha1:   c92cb5699884b9821bcb42d719e993c580ae8ae0
Sha256: e37cc5f4c92f19600097e41769d916e152be6cecd88c0fc1356af45c9dc61768
                                        
                                            GET /_s/v4/app/63258f417d7/js/twk-runtime.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.38.66
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 15:22:12 GMT
age: 166062
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"31ca85b2b61bb42db4e40c2e9429f7dc"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75153bc139cf0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2306), with no line terminators
Size:   14043
Md5:    5b2774e8ba5904c305d5edd034492c78
Sha1:   b643dea022f667b3872b7be2ed8a79b21abb2f1e
Sha256: 88dfcbedc331df1b21b3accb02bf23c21015688d66c9f26a8a3035fb037ab875
                                        
                                            GET /country/EU.svg HTTP/1.1 
Host: s3-symbol-logo.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 870
last-modified: Wed, 08 Sep 2021 09:01:40 GMT
x-amz-meta-hash: e9173ef4613c3da43c45885ea39c4b96
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:46:55 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "e9173ef4613c3da43c45885ea39c4b96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _d6IM0drZMJRepWLmkVefWSm8fmfvsjBtw62CfD7ey04ZZ7iGjoHtw==
age: 2118
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (870), with no line terminators
Size:   870
Md5:    e9173ef4613c3da43c45885ea39c4b96
Sha1:   218b28ec16584e3f2326b778d3cca1d5c6a682d1
Sha256: b47993af3ef9963a193ddc9d0bd10fc8f1f773fe0881ffa3c8d2151498fccf03
                                        
                                            GET /socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30 HTTP/1.1 
Host: widgetdata.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: r+Fw9hUNkhYJXTYBZ8FSvg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         213.156.140.161
HTTP/1.1 101 Switching Protocols
                                        
Date: Tue, 27 Sep 2022 15:22:12 GMT
Connection: upgrade
sec-websocket-accept: Ve4E1uefbtnG5HDJaFJ0dF7/VRU=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv

                                        
                                            GET /country/GB.svg HTTP/1.1 
Host: s3-symbol-logo.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 468
last-modified: Wed, 08 Sep 2021 09:01:59 GMT
x-amz-meta-hash: 09bfac5408302ee8c52fa2ed008c4f13
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:44:47 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "09bfac5408302ee8c52fa2ed008c4f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fGrEw701wC4ZnEVu1qZRM5e7j3rjNLhc8cnPxxswvxK1HT8rp00WYg==
age: 2261
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (468), with no line terminators
Size:   468
Md5:    09bfac5408302ee8c52fa2ed008c4f13
Sha1:   ec2b53eba8ec1a31fc6745cd9c4fc09518db1c2f
Sha256: b3e463d925abc879f5b76428144c0da44bc02fae2188f71bc9e7aa7ab6f46037
                                        
                                            GET /v1/widget-settings?propertyId=6281b6ff7b967b11798f7d77&widgetId=1g35b5lj0&sv=undefined HTTP/1.1 
Host: va.tawk.to
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.roifxtrader.com/
Origin: https://www.roifxtrader.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.38.66
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 27 Sep 2022 15:22:12 GMT
x-served-by: visitor-application-preemptive-q413
access-control-allow-origin: *
access-control-allow-methods: GET,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
cache-control: public, max-age=7200, s-maxage=1800
etag: W/"2-57-0"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 231
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75153bc2ab060b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (3729), with no line terminators
Size:   5716
Md5:    8311c6f4223afade2022cf01749d9827
Sha1:   531ba39bcb71b43de4522dbdfcbbba55c5301e72
Sha256: 48b97094842519b7d145294b00cdf8de38474feef5d64b6a5f04dce826c0704a
                                        
                                            GET /indices/s-and-p-500.svg HTTP/1.1 
Host: s3-symbol-logo.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Thu, 26 May 2022 07:17:22 GMT
x-amz-meta-hash: f120e635d6a57528861fe87233bc6c11
server: AmazonS3
content-encoding: gzip
date: Tue, 27 Sep 2022 15:12:46 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: W/"f120e635d6a57528861fe87233bc6c11"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jcjCDyQwNtl6APl9-TlnLeri1upAujrWwr_Ynxdf62-SvPpbZSbnLQ==
age: 583
X-Firefox-Spdy: h2

                                        
                                            GET /microsoft.svg HTTP/1.1 
Host: s3-symbol-logo.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 304
last-modified: Wed, 08 Sep 2021 09:00:12 GMT
x-amz-meta-hash: 074d127e2f9fd8c2e79c01a5f002979c
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:58:01 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "074d127e2f9fd8c2e79c01a5f002979c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W8JmdvimKZesT4TRblgbHXBCtYEmtltNfgVqC0oPjPqb9GEgwuMPCQ==
age: 1457
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (304), with no line terminators
Size:   304
Md5:    074d127e2f9fd8c2e79c01a5f002979c
Sha1:   a180afde05902cdc100a83180fa387201f992401
Sha256: 6bf4fad87b4483f83117912558a5b8daa68a01d9608f11d5ca9ca16053149e85
                                        
                                            GET /meta-platforms.svg HTTP/1.1 
Host: s3-symbol-logo.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 786
last-modified: Fri, 05 Nov 2021 11:07:13 GMT
x-amz-meta-hash: cafd1d7d717ad67e5dbe45b88fa3d47b
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:46:29 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "cafd1d7d717ad67e5dbe45b88fa3d47b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BjKhEtjpSCfdKWz7dn3gddQ--B3_wUNJj5OGOA03SGvw_jPttQiQKg==
age: 2159
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (786), with no line terminators
Size:   786
Md5:    cafd1d7d717ad67e5dbe45b88fa3d47b
Sha1:   0e858c59cd7a560d09b0792bf34621446fc4cf4b
Sha256: 293eff2aa7a4048146447446eff25ae9776419aa39fd30e528c8847aa7b23643
                                        
                                            GET /spdr-sandp500-etf-tr.svg HTTP/1.1 
Host: s3-symbol-logo.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 548
last-modified: Wed, 15 Jun 2022 10:23:36 GMT
x-amz-meta-hash: 739b8a1d4950ef3e563a4527ba38d111
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:23:51 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "739b8a1d4950ef3e563a4527ba38d111"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wDJDwHu83yce0UZCWFuQxQ8_18HEpLsORyZzFaWqJ82ZBj4nBf88IA==
age: 3503
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (548), with no line terminators
Size:   548
Md5:    739b8a1d4950ef3e563a4527ba38d111
Sha1:   5bb4b592092552384154d47e64a8c65216969b7b
Sha256: cad088efc0978bf886800020a056e4eb07359385addebd54ad4422991689b844
                                        
                                            GET /netflix.svg HTTP/1.1 
Host: s3-symbol-logo.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 453
last-modified: Wed, 08 Sep 2021 08:53:57 GMT
x-amz-meta-hash: 088f20cd1f479350f02d9aada3709050
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:52:25 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "088f20cd1f479350f02d9aada3709050"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KOVfhjDfSEJD83dHj4LQFL2v8WcGoP25vTJ3NXGythPnUHmT9PlHSQ==
age: 1792
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (453), with no line terminators
Size:   453
Md5:    088f20cd1f479350f02d9aada3709050
Sha1:   114bd591e902fc05d93e966453b74b252b88dd58
Sha256: c5f5b9304726376ee2b8f6b47ad85c5c7509c14e10fca4c4b1ebda33e76983e6
                                        
                                            GET /amazon.svg HTTP/1.1 
Host: s3-symbol-logo.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Wed, 08 Sep 2021 08:57:49 GMT
x-amz-meta-hash: 839d24db4574bb8543cec9624d3e1007
server: AmazonS3
content-encoding: gzip
date: Tue, 27 Sep 2022 14:37:05 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: W/"839d24db4574bb8543cec9624d3e1007"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2yj5-3VvlFc6myfO-gb3uHpcgQbYBUX0wGD0C2lTXBCV2Nm7HpYd-A==
age: 2716
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1916
Md5:    49ec75882706e829f3ce5c76317a1f82
Sha1:   cba068323e18db766aa5fcc4793bf761b881fe8d
Sha256: f253a4c9c7df19f438fb9b0b688a85307d1bd984943afe5e1548b430291ad10c
                                        
                                            GET /country/US.svg HTTP/1.1 
Host: s3-symbol-logo.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Wed, 08 Sep 2021 09:01:07 GMT
x-amz-meta-hash: 2a945cbbe3767a4009ec5f2c655780a7
server: AmazonS3
content-encoding: gzip
date: Tue, 27 Sep 2022 15:10:48 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: W/"2a945cbbe3767a4009ec5f2c655780a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZQhBJ33CgMDaJ_UyGh2UMoB3za9dhBdyfl4LkNI7BNz7nJfM48eDVw==
age: 688
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (2813), with no line terminators
Size:   386
Md5:    5d7024e270ed809e958656aff06b8551
Sha1:   2a1e2f15d59dad51e02acd110e1ce1d07a9a03a0
Sha256: 8aa189ebb546b1a466f273c68e0bfa1a9f10fcbd5b6658181074891458cb6101
                                        
                                            GET /apple.svg HTTP/1.1 
Host: s3-symbol-logo.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Wed, 08 Sep 2021 08:59:47 GMT
x-amz-meta-hash: 725d4f188fecc7d857c5a8e668ec4dac
server: AmazonS3
content-encoding: gzip
date: Tue, 27 Sep 2022 14:39:40 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: W/"725d4f188fecc7d857c5a8e668ec4dac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zpMUli6VdClfGcxy77DiJWC0R7jXaFxGn7wevhSQV1xoNraTwYrDng==
age: 2554
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1504
Md5:    73258b68952ff9bb60f4ace6a50c7d62
Sha1:   7e316d898c67bb70a6636aef324fea70226b0f06
Sha256: 0d7823502f288535fbc56f98b6b06c216509c5235e772802e6c3b05a0196a679
                                        
                                            GET /crypto/XTVCLTC.svg HTTP/1.1 
Host: s3-symbol-logo.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 291
last-modified: Wed, 08 Sep 2021 09:03:49 GMT
x-amz-meta-hash: 135fed0ba41e2cc6f0be38d91f6d4327
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:50:19 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "135fed0ba41e2cc6f0be38d91f6d4327"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: O8eskStFv5btD4ol-4bXLwj_5GCvgO0k-PyQ13M0AMHSeHXTtCiZiQ==
age: 1916
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with no line terminators
Size:   291
Md5:    135fed0ba41e2cc6f0be38d91f6d4327
Sha1:   4cf7a4ad00909e8b92e5c9a428f71721481a78b0
Sha256: fea85b7101beb79844d8b4396a6df981f4757c150cdf3f61bc59453dd2f440ba
                                        
                                            GET /crypto/XTVCXRP.svg HTTP/1.1 
Host: s3-symbol-logo.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 661
last-modified: Wed, 08 Sep 2021 09:01:05 GMT
x-amz-meta-hash: 4cc138d1e09d2133eeca65966f3894f0
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:56:53 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "4cc138d1e09d2133eeca65966f3894f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gXKYkZYUoZNHrRW1vU2yJEkupVWhjVcC7nqDIyJhHbb4os2oK7XC_Q==
age: 1526
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (661), with no line terminators
Size:   661
Md5:    4cc138d1e09d2133eeca65966f3894f0
Sha1:   cf40ee7fc2a18c2f6ae3c7522b6234ca45743623
Sha256: b2296bde0cbe8bc2cd069e06dcc26ebcd6cd3203dea044abf5a2fed0dc4ffbf6
                                        
                                            GET /crypto/XTVCEOS.svg HTTP/1.1 
Host: s3-symbol-logo.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Wed, 08 Sep 2021 09:04:44 GMT
x-amz-meta-hash: b5bb09f3f95c87ffa9a07fc8c225f1bd
server: AmazonS3
content-encoding: gzip
date: Tue, 27 Sep 2022 15:16:47 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: W/"b5bb09f3f95c87ffa9a07fc8c225f1bd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SOkeb1RqnMglm4sUPyz8WHCv8yf892xExn1ehm6Zj2iwcihDY1NbNA==
age: 335
X-Firefox-Spdy: h2

                                        
                                            GET /socket.io/websocket?from=embed-widget%2Fmarket-quotes%2F&date=2022_09_27-11_30 HTTP/1.1 
Host: widgetdata.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://s.tradingview.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8bM6gjPv9P1cjZMuGagyUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         213.156.140.161
HTTP/1.1 101 Switching Protocols
                                        
Date: Tue, 27 Sep 2022 15:22:13 GMT
Connection: upgrade
sec-websocket-accept: AYubzNS2wqUOS5oXBDHs/xgZCMo=
sec-websocket-extensions: permessage-deflate
upgrade: websocket
Server: tv

                                        
                                            GET /impression/AxCE663Ra1TUIJKiVBsaXAHmmmVCGzicIdb304XLE4N4U1J3zBx8BA7xpEfg8LfCJnKZvlP4Cri9OASzhSLvEkDME9kp49z2xFOVbfI2_hWf2d9yi1RatTL0ew8qA7srWn9YHCcWl_XfKW_eKKGGj-NbG1XmgecaTH9ftZOiHwVefMft2NqJWcsP0C1HN_AU1eUtpsDBYwwcRtQ-9Tq9nV4FO9uXNu5YTusM_JiOP5xJ9xHS0KN_hQVv3UQ7VsPR8Y2-P1eZPDGBqdqJGZun8Br7LxBAB7BwvmTH7x3JCbY-6YPq7kdxxt-qXF6Cmm4U1SKHhXzT6grIIIEU6lRI0GL2vEHRQKeiMKt-jKscjn2U-a2Sxv4wlUx4Rlc-D-Q1pCAfHulKI-AhNrIUlI5j7gAZ9MvuhDiU4nznR-AgUY327j5UxcDE6kXMa9HHuh6ZKGPdoUrRwmNVsITjNoh-vwSo8dyeWiIujfrgyirRzoRTZ-zQ72WXJ5q-5HnFF7Z7ES6UvxdrCmYQhdIIm4M5fdR-yU_1sQ-svabJTrMLWayo54FjlB32mL47QApiLSEuUAuan8aTpCeg3_nAOEM6BZVeDKMAkTFPMc30KVmSOfSHJ3TBFgt9c3sS0ZaTYdbUZDq0bmMe7-1fQ4bU?_z=4971412&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropmb.com/
Cookie: OAID=c1e5e63255314d5bb1b211a8c45c6dbc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:13 GMT
content-length: 43
x-trace-id: 94ff709ab8da4084bdfb52ad9acaaa12
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /metal/silver.svg HTTP/1.1 
Host: s3-symbol-logo.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 565
last-modified: Wed, 08 Sep 2021 09:03:04 GMT
x-amz-meta-hash: dce62cd8bdd46fc425f784329fcffe2c
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:43:39 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "dce62cd8bdd46fc425f784329fcffe2c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zdqoGK0qJ1RPzN3Cr6XX5ho8oNpb91FnsvfPQKqA5Yodw0kp_qdghg==
age: 2323
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (565), with no line terminators
Size:   565
Md5:    dce62cd8bdd46fc425f784329fcffe2c
Sha1:   0ad2df26d62c45e2a97a57d122d32f5cc7a70b2b
Sha256: 73fc3f194fea75788959fbf4099dba6c48fcd70deef2293d7d797fe697671764
                                        
                                            GET /crude-oil.svg HTTP/1.1 
Host: s3-symbol-logo.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 443
last-modified: Wed, 08 Sep 2021 08:59:22 GMT
x-amz-meta-hash: 5e4e832aa47ec693a3c1de44c8b222b5
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:40:16 GMT
cache-control: max-age=2592000,s-maxage=3600
etag: "5e4e832aa47ec693a3c1de44c8b222b5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OkexZ_MNiWYy-It0WJALpof41B3yNy7sSJ3v19Q62ZSKSxFd2t5BGg==
age: 2518
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (443), with no line terminators
Size:   443
Md5:    5e4e832aa47ec693a3c1de44c8b222b5
Sha1:   2d5947bfa54cf87422a3d02c46de823d55613400
Sha256: 106132134d99b813f417630a48b4ad75f75423f05cf1ecca333928d67e2e9aaa
                                        
                                            OPTIONS /500/4971412?excludes=14745758&oaid=c1e5e63255314d5bb1b211a8c45c6dbc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://dropmb.com/
Origin: https://dropmb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:13 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://dropmb.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /500/4971412?excludes=14745758&oaid=c1e5e63255314d5bb1b211a8c45c6dbc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://dropmb.com
Connection: keep-alive
Referer: https://dropmb.com/
Cookie: OAID=c1e5e63255314d5bb1b211a8c45c6dbc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:13 GMT
x-trace-id: cbc981900adc83a4c3b03165e71ac0fb
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://dropmb.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c1e5e63255314d5bb1b211a8c45c6dbc; expires=Wed, 27 Sep 2023 15:22:13 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   14469
Md5:    2a39da94fcd3f80b812a73564b527a73
Sha1:   882dc5a1829b87558855d13bd59c52cae96a7de8
Sha256: 06a7b08e6f1a513694afcc5e55d7cf4347f88eff15725f449d84b3b5c1d3c1b7
                                        
                                            GET /_s/v4/app/63258f417d7/js/twk-chunk-common.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.38.66
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 15:22:12 GMT
age: 166062
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"c262969ff89da8a8b3994883a0f57085"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75153bc139cd0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65466)
Size:   40715
Md5:    8a99d116785af2a7eaad230485c93067
Sha1:   1bfd626cc2518715b0d134b9394e30d3b952d85c
Sha256: 700dce115339ef423510b7111378bd388fb68b783f823c17acfc2fcaba690db1
                                        
                                            GET /gid.js?pub=0&userId=b61f9072380547d89ed3b3f19be43e54&zoneId=4971414&checkDuplicate=true&ymid=&var= HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropmb.com/
Origin: https://dropmb.com
Connection: keep-alive
Cookie: ID=c1e5e63255314d5bb1b211a8c45c6dbc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:15 GMT
content-length: 65
access-control-allow-origin: https://dropmb.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c1e5e63255314d5bb1b211a8c45c6dbc; expires=Wed, 27 Sep 2023 15:22:15 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    e9c63f152e426473bd427a4404715d0a
Sha1:   8cf3c324db12959f85391a1b25f47f904044dba1
Sha256: 8c471f8bf1a8966e03588983d30f03d30653cea1e2f11f6d3b37cb8658845144
                                        
                                            GET /?rb=G3aZCWHqRqYgd5PeqgfjXEcrvmewbptEMCRyaG3Cay_7QUkrqfdj2K5ahBLKggqK6_V7Ty-D9ivjkF21BUNDdVfmfj0aV0-74rbXzjCOISS9AryKjYSN5W7MKwXBoCCj6VYMPQtk_0nPshl3dBDq4Ba4C7mawr2_qKOTN4pf25jnylGjf_017nAxfSEV54x7bC0MnWlzECTh-leXgf-UrQ%3D%3D&request_ab2=0&zoneid=4971415&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=a5649649-8a2d-4c67-96a3-a3152bc0cab3&userId=c1e5e63255314d5bb1b211a8c45c6dbc&m=link HTTP/1.1 
Host: onmarshtompor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropmb.com/
Origin: https://dropmb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.243
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
x-trace-id: a956631df3d576ccf8b95bed927300f2
access-control-allow-origin: https://dropmb.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=c1e5e63255314d5bb1b211a8c45c6dbc; expires=Wed, 27 Sep 2023 15:22:08 GMT; path=/; secure; SameSite=None oaidts=1664292128; expires=Wed, 27 Sep 2023 15:22:08 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Tue, 04 Oct 2022 15:22:08 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            OPTIONS / HTTP/1.1 
Host: phcorner.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Referer: https://dropmb.com/
Origin: https://dropmb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.8.158
HTTP/2 405 Method Not Allowed
content-type: text/html; charset=utf-8
                                        
date: Tue, 27 Sep 2022 15:22:07 GMT
cf-ray: 75153ba28cbab4f9-OSL
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPvNlxkgihRInkA3%2FueCPwvOYdAsXl68CinpSxPSdenXCROJBGn5nxEJkJpuuk4IVMiv6iXhLOYFQUbMNrx3PSXHQgjP%2Beaw%2B1eCZzdFcUu%2BBq238zTYOIs%2BL8zqpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /400/4971412 HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
x-trace-id: c521ddd3ae8f7a11e2d003977972f52f
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=650caff9becd41a7823c54678733ceff; expires=Wed, 27 Sep 2023 15:22:08 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pfe/current/universal.min.js?v=3.1.396 HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropmb.com/
Origin: https://dropmb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-1fafa"
access-control-allow-origin: https://dropmb.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /stattag.js HTTP/1.1 
Host: tzegilo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.84.149
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 15:22:08 GMT
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5556
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOC1%2BUuErKl%2BWGSn660wCCtlPYsHFdxDkvdJxNQnz9Bi%2FCZzQt09OTRtmwD63raDuKvLSG5PMR60yzmGCAHK0uu%2FzGHfa3Qq%2FQCQhdj%2BN7gxaxx37clyFMEaQXpF2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75153bab49c9b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /9?z=4971413&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdropmb.com%2Ffiles%2Ffd873d3ffad7265c9125a14881f3c0cc.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=c1e5e63255314d5bb1b211a8c45c6dbc HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 132
Origin: https://dropmb.com
Connection: keep-alive
Referer: https://dropmb.com/
Cookie: scm=1; OAID=2db1a0ec95ee4bf1b8fddc67050950b3; oaidts=1664292128
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://dropmb.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: a8e5d53327fc816cd0a94156e680c1c3
access-control-expose-headers: X-Sc
set-cookie: OAID=c1e5e63255314d5bb1b211a8c45c6dbc; expires=Wed, 27 Sep 2023 15:22:08 GMT; secure; SameSite=None oaidts=1664292128; expires=Wed, 27 Sep 2023 15:22:08 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /embed-widget/market-quotes/?locale=en HTTP/1.1 
Host: s.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.73
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Tue, 27 Sep 2022 15:21:16 GMT
expires: Tue, 27 Sep 2022 15:23:16 GMT
cache-control: max-age=120
content-security-policy: base-uri 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-90XcA17jvgaB8oDkdm3f6A=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; object-src 'none'
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jvkqX6uZkn6Zn_tCPG5Guf4gArM8qgoB1_rEbSNyK_nGQ9PLEktz0A==
age: 54
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /embed-widget/ticker-tape/?locale=en HTTP/1.1 
Host: s.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.73
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Tue, 27 Sep 2022 15:20:52 GMT
expires: Tue, 27 Sep 2022 15:22:52 GMT
cache-control: max-age=120
content-security-policy: base-uri 'none'; default-src 'self' https: data: blob: wss: 'unsafe-inline'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-QSHrNv6CBpnx2LlkYGUMbQ=='; object-src 'none'
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iET0gaSeglWoUG0cUWrb_AYV44-1szlLRLwIV7OZ0Ye6RcWPEtH3Vw==
age: 77
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_s/v4/app/63258f417d7/js/twk-chunk-vendors.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.roifxtrader.com
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.38.66
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 15:22:12 GMT
age: 166062
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"81c2642aac0b88b6b237d279f5f8ce67"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75153bc139ca0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/bundles/embed/47872.b614638f482af661b1f9.js HTTP/1.1 
Host: static.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.tradingview.com/
Origin: https://s.tradingview.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 18927
date: Wed, 21 Sep 2022 10:20:06 GMT
last-modified: Wed, 21 Sep 2022 08:40:50 GMT
etag: "632ace12-49ef"
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
server: tv
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hWuyPEwzuzSGvP6RJw0Oq5hHuJ2jgh18ikk8CAhfAsssBp4GCOa5YQ==
age: 536524
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /tag.min.js HTTP/1.1 
Host: iclickcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.75.9
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Tue, 27 Sep 2022 15:22:06 GMT
x-trace-id: 165741882d95ce0f39bc82e0a0739600
cache-control: max-age=86400
last-modified: Fri, 23 Sep 2022 16:05:44 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Wed, 28 Sep 2022 00:15:14 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 54412
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJbCuYNZOkjn2HwbEfBB9wvs6CxPSq8V1EFe%2BAjUnera3lxvWhPJXUnX7F3EGgKE9u1yblrw5Mnz3nAawvgF32luyTlEDp0uYsI9f4LNfLD9EzaxBg62ujiXxmi8buY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75153ba0ae78b506-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /1?z=4971413 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Tue, 27 Sep 2022 15:22:08 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: dc72bfbd78dfcfa7d4f469e673e33c68
access-control-expose-headers: X-Sc
x-sc: sj-NZFJeHB7SUMnWsJ_PKaGzaoaK7TGysbKBamnJiT0sTydTnoFGzjIwaxWwy06u5ZpLAX9FQmdLAfma2C7htxnX4aU=
set-cookie: scm=1; expires=Wed, 27 Sep 2023 15:22:08 GMT; secure; SameSite=None OAID=2db1a0ec95ee4bf1b8fddc67050950b3; expires=Wed, 27 Sep 2023 15:22:08 GMT; secure; SameSite=None oaidts=1664292128; expires=Wed, 27 Sep 2023 15:22:08 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /embed-widget/market-quotes/?locale=en HTTP/1.1 
Host: s.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.73
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Tue, 27 Sep 2022 15:21:16 GMT
expires: Tue, 27 Sep 2022 15:23:16 GMT
cache-control: max-age=120
content-security-policy: base-uri 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-90XcA17jvgaB8oDkdm3f6A=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; object-src 'none'
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PMzRKsPkdgIghh8Pvk_C5H96Uw0tkjQPWXnvDcHPSvithJXtcT6Brw==
age: 54
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /embed-widget/market-quotes/?locale=en HTTP/1.1 
Host: s.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.73
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Tue, 27 Sep 2022 15:21:16 GMT
expires: Tue, 27 Sep 2022 15:23:16 GMT
cache-control: max-age=120
content-security-policy: base-uri 'none'; script-src https://static.tradingview.com/static/ 'unsafe-eval' blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://songbird.cardinalcommerce.com/edge/v1/ 'nonce-90XcA17jvgaB8oDkdm3f6A=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; object-src 'none'
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C5CCLxMG9MMuIp_ppeoR4ei2DTvPcr5IJOLNx4iP5bGI41N-x7upZg==
age: 54
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /embed-widget/market-quotes/?locale=en HTTP/1.1 
Host: s.tradingview.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.roifxtrader.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.73
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Tue, 27 Sep 2022 15:21:16 GMT
expires: Tue, 27 Sep 2022 15:23:16 GMT