sv.oilprofit.live Open in urlscan Pro
94.237.86.210 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ecapitalone.com/
Effective URL:
https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
Submission: On June 04 via api (June 4th 2020, 3:02:13 am UTC) from US

Summary HTTP 72 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 19 domains to perform 72 HTTP transactions. The main IP is 94.237.86.210, located in Germany and belongs to UPCLOUD, FI. The main domain is sv.oilprofit.live.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 20th 2020. Valid for: 3 months.

This is the only time sv.oilprofit.live was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1 2	212.32.237.91 212.32.237.91	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	35.172.40.232 35.172.40.232	14618 (AMAZON-AES) (AMAZON-AES)
1	2a03:b0c0:3:d... 2a03:b0c0:3:d0::d13:7001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2606:4700:303... 2606:4700:3034::681f:42e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.111.253.247 104.111.253.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	104.111.214.74 104.111.214.74	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.43.126.245 23.43.126.245	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 5	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 1	94.237.92.24 94.237.92.24	202053 (UPCLOUD) (UPCLOUD)
37	94.237.86.210 94.237.86.210	202053 (UPCLOUD) (UPCLOUD)
5	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	94.237.92.181 94.237.92.181	202053 (UPCLOUD) (UPCLOUD)
1	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:5b25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.112.217 151.101.112.217	54113 (FASTLY) (FASTLY)
1	151.101.128.217 151.101.128.217	54113 (FASTLY) (FASTLY)
72	19

2 212.32.237.91 (Hoofddorp, Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ecapitalone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.172.40.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-40-232.compute-1.amazonaws.com

sarah.ttnrd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:b0c0:3:d0::d13:7001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

clk.value.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::681f:42e9 (United States)

ASN13335 (CLOUDFLARENET, US)

golead.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.253.247 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-253-247.deploy.static.akamaitechnologies.com

www.g2a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.214.74 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-74.deploy.static.akamaitechnologies.com

s.click.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
best.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.43.126.245 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-43-126-245.deploy.static.akamaitechnologies.com

www.gearbest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.237.92.24 (Germany) 1 redirects

ASN202053 (UPCLOUD, FI)
PTR: 94-237-92-24.de-fra1.upcloud.host

ct-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 94.237.86.210 (Germany)

ASN202053 (UPCLOUD, FI)
PTR: 94-237-86-210.de-fra1.upcloud.host

sv.oilprofit.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.237.92.181 (Germany)

ASN202053 (UPCLOUD, FI)
PTR: 94-237-92-181.de-fra1.upcloud.host

mtm.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:5b25 (United States)

ASN13335 (CLOUDFLARENET, US)

bitpay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.112.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.217 (United States)

ASN54113 (FASTLY, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	oilprofit.live sv.oilprofit.live	777 KB
5	gstatic.com fonts.gstatic.com	64 KB
5	cloudflare.com cdnjs.cloudflare.com	3 KB
5	google-analytics.com 2 redirects www.google-analytics.com	37 KB
3	vimeo.com player.vimeo.com vimeo.com	7 KB
3	bitpay.com bitpay.com	10 KB
3	golead.pl golead.pl	12 KB
2	doubleclick.net stats.g.doubleclick.net	198 B
2	aliexpress.com 1 redirects s.click.aliexpress.com best.aliexpress.com	1 KB
2	g2a.com 1 redirects www.g2a.com	1 KB
2	ttnrd.com sarah.ttnrd.com	3 KB
2	ecapitalone.com 1 redirects ecapitalone.com	1 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	googletagmanager.com www.googletagmanager.com	53 KB
1	mtm.pw mtm.pw
1	ct-redirect.com 1 redirects ct-redirect.com	123 B
1	gearbest.com www.gearbest.com
1	value.us clk.value.us	839 B
0	amazonaws.com Failed s3-eu-west-1.amazonaws.com Failed
72	19

	Domain	Requested by
37	sv.oilprofit.live	golead.pl sv.oilprofit.live
5	fonts.gstatic.com	sv.oilprofit.live
5	cdnjs.cloudflare.com	sv.oilprofit.live
5	www.google-analytics.com	2 redirects golead.pl www.google-analytics.com www.googletagmanager.com
3	bitpay.com	sv.oilprofit.live
3	golead.pl	golead.pl
2	player.vimeo.com	sv.oilprofit.live player.vimeo.com
2	stats.g.doubleclick.net	golead.pl sv.oilprofit.live
2	www.g2a.com	1 redirects golead.pl
2	sarah.ttnrd.com	ecapitalone.com sarah.ttnrd.com
2	ecapitalone.com	1 redirects
1	vimeo.com	player.vimeo.com
1	fonts.googleapis.com	sv.oilprofit.live
1	www.googletagmanager.com	sv.oilprofit.live
1	mtm.pw	sv.oilprofit.live
1	ct-redirect.com	1 redirects
1	www.gearbest.com	golead.pl
1	best.aliexpress.com	golead.pl
1	s.click.aliexpress.com	1 redirects
1	clk.value.us	sarah.ttnrd.com
0	s3-eu-west-1.amazonaws.com Failed	sarah.ttnrd.com
72	21

This site contains no links.

Subject Issuer	Validity	Valid
ttnrd.com Amazon	`2019-12-11` - `2021-01-11`	a year	crt.sh
clk.value.us Let's Encrypt Authority X3	`2020-05-27` - `2020-08-25`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-08-09` - `2020-08-08`	a year	crt.sh
www.g2a.com DigiCert SHA2 Extended Validation Server CA	`2019-09-12` - `2021-10-11`	2 years	crt.sh
img.alicdn.com DigiCert Secure Site ECC CA-1	`2020-05-07` - `2021-06-21`	a year	crt.sh
*.gearbest.com DigiCert SHA2 Secure Server CA	`2020-04-13` - `2021-07-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.oilprofit.live Let's Encrypt Authority X3	`2020-05-20` - `2020-08-18`	3 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
mtm.pw Let's Encrypt Authority X3	`2020-05-21` - `2020-08-19`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
bitpay.com Go Daddy Secure Certificate Authority - G2	`2019-03-04` - `2021-04-25`	2 years	crt.sh
vimeo.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-23` - `2021-04-24`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
Frame ID: 37B9ECCDB827B50BF2769DF609610D59
Requests: 74 HTTP requests in this frame

Frame: https://www.g2a.com/?gname=user-5b2d088386a83
Frame ID: AE2462B7164607CB64F554B7AAD28CF8
Requests: 1 HTTP requests in this frame

Frame: https://best.aliexpress.com/?aff_platform=promotion&sk=_sOjNhm&aff_trace_key=b249f1c7aea34b989c5895d6400f3c1e-1591239698206-04475-_sOjNhm&terminal_id=6bec1608420442998a3021e8ca4e1209&aff_request_id=b249f1c7aea34b989c5895d6400f3c1e-1591239698206-04475-_sOjNhm
Frame ID: 88C5024943F19F377EFE30801318C3E5
Requests: 1 HTTP requests in this frame

Frame: https://www.gearbest.com/?lkid=78540179
Frame ID: A799A2A15668013AA2B717CF8253226C
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/314454665?app_id=122963
Frame ID: 7F3A2CFB5BEB220EAB8175B1BA578B3A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ecapitalone.com/ Page URL
http://ecapitalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU5MTI... HTTP 302
https://sarah.ttnrd.com/tr?id=012d0429c80a51140528000fa1b6344cf5fa70d4b3.r&tk=eyJhbGciOiJIUzI1NiIsIn... Page URL
https://clk.value.us/15Gjjg?source=tonic&external_id=012d0429c80a51140528000fa1b6344cf5fa70d4b3.r... Page URL
https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604 Page URL
https://ct-redirect.com/mzkUNg?a=6670&o=17009&s=mlClick-ryg8K3sM HTTP 302
https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

72
Requests

97 %
HTTPS

47 %
IPv6

19
Domains

21
Subdomains

19
IPs

4
Countries

969 kB
Transfer

2167 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ecapitalone.com/ Page URL
http://ecapitalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU5MTI0Njg5NiwiaWF0IjoxNTkxMjM5Njk2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyb2FqZzRsYWxsdGc5YWxkMWMwY2p2bTIiLCJuYmYiOjE1OTEyMzk2OTYsInRzIjoxNTkxMjM5Njk2MTY5MzIyfQ.O57m6cVIuOkfSSxOF2r0MqmHH_VdkYnBp3Z0nyRVdR0&sid=b3ec9636-a60f-11ea-a0ea-8289be1ef423 HTTP 302
https://sarah.ttnrd.com/tr?id=012d0429c80a51140528000fa1b6344cf5fa70d4b3.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA2MDQwMzAxIiwiZCI6ImVjYXBpdGFsb25lLmNvbSJ9.VkQto9YX-0PqbwAa2jHUREwlacXW8NryEqnL5cRK_m8 Page URL
https://clk.value.us/15Gjjg?source=tonic&external_id=012d0429c80a51140528000fa1b6344cf5fa70d4b3.r.1591239696.0effedc434d01a2803047be454c27c36&cost=0.0168&link=golead.pl/p/eRNE/9q84/H2JT Page URL
https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604 Page URL
https://ct-redirect.com/mzkUNg?a=6670&o=17009&s=mlClick-ryg8K3sM HTTP 302
https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://ecapitalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU5MTI0Njg5NiwiaWF0IjoxNTkxMjM5Njk2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyb2FqZzRsYWxsdGc5YWxkMWMwY2p2bTIiLCJuYmYiOjE1OTEyMzk2OTYsInRzIjoxNTkxMjM5Njk2MTY5MzIyfQ.O57m6cVIuOkfSSxOF2r0MqmHH_VdkYnBp3Z0nyRVdR0&sid=b3ec9636-a60f-11ea-a0ea-8289be1ef423 HTTP 302
https://sarah.ttnrd.com/tr?id=012d0429c80a51140528000fa1b6344cf5fa70d4b3.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA2MDQwMzAxIiwiZCI6ImVjYXBpdGFsb25lLmNvbSJ9.VkQto9YX-0PqbwAa2jHUREwlacXW8NryEqnL5cRK_m8

Request Chain 7

https://www.g2a.com/r/user-5b2d088386a83 HTTP 302
https://www.g2a.com/?gname=user-5b2d088386a83

Request Chain 8

https://s.click.aliexpress.com/e/_sOjNhm HTTP 302
https://best.aliexpress.com/?aff_platform=promotion&sk=_sOjNhm&aff_trace_key=b249f1c7aea34b989c5895d6400f3c1e-1591239698206-04475-_sOjNhm&terminal_id=6bec1608420442998a3021e8ca4e1209&aff_request_id=b249f1c7aea34b989c5895d6400f3c1e-1591239698206-04475-_sOjNhm

Request Chain 12

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=244929807&t=pageview&_s=1&dl=https%3A%2F%2Fgolead.pl%2Fp%2FeRNE%2F9q84%2FH2JT%3Fml_sub1%3D4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604&dr=https%3A%2F%2Fclk.value.us%2F15Gjjg%3Fsource%3Dtonic%26external_id%3D012d0429c80a51140528000fa1b6344cf5fa70d4b3.r.1591239696.0effedc434d01a2803047be454c27c36%26cost%3D0.0168%26link%3Dgolead.pl%2Fp%2FeRNE%2F9q84%2FH2JT&ul=en-us&de=UTF-8&dt=golead.pl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1389398274&gjid=209385888&cid=1523500963.1591239698&tid=UA-110090096-2&_gid=1405277172.1591239698&_r=1&z=190379771 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=1523500963.1591239698&jid=1389398274&_gid=1405277172.1591239698&gjid=209385888&_v=j82&z=190379771

Request Chain 58

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=749050338&t=pageview&_s=1&dl=https%3A%2F%2Fsv.oilprofit.live%2F%3Fa%3D6670%26o%3D17009%26s%3DmlClick-ryg8K3sM&dr=https%3A%2F%2Fgolead.pl%2Fp%2FeRNE%2F9q84%2FH2JT%3Fml_sub1%3D4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604&ul=en-us&de=UTF-8&dt=Oil%20Profit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=207533839&gjid=2002247854&cid=1894083858.1591239700&tid=UA-133903746-1&_gid=761997430.1591239700&_r=1&gtm=2wg5r0WFBL9N7&z=545765910 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-133903746-1&cid=1894083858.1591239700&jid=207533839&_gid=761997430.1591239700&gjid=2002247854&_v=j82&z=545765910

72 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
ecapitalone.com/ 471 B
830 B 245ms
93ms Document
text/html 212.32.237.91
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://ecapitalone.com/
Protocol: HTTP/1.1
Server: 212.32.237.91 Hoofddorp, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 109b8554b8cb3a5390a1b79f68ebecc5c1247c03e9e09415f68c15fff7d8b9ee

Request headers

Host: ecapitalone.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 471
content-type: text/html; charset=utf-8
date: Thu, 04 Jun 2020 03:01:35 GMT
server: nginx
set-cookie: sid=b3ec9636-a60f-11ea-a0ea-8289be1ef423; path=/; domain=.ecapitalone.com; expires=Tue, 22 Jun 2088 06:15:43 GMT; max-age=2147483647; HttpOnly

GET
H2

200

tr Show response
sarah.ttnrd.com/
Redirect Chain

http://ecapitalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU5MTI0Njg5NiwiaWF0IjoxNTkxMjM5Njk2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyb2FqZzRsYWxsdGc5YWxkMWMwY2p2b...
https://sarah.ttnrd.com/tr?id=012d0429c80a51140528000fa1b6344cf5fa70d4b3.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA2MDQwMzAxIiwiZCI6ImVjYXBpdG...

2 KB
2 KB

411ms
133ms

Document
text/html

35.172.40.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sarah.ttnrd.com/tr?id=012d0429c80a51140528000fa1b6344cf5fa70d4b3.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA2MDQwMzAxIiwiZCI6ImVjYXBpdGFsb25lLmNvbSJ9.VkQto9YX-0PqbwAa2jHUREwlacXW8NryEqnL5cRK_m8
Requested by: Host: ecapitalone.com
URL: http://ecapitalone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.40.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-40-232.compute-1.amazonaws.com
Software: /
Resource Hash: e9768538a6acb9ad2037b8acbf05349427a901368041e881df0c79657a2b88b4

Request headers

:method: GET
:authority: sarah.ttnrd.com
:scheme: https
:path: /tr?id=012d0429c80a51140528000fa1b6344cf5fa70d4b3.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA2MDQwMzAxIiwiZCI6ImVjYXBpdGFsb25lLmNvbSJ9.VkQto9YX-0PqbwAa2jHUREwlacXW8NryEqnL5cRK_m8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://ecapitalone.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://ecapitalone.com/

Response headers

status: 200
date: Thu, 04 Jun 2020 03:01:37 GMT
content-type: text/html; charset=utf-8
content-length: 2142
p3p: CP="CUR NOI NID STA STP"
x-robots-tag: noindex, nofollow
set-cookie: checkme=046a3354a15eb661aa3ec01619d0e681b789; Path=/

Redirect headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Thu, 04 Jun 2020 03:01:36 GMT
location: https://sarah.ttnrd.com/tr?id=012d0429c80a51140528000fa1b6344cf5fa70d4b3.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA2MDQwMzAxIiwiZCI6ImVjYXBpdGFsb25lLmNvbSJ9.VkQto9YX-0PqbwAa2jHUREwlacXW8NryEqnL5cRK_m8
server: nginx
set-cookie: sid=b3ec9636-a60f-11ea-a0ea-8289be1ef423; path=/; domain=.ecapitalone.com; expires=Tue, 22 Jun 2088 06:15:43 GMT; max-age=2147483647; HttpOnly

GET ajax-loader.gif
s3-eu-west-1.amazonaws.com/pxgif/ 0
0

GET
H2 200 trx
sarah.ttnrd.com/ 185 B
336 B 162ms
161ms XHR
text/html 35.172.40.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sarah.ttnrd.com/trx?id=012d0429c80a51140528000fa1b6344cf5fa70d4b3.r&confirm=046a3354a15eb661aa3ec01619d0e681&size=1920000&noframe=1&tnc_ref=http%3A%2F%2Fecapitalone.com%2F&reftaken=feed&refEqual=true
Requested by: Host: sarah.ttnrd.com
URL: https://sarah.ttnrd.com/tr?id=012d0429c80a51140528000fa1b6344cf5fa70d4b3.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA2MDQwMzAxIiwiZCI6ImVjYXBpdGFsb25lLmNvbSJ9.VkQto9YX-0PqbwAa2jHUREwlacXW8NryEqnL5cRK_m8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.40.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-40-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 04 Jun 2020 03:01:37 GMT
referrer-policy: no-referrer
content-type: text/html; charset=utf-8
x-robots-tag: noindex, nofollow
content-length: 185
p3p: CP="CUR NOI NID STA STP"

GET
H/1.1 200
OK Cookie set 15Gjjg
clk.value.us/ 170 B
839 B 47ms
13ms Document
text/html 2a03:b0c0:3:d0::d13:7001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.value.us/15Gjjg?source=tonic&external_id=012d0429c80a51140528000fa1b6344cf5fa70d4b3.r.1591239696.0effedc434d01a2803047be454c27c36&cost=0.0168&link=golead.pl/p/eRNE/9q84/H2JT
Requested by: Host: sarah.ttnrd.com
URL: https://sarah.ttnrd.com/tr?id=012d0429c80a51140528000fa1b6344cf5fa70d4b3.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA2MDQwMzAxIiwiZCI6ImVjYXBpdGFsb25lLmNvbSJ9.VkQto9YX-0PqbwAa2jHUREwlacXW8NryEqnL5cRK_m8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:b0c0:3:d0::d13:7001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.8 / Express
Resource Hash

Request headers

Host: clk.value.us
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.17.8
Date: Thu, 04 Jun 2020 03:01:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Set-Cookie: 15Gjjgo=20200604031591240166033; domain=.clk.value.us; path=/;expires=Fri, 05 Jun 2020 03:01:37 GMT; httpOnly=true; _pc_lc_id=15Gjjg; domain=.clk.value.us; path=/;expires=Fri, 05 Jun 2020 03:01:37 GMT; httpOnly=true; peerclickcid=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604; domain=.clk.value.us; path=/;expires=Fri, 05 Jun 2020 03:01:37 GMT; httpOnly=true; _norg=1; domain=.clk.value.us; path=/;expires=Fri, 05 Jun 2020 03:01:37 GMT; httpOnly=true;

GET
H2 200 H2JT Show response
golead.pl/p/eRNE/9q84/ 2 KB
1 KB 297ms
270ms Document
text/html 2606:4700:3034::681f:42e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:42e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9d329a376a7a69e1c619ededc1c5f1112d91f924889865773a5f1ac59b348b1

Request headers

:method: GET
:authority: golead.pl
:scheme: https
:path: /p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://clk.value.us/15Gjjg?source=tonic&external_id=012d0429c80a51140528000fa1b6344cf5fa70d4b3.r.1591239696.0effedc434d01a2803047be454c27c36&cost=0.0168&link=golead.pl/p/eRNE/9q84/H2JT
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://clk.value.us/15Gjjg?source=tonic&external_id=012d0429c80a51140528000fa1b6344cf5fa70d4b3.r.1591239696.0effedc434d01a2803047be454c27c36&cost=0.0168&link=golead.pl/p/eRNE/9q84/H2JT

Response headers

status: 200
date: Thu, 04 Jun 2020 03:01:37 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d2ee2faf60ade16f9aaac61157a908bb81591239697; expires=Sat, 04-Jul-20 03:01:37 GMT; path=/; domain=.golead.pl; HttpOnly; SameSite=Lax; Secure 71ff54ebddb1e090fbf173d96e2342c8=71ff54ebddb1e090fbf173d96e2342c8; expires=Fri, 04-Jun-2021 03:01:37 GMT; Max-Age=31536000; path=/; httponly
vary: Accept-Encoding
cache-control: no-cache, no-store, private
x-robots-tag: noindex, nofollow
cf-cache-status: DYNAMIC
cf-request-id: 031edffc9a00000605672af200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 59de690dcff60605-FRA
content-encoding: br

GET
H2 200 03032020.min.js Show response
golead.pl/js/ 32 KB
11 KB 11ms
10ms Script
application/javascript 2606:4700:3034::681f:42e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://golead.pl/js/03032020.min.js
Requested by: Host: golead.pl
URL: https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:42e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a0dd05cafdce90b48c1b89ae4d86f1120a0fdc7a9e929edb1ebe0404f663dad

Request headers

Device-Memory: 8
Referer: https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Mar 2020 10:38:41 GMT
server: cloudflare
age: 5050
etag: W/"5e5e33b1-813d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 59de69104bbb0605-FRA
cf-request-id: 031edffe2a00000605672ca200000001

GET
H2

200

/
www.g2a.com/ Frame AE24
Redirect Chain

https://www.g2a.com/r/user-5b2d088386a83
https://www.g2a.com/?gname=user-5b2d088386a83

0
0

201ms
201ms

Document
text/html

104.111.253.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.g2a.com/?gname=user-5b2d088386a83

Requested by

Host: golead.pl
URL: https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.253.247 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-253-247.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.g2a.com
:scheme: https
:path: /?gname=user-5b2d088386a83
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: gol_ref=dXNlci01YjJkMDg4Mzg2YTgzO2ZiZjY2ZTlkLTNjNjYtNGRhYy04ZmJlLTBhM2M0NWM0NTk2MzsxNTkxMjM5Njk4; ak_bmsc=3BAD559A4041A642A5E6A9137D318EE60210BB050A2500001264D85E4B447B0F~plDhpMyFSE+UHS0O0WIjfechzItoTNYe4YGcFuG3eNaklF6Ekohx0xivEfzd+tc/hQOgbrbx01wqMhY9c5h7LY4xCW0IUD9qT4Nt1dKohu3dcNsnSXN4UNvbUpJKewnCDA6xLpCTEs0DP6EK0X/fuGk6eIWi9cR9Mr38SrHG9sjLDTsZRqhnAkKmt0Up2Mioe5Al16PzVCI9XEVAOK6MIVcVjWuM3Ctk4pLN6E2Xy3JoQ=; bm_sz=A15D9E70D68248DC76A1AF68AE9317AC~YAAQBbsQAjOcpEJyAQAA2uZGfQi5k1QHlBykBqiU6Ed1Sawr34Z+2hAyVM9oLST2fQoQcfGF5qbSnQAf6KKGlfRBnIwS+5Ob8qWFoo32MoT31AWsE0a+HE3TfaM/KCXSVsmlvy8aca5wfoa4g9/3Aiz0lcF4wVxU4wQx+Dtxwm6Dk1AGB0s2qzXMwDvq; _abck=78D3E682363C1D839B2F3628E9DF2E69~-1~YAAQBbsQAjScpEJyAQAA2uZGfQR4NH54Var4ZuOfDf4kNBV/Q7qW76+xgdCQiN80h1PRMiiRaZBIK282IJuDJcLiI39vhXeJ7XTQMSzOFGhy41qdE1AGSZ5ynh6gofvNmAUTNh4brPjtYI1V4QXs0ORXrdWTxeOjgUTsbNSzOgq6sXxK/Lkbbms4ymmuzfQnLV5UC34V03ddesD9P9x2mPZ6y7EVCfD8CM6YEKOk9nlo4RjmEk28qPvzcY8wKpXg9qEzeE+9srbwgpieCX5cWT/4+IHh8LxpdapP3VAoKwZJh2ul0r74~-1~-1~-1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604

Response headers

status: 200
server: nginx
content-type: text/html; charset=utf-8
vary: Accept-Encoding User-Agent
x-dns-prefetch-control: off
x-download-options: noopen
x-xss-protection: 1; mode=block
cache-control: no-store, must-revalidate, max-age=0
g2a-dbg: 1
etag: W/"663c3-vJwBiiyK1aV0VknRZlhu7oHFLyA"
content-encoding: gzip
x-backend: new-layout-am6
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
g2a-server: am6-min01
x-akamai-transformed: 9 - 0 pmb=mTOE,3
date: Thu, 04 Jun 2020 03:01:38 GMT
set-cookie: skc=f8e7c979-61df-4127-a20a-dcdc1221c915-1591239698; Expires=Sat, 01 Jan 2050 00:00:00 GMT; Domain=.g2a.com; Path=/; Secure; HttpOnly cart-v2=true; Expires=Sat, 01 Jan 2050 00:00:00 GMT; Domain=.g2a.com; Path=/ bm_mi=C6B0174E47B74C091B401C8BF6FADBC9~r/E/rgK4Cx7cqMkDhWkhpIkzk3goR0HSRL3Ru1ZLywO3gEbo7mAF0PqyEboToUD537H2A58cNZc8sa4PSQ7RqLNAmcqLjsh0Jqema1nUgO07/PO20hbm1vig2oJYnq8Yu9R9CWo0O8JSyyO/6F/Wh/FuvGT2kBJndorMJ2VASzOu/urvP1bBwzGLcNb9q9sLN+6uX9M+3aR+TfeArJKKiw==; Domain=.g2a.com; Path=/; Max-Age=7200; HttpOnly bm_sv=51A3240B202A4E495F6E75049755DFFD~IWOVubYC7u8QjctLbBQosNpWKtrlYZy4Yn1gm06N/s/jIB6+fgu5anOGsRBKWZWXxqGX410IWcJ3s9cAvqhoOhv7vfUAZuah/YwIzGfDvjdJWpv6OeZ4Wkuad40fqDL7KV/QruCcYsFDJoTx4BFKjg==; Domain=.g2a.com; Path=/; Max-Age=7200; HttpOnly

Redirect headers

status: 302
content-type: application/json; charset=UTF-8
content-length: 0
location: https://www.g2a.com?gname=user-5b2d088386a83
request-id: |c2a2010d-96ed-4e39-80b2-577cdca7fb21.cGOPlzaB_
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 04 Jun 2020 03:01:38 GMT
set-cookie: gol_ref=dXNlci01YjJkMDg4Mzg2YTgzO2ZiZjY2ZTlkLTNjNjYtNGRhYy04ZmJlLTBhM2M0NWM0NTk2MzsxNTkxMjM5Njk4; Path=/; Expires=Fri, 05 Jun 2020 03:01:38 GMT ak_bmsc=3BAD559A4041A642A5E6A9137D318EE60210BB050A2500001264D85E4B447B0F~plDhpMyFSE+UHS0O0WIjfechzItoTNYe4YGcFuG3eNaklF6Ekohx0xivEfzd+tc/hQOgbrbx01wqMhY9c5h7LY4xCW0IUD9qT4Nt1dKohu3dcNsnSXN4UNvbUpJKewnCDA6xLpCTEs0DP6EK0X/fuGk6eIWi9cR9Mr38SrHG9sjLDTsZRqhnAkKmt0Up2Mioe5Al16PzVCI9XEVAOK6MIVcVjWuM3Ctk4pLN6E2Xy3JoQ=; expires=Thu, 04 Jun 2020 05:01:38 GMT; max-age=7200; path=/; domain=.g2a.com; HttpOnly bm_sz=A15D9E70D68248DC76A1AF68AE9317AC~YAAQBbsQAjOcpEJyAQAA2uZGfQi5k1QHlBykBqiU6Ed1Sawr34Z+2hAyVM9oLST2fQoQcfGF5qbSnQAf6KKGlfRBnIwS+5Ob8qWFoo32MoT31AWsE0a+HE3TfaM/KCXSVsmlvy8aca5wfoa4g9/3Aiz0lcF4wVxU4wQx+Dtxwm6Dk1AGB0s2qzXMwDvq; Domain=.g2a.com; Path=/; Expires=Thu, 04 Jun 2020 07:01:38 GMT; Max-Age=14400; HttpOnly _abck=78D3E682363C1D839B2F3628E9DF2E69~-1~YAAQBbsQAjScpEJyAQAA2uZGfQR4NH54Var4ZuOfDf4kNBV/Q7qW76+xgdCQiN80h1PRMiiRaZBIK282IJuDJcLiI39vhXeJ7XTQMSzOFGhy41qdE1AGSZ5ynh6gofvNmAUTNh4brPjtYI1V4QXs0ORXrdWTxeOjgUTsbNSzOgq6sXxK/Lkbbms4ymmuzfQnLV5UC34V03ddesD9P9x2mPZ6y7EVCfD8CM6YEKOk9nlo4RjmEk28qPvzcY8wKpXg9qEzeE+9srbwgpieCX5cWT/4+IHh8LxpdapP3VAoKwZJh2ul0r74~-1~-1~-1; Domain=.g2a.com; Path=/; Expires=Fri, 04 Jun 2021 03:01:38 GMT; Max-Age=31536000; Secure

GET
H2

200

/
best.aliexpress.com/ Frame 88C5
Redirect Chain

https://s.click.aliexpress.com/e/_sOjNhm
https://best.aliexpress.com/?aff_platform=promotion&sk=_sOjNhm&aff_trace_key=b249f1c7aea34b989c5895d6400f3c1e-1591239698206-04475-_sOjNhm&terminal_id=6bec1608420442998a3021e8ca4e1209&aff_request_id...

0
0

814ms
811ms

Document
text/html

104.111.214.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://best.aliexpress.com/?aff_platform=promotion&sk=_sOjNhm&aff_trace_key=b249f1c7aea34b989c5895d6400f3c1e-1591239698206-04475-_sOjNhm&terminal_id=6bec1608420442998a3021e8ca4e1209&aff_request_id=b249f1c7aea34b989c5895d6400f3c1e-1591239698206-04475-_sOjNhm

Requested by

Host: golead.pl
URL: https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.214.74 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-214-74.deploy.static.akamaitechnologies.com

Software

Tengine/Aserver /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: best.aliexpress.com
:scheme: https
:path: /?aff_platform=promotion&sk=_sOjNhm&aff_trace_key=b249f1c7aea34b989c5895d6400f3c1e-1591239698206-04475-_sOjNhm&terminal_id=6bec1608420442998a3021e8ca4e1209&aff_request_id=b249f1c7aea34b989c5895d6400f3c1e-1591239698206-04475-_sOjNhm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ali_apache_id=10.182.248.44.1591239698203.525796.5; xman_us_f=x_l=0&x_as_i=%7B%22aeuCID%22%3A%22b249f1c7aea34b989c5895d6400f3c1e-1591239698206-04475-_sOjNhm%22%2C%22affiliateKey%22%3A%22_sOjNhm%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cn%22%3A%2210008100042%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222081345757%22%2C%22tagtime%22%3A1591239698206%7D&acs_rt=6bec1608420442998a3021e8ca4e1209; acs_usuc_t=x_csrf=70dg5qyjcoa2&acs_rt=6bec1608420442998a3021e8ca4e1209; aeu_cid=b249f1c7aea34b989c5895d6400f3c1e-1591239698206-04475-_sOjNhm; xman_t=UByGeM0aUl/ngknNQuoJXvRc8gq1dc6iR+xjBRtXQgd5XLpLeHwnoDmBfGJEAIR/; xman_f=Upm0VXCAZyb4P/vv4B3MACqUYHgEbERjuX2MYf3FhO+W5mZCJhXnGfOKXJ1WQ570tNnyHV0x6is7JXp4Yl/ZufrU5Oc1dmnNJXi+YOPIyPgkTP1YexXCrA==; traffic_se_co=%7B%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604

Response headers

status: 200
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
x-application-context: ae-traffic-affiliateweb-f:prod,us:7001
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
content-language: en-US
content-encoding: gzip
server: Tengine/Aserver
eagleeye-traceid: 0be3769015912396984176504e8df4
timing-allow-origin: *
content-length: 14381
date: Thu, 04 Jun 2020 03:01:39 GMT
set-cookie: xman_us_f=x_locale=en_US&x_l=0&x_c_chg=1&x_as_i=%7B%22aeuCID%22%3A%22b249f1c7aea34b989c5895d6400f3c1e-1591239698206-04475-_sOjNhm%22%2C%22affiliateKey%22%3A%22_sOjNhm%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cn%22%3A%2210008100042%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222081345757%22%2C%22tagtime%22%3A1591239698206%7D&acs_rt=6bec1608420442998a3021e8ca4e1209; Domain=.aliexpress.com; Expires=Tue, 22-Jun-2088 06:15:45 GMT; Path=/; Secure; SameSite=None intl_locale=en_US; Domain=.aliexpress.com; Path=/ aep_usuc_f=site=glo&c_tp=USD&region=US&b_locale=en_US; Domain=.aliexpress.com; Expires=Tue, 22-Jun-2088 06:15:45 GMT; Path=/; Secure; SameSite=None intl_common_forever=eaK65XsAE5c0l154JvxOm0bIFhNhc/ulcVVXHASIbXl5KH6p/DJpug==; Domain=.aliexpress.com; Expires=Tue, 22-Jun-2088 06:15:45 GMT; Path=/; HttpOnly JSESSIONID=A183789F38CECDD0CD36C4A4FEE69D27; Path=/; HttpOnly

Redirect headers

status: 302
content-length: 0
x-application-context: affiliateclick:prod,us:7001
p3p: CP="CAO PSA OUR"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=0
location: https://best.aliexpress.com/?aff_platform=promotion&sk=_sOjNhm&aff_trace_key=b249f1c7aea34b989c5895d6400f3c1e-1591239698206-04475-_sOjNhm&terminal_id=6bec1608420442998a3021e8ca4e1209&aff_request_id=b249f1c7aea34b989c5895d6400f3c1e-1591239698206-04475-_sOjNhm
content-language: en-US
server: Tengine/Aserver
eagleeye-traceid: 0ab6f82c15912396982035779efc29
timing-allow-origin: *
date: Thu, 04 Jun 2020 03:01:38 GMT
set-cookie: ali_apache_id=10.182.248.44.1591239698203.525796.5; path=/; domain=.aliexpress.com; expires=Wed, 30-Nov-2084 01:01:01 GMT xman_us_f=x_l=0&x_as_i=%7B%22aeuCID%22%3A%22b249f1c7aea34b989c5895d6400f3c1e-1591239698206-04475-_sOjNhm%22%2C%22affiliateKey%22%3A%22_sOjNhm%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cn%22%3A%2210008100042%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222081345757%22%2C%22tagtime%22%3A1591239698206%7D&acs_rt=6bec1608420442998a3021e8ca4e1209; Domain=.aliexpress.com; Expires=Tue, 22-Jun-2088 06:15:45 GMT; Path=/; Secure; SameSite=None acs_usuc_t=x_csrf=70dg5qyjcoa2&acs_rt=6bec1608420442998a3021e8ca4e1209; Domain=.aliexpress.com; Path=/; Secure; SameSite=None aeu_cid=b249f1c7aea34b989c5895d6400f3c1e-1591239698206-04475-_sOjNhm; Domain=.aliexpress.com; Expires=Tue, 22-Jun-2088 06:15:45 GMT; Path=/; Secure; SameSite=None xman_t=UByGeM0aUl/ngknNQuoJXvRc8gq1dc6iR+xjBRtXQgd5XLpLeHwnoDmBfGJEAIR/; Domain=.aliexpress.com; Path=/; Secure; SameSite=None; HttpOnly xman_f=Upm0VXCAZyb4P/vv4B3MACqUYHgEbERjuX2MYf3FhO+W5mZCJhXnGfOKXJ1WQ570tNnyHV0x6is7JXp4Yl/ZufrU5Oc1dmnNJXi+YOPIyPgkTP1YexXCrA==; Domain=.aliexpress.com; Expires=Tue, 22-Jun-2088 06:15:45 GMT; Path=/; Secure; SameSite=None; HttpOnly traffic_se_co=%7B%7D;Max-Age=2147483647;domain=aliexpress.com;path=/

GET
H2 200 /
www.gearbest.com/ Frame A799 0
0 494ms
349ms Document
text/html 23.43.126.245
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gearbest.com/?lkid=78540179
Requested by: Host: golead.pl
URL: https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.43.126.245 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-43-126-245.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: www.gearbest.com
:scheme: https
:path: /?lkid=78540179
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604

Response headers

status: 200
content-type: text/html; charset=utf-8
x-amz-id-2: m7Hu3TEWB3FypunoXjp7JOGua7ZGqES2RC9wQN2gg52xamvJxlyNwg1PxfDb/FtzsRrEUzm51Tc=
x-amz-request-id: 151E2BE95B39EFE8
last-modified: Thu, 04 Jun 2020 02:51:45 GMT
etag: W/"0f29ecbb79f9a474afbda793f0c208b5"
access-control-allow-origin: *
access-control-allow-methods: GET, POST
ng-cache: HIT
content-encoding: gzip
content-length: 32378
x-edgeconnect-midmile-rtt: 0 0 0
x-edgeconnect-origin-mex-latency: 249 249 249
cache-control: max-age=60
expires: Thu, 04 Jun 2020 03:02:38 GMT
date: Thu, 04 Jun 2020 03:01:38 GMT
vary: Accept-Encoding User-Agent
set-cookie: AKAM_CLIENTID=9120c9d227bfe88f619d5dea56286134; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.gearbest.com AKA_A2=A; expires=Thu, 04-Jun-2020 04:01:38 GMT; path=/; domain=gearbest.com; secure; HttpOnly

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: golead.pl
URL: https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 318
date: Thu, 04 Jun 2020 02:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Thu, 04 Jun 2020 04:56:19 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
113 B 16ms
16ms Other
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 04 Jun 2020 03:01:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: https://golead.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=244929807&t=pageview&_s=1&dl=https%3A%2F%2Fgolead.pl%2Fp%2FeRNE%2F9q84%2FH2JT%3Fml_sub1%3D4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604&dr=https...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=1523500963.1591239698&jid=1389398274&_gid=1405277172.1591239698&gjid=209385888&_v=j82&z=190379771

35 B
99 B

16ms
14ms

Image
image/gif

2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=1523500963.1591239698&jid=1389398274&_gid=1405277172.1591239698&gjid=209385888&_v=j82&z=190379771

Requested by

Host: golead.pl
URL: https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 04 Jun 2020 03:01:38 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Jun 2020 03:01:38 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=1523500963.1591239698&jid=1389398274&_gid=1405277172.1591239698&gjid=209385888&_v=j82&z=190379771
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 419
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 finger
golead.pl/ 20 B
151 B 158ms
157ms XHR
application/json 2606:4700:3034::681f:42e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://golead.pl/finger
Requested by: Host: golead.pl
URL: https://golead.pl/js/03032020.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:42e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Device-Memory: 8
Referer: https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Jun 2020 03:01:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-cache, private
cf-ray: 59de691438f60605-FRA
cf-request-id: 031ee0009f00000605672ed200000001

GET
H2

200

Primary Request / Show response
sv.oilprofit.live/
Redirect Chain

https://ct-redirect.com/mzkUNg?a=6670&o=17009&s=mlClick-ryg8K3sM
https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

35 KB
8 KB

518ms
367ms

Document
text/html

94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Requested by

Host: golead.pl
URL: https://golead.pl/js/03032020.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

db82521f1fc9263029cdad99025db7b08d7ebf5f966a7eec620f433723a30298

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: sv.oilprofit.live
:scheme: https
:path: /?a=6670&o=17009&s=mlClick-ryg8K3sM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://golead.pl/p/eRNE/9q84/H2JT?ml_sub1=4f7474bfc3c459e0e2a0b1616bbc9da1-9794-0604

Response headers

status: 200
accept-ranges: bytes
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 04 Jun 2020 03:01:39 GMT
etag: 2b46f6b0188d00b4fec922e2a3bd37e8f82b2743c5c7816911987bceff02f931
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4038-HHN
x-timer: S1591239699.167766,VS0,VE299
content-length: 7798

Redirect headers

status: 302
content-encoding: gzip
date: Thu, 04 Jun 2020 03:01:38 GMT
location: https://sv.oilprofit.live?a=6670&o=17009&s=mlClick-ryg8K3sM
vary: Accept-Encoding
content-type: application/x-gzip
content-length: 23

GET
H2 200 style.36390283a0f565fea0f6f4bc3d2d5324d90d2f6483e7e49787b3e8dc739e394b.css
sv.oilprofit.live/sv/css/ 184 KB
32 KB 67ms
65ms Stylesheet
text/css 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://sv.oilprofit.live/sv/css/style.36390283a0f565fea0f6f4bc3d2d5324d90d2f6483e7e49787b3e8dc739e394b.css

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

0f98c0b7c833e5b20ae39ada9ca288977e8585bd908227b833df5cec84f2596d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.596016,VS0,VE0
etag: ffc320ced26ff4bd28c4fb2c0dabe6f0c88cef98b12c6de9c33aa11336712bdc
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=3600
x-cache-hits: 36
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 32138
x-served-by: cache-hhn4038-HHN

GET
H2 200 op_white-gold_alt.svg
sv.oilprofit.live/images/ 4 KB
2 KB 66ms
64ms Image
image/svg+xml 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sv.oilprofit.live/images/op_white-gold_alt.svg

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

951dc69829e6e88db4ba973f5de730fd8ee26875ca8ef037fa4830d2be735447

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.596003,VS0,VE0
etag: d6bb918160ebf830c3bc4ba8ae9cfbbf13a7f8a46cb2af7420078e785b5ace2a
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
status: 200
cache-control: max-age=3600
x-cache-hits: 345
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 1420
x-served-by: cache-hhn4038-HHN

GET
H2 200 gb.svg
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.1.0/flags/4x3/ 934 B
631 B 35ms
12ms Image
image/svg+xml 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.1.0/flags/4x3/gb.svg

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ccbf3724368fd3da007d3959266c24e00f8ec01758c5d8a97e451c3640261b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2592704
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 031ee0049b0000177e38313200000001
served-in-seconds: 0.000
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:52 GMT
server: cloudflare
etag: W/"5afd4938-3a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 59de691a9f72177e-FRA
expires: Tue, 25 May 2021 03:01:39 GMT

GET
H2 200 norton_logo.png
sv.oilprofit.live/images/secured_logos/ 7 KB
7 KB 152ms
131ms Image
image/png 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sv.oilprofit.live/images/secured_logos/norton_logo.png

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

3786bc18a13dbd2932b3989a6180a4cd142b10b5085e4992d98e014ac184e860

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.639888,VS0,VE0
etag: 172a16af485efffd16afe3283206dd1d14b48abcfd21294fcfaa8c09764fe788
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=3600
x-cache-hits: 34
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 7146
x-served-by: cache-hhn4038-HHN

GET
H2 200 mcafee_logo.png
sv.oilprofit.live/images/secured_logos/ 6 KB
6 KB 155ms
134ms Image
image/png 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sv.oilprofit.live/images/secured_logos/mcafee_logo.png

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

ecb3aaf54ab4f3572d33cd919a4835c0fb7f4e6ebb710382c53a986a9cad16b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.639999,VS0,VE0
etag: 6e0204558447b6745a1b33305fab65aeac4b090f0323429844cad03a4d388813
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=3600
x-cache-hits: 34
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 5575
x-served-by: cache-hhn4038-HHN

GET
H2 200 truste_logo.png
sv.oilprofit.live/images/secured_logos/ 15 KB
14 KB 155ms
135ms Image
image/png 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sv.oilprofit.live/images/secured_logos/truste_logo.png

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

ce420bb269b0e1d5159977ed7515b7fecd42bfdc00fc4687f29cd0e3451db154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.644681,VS0,VE0
etag: d7352ee0cdcf72b3e2238d9a6efcca7ca1a06b2f4ff350b078bf2588defad7e1
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=3600
x-cache-hits: 35
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 14721
x-served-by: cache-hhn4038-HHN

GET
H2 200 bbb_logo.png
sv.oilprofit.live/images/secured_logos/ 6 KB
6 KB 155ms
135ms Image
image/png 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sv.oilprofit.live/images/secured_logos/bbb_logo.png

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

729aa3aa8cda32aa66548e2a687db19454e9102b116c97989810fb16228e33bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.645057,VS0,VE0
etag: 65cad40a419858b23a73e6e40c4fdd62539a83448dde014729f1c7281e29b1a4
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=3600
x-cache-hits: 333
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 5918
x-served-by: cache-hhn4038-HHN

GET
H2 200 nasdaq_logo.png
sv.oilprofit.live/images/companies_logos/ 5 KB
5 KB 154ms
136ms Image
image/png 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sv.oilprofit.live/images/companies_logos/nasdaq_logo.png

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

7dba7dee53a71b150e61a3c2e5a20301939557d62fae8e6687d38540c21488b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.644874,VS0,VE0
etag: 51dd24f2538d4450f5d797e988a8a12790f6e674d10864eb8aa6b11a49a9dd37
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=3600
x-cache-hits: 35
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 5011
x-served-by: cache-hhn4038-HHN

GET
H2 200 euronext_logo.png
sv.oilprofit.live/images/companies_logos/ 6 KB
6 KB 154ms
136ms Image
image/png 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sv.oilprofit.live/images/companies_logos/euronext_logo.png

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

cbefbc985112044d58dfa8662f61462363a90434179475c2feaabe5ccf137ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.645172,VS0,VE0
etag: f81cff94fb35a33a51370de53337b8a30709e18d297d44be7ffb33c41bde7c1d
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=3600
x-cache-hits: 35
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 6102
x-served-by: cache-hhn4038-HHN

GET
H2 200 tmx_logo.png
sv.oilprofit.live/images/companies_logos/ 3 KB
3 KB 153ms
137ms Image
image/png 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sv.oilprofit.live/images/companies_logos/tmx_logo.png

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

80aa8c57f74e10c6dbf738c621ab8cc773a57ff229056ea78ccced5888a418ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.645718,VS0,VE0
etag: cb77bacedf58fc11ea590ff9e63017e2f3d9052d32fa756b5cc6358bd19dc07b
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=3600
x-cache-hits: 34
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 2549
x-served-by: cache-hhn4038-HHN

GET
H2 200 oil-barrels.jpg
sv.oilprofit.live/images/ 46 KB
42 KB 152ms
137ms Image
image/jpeg 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sv.oilprofit.live/images/oil-barrels.jpg

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

a90295f138eee897da6ab97dcf3b48ccc064962b98f40a264a3ec2d762b3ac59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.645850,VS0,VE0
etag: 65271eb4613d37b0a35a931c1cf78f63f159388bccb4033f34c1c4dd2591e485
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=3600
x-cache-hits: 35
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 43198
x-served-by: cache-hhn4038-HHN

GET
H2 200 jim-rogers.jpg
sv.oilprofit.live/images/famous-people/ 46 KB
45 KB 165ms
152ms Image
image/jpeg 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sv.oilprofit.live/images/famous-people/jim-rogers.jpg

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

b6702e7095375309e7c57dd39256d3adae67b5759215a0dc24cb6c185097fad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.646859,VS0,VE0
etag: d667dcb29d5c4bae7f5887d7ba556e5b98a04a18667d76586a9cebb05c4809a3
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=3600
x-cache-hits: 35
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 45793
x-served-by: cache-hhn4038-HHN

GET
H2 200 peter-defazio.jpg
sv.oilprofit.live/images/famous-people/ 46 KB
46 KB 165ms
152ms Image
image/jpeg 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sv.oilprofit.live/images/famous-people/peter-defazio.jpg

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

6acf0dac1055f35079302736303120a958532dc512e64242e3244eb4495fb227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.646895,VS0,VE0
etag: 7574e16f4830026d18b9e5ce9bb11d8c9359abf3ab41bbde6957345ff915fca0
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=3600
x-cache-hits: 36
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 46475
x-served-by: cache-hhn4038-HHN

GET
H2 200 ed-seykota.jpg
sv.oilprofit.live/images/famous-people/ 9 KB
9 KB 179ms
166ms Image
image/jpeg 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sv.oilprofit.live/images/famous-people/ed-seykota.jpg

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

9f17abb5e9fe5587c60d6d1f67b2f96b037f3e01863237c9702e3000785cfaa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.647514,VS0,VE0
etag: bf046c780a54ba7b6944698294d5954a9255241351c9e6188963bdbb975a3370
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=3600
x-cache-hits: 36
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 9418
x-served-by: cache-hhn4038-HHN

GET
H2 200 warren-buffett.jpg
sv.oilprofit.live/images/famous-people/ 20 KB
20 KB 179ms
165ms Image
image/jpeg 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sv.oilprofit.live/images/famous-people/warren-buffett.jpg

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

364e110d581026bfc6d53f52d3d58f99e399da158c12c29d4e59040f5cf4ebee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.647461,VS0,VE0
etag: d1afe5981affbfb68c66e18944c839b5919492d1b39736723c571a0f3a52a61a
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=3600
x-cache-hits: 36
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 20447
x-served-by: cache-hhn4038-HHN

GET
H2 200 icon_accurate-trading.svg
sv.oilprofit.live/images/icons/ 2 KB
1 KB 179ms
166ms Image
image/svg+xml 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sv.oilprofit.live/images/icons/icon_accurate-trading.svg

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

ed604dce8510d5b45691b495d5a17a4788c5ee2db7e2e686e5ac62381c2620e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.647031,VS0,VE0
etag: ea083bd989a5af76a21fc76fe0b06d3558f926c0fd5f81ecafec0aed192b3edd
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
status: 200
cache-control: max-age=3600
x-cache-hits: 35
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 952
x-served-by: cache-hhn4038-HHN

GET
H2 200 icon_cutting-edge-technology.svg
sv.oilprofit.live/images/icons/ 2 KB
750 B 179ms
166ms Image
image/svg+xml 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sv.oilprofit.live/images/icons/icon_cutting-edge-technology.svg

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

c881a920341ea2de53c7e5e6011069e64437940e7ff55400a1d68cbedfee8837

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.647502,VS0,VE0
etag: d63dc0000fe6b7f7b731b29af786422400ca320688baad72f7feeaae4de134ea
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
status: 200
cache-control: max-age=3600
x-cache-hits: 35
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 645
x-served-by: cache-hhn4038-HHN

GET
H2 200 icon_trusted-trading.svg
sv.oilprofit.live/images/icons/ 4 KB
2 KB 179ms
166ms Image
image/svg+xml 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sv.oilprofit.live/images/icons/icon_trusted-trading.svg

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

3c6a0748fc567cdcf9bd52c08aa328e67ffac4ab6d7137cddf8dc29f944fba56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.646930,VS0,VE0
etag: 2765cee49cc44c5f6177556ca2e42d51e528138bba342e02687bf45a1156bfac
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
status: 200
cache-control: max-age=3600
x-cache-hits: 36
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 1349
x-served-by: cache-hhn4038-HHN

GET
H2 200 bundle.min.394009d58db3184898da2ca1c90b294439a4d9d14419345c47e591a0afabbb7d.js Show response
sv.oilprofit.live/sv/js/ 148 KB
48 KB 96ms
95ms Script
text/javascript 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://sv.oilprofit.live/sv/js/bundle.min.394009d58db3184898da2ca1c90b294439a4d9d14419345c47e591a0afabbb7d.js

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

394009d58db3184898da2ca1c90b294439a4d9d14419345c47e591a0afabbb7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.599432,VS0,VE0
etag: c30d052ee840862c2e27600ebbbe0909a9a19532dfc3aead909d4d3d29f1e0c2
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=3600
x-cache-hits: 37
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 49402
x-served-by: cache-hhn4038-HHN

GET
H2 200 js.cookie.min.js Show response
sv.oilprofit.live/js/ 2 KB
1 KB 126ms
126ms Script
text/javascript 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://sv.oilprofit.live/js/js.cookie.min.js

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.600279,VS0,VE0
etag: b59d7438c11dc2214591ca20d1a75259bbb21133d95ffcba2a795d5eb0148948
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=3600
x-cache-hits: 38
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 1105
x-served-by: cache-hhn4038-HHN

GET
H2 200 style.min.css
sv.oilprofit.live/sv/js/components/bootstrapModal/ 532 B
324 B 126ms
119ms Stylesheet
text/css 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://sv.oilprofit.live/sv/js/components/bootstrapModal/style.min.css

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

a2399e6d17c6aa5bf5508638278ecc1f8b3aa78d6e4a79f20a456a7a1622be4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.602121,VS0,VE0
etag: 81e0e93cc0a7438f3b56454100b43a9d2eb561ca36bfa3f82c7db5231e8f04f4
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=3600
x-cache-hits: 36
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 220
x-served-by: cache-hhn4038-HHN

GET
H2 200 index.min.js Show response
sv.oilprofit.live/sv/js/components/bootstrapModal/ 3 KB
1 KB 126ms
119ms Script
text/javascript 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://sv.oilprofit.live/sv/js/components/bootstrapModal/index.min.js

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

773c99dcd3df2f589161218f7ff9f94207157560dba0327fdeedd511749a284c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.614265,VS0,VE0
etag: 0c22a2aa9cfcf51ee111d8012c21dc5d6664fa70bcfcb217798e8326a6eaff24
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=3600
x-cache-hits: 36
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 1149
x-served-by: cache-hhn4038-HHN

GET
H2 200 style.min.css
sv.oilprofit.live/sv/js/components/formRegistration/ 55 KB
12 KB 121ms
92ms Stylesheet
text/css 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://sv.oilprofit.live/sv/js/components/formRegistration/style.min.css

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

ebd633493fa8c7fa28b6cb0aeeed68fdc8547cab17d1429f5348c5cbfa410c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.637187,VS0,VE0
etag: 52604d81f7a192ea8f28deaa66573160c550a96ef48cdfc2b13a32c0ebf602a7
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=3600
x-cache-hits: 37
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 12085
x-served-by: cache-hhn4038-HHN

GET
H2 200 intlTelInput.min.min.js Show response
sv.oilprofit.live/sv/js/components/formRegistration/js/ 28 KB
10 KB 128ms
99ms Script
text/javascript 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://sv.oilprofit.live/sv/js/components/formRegistration/js/intlTelInput.min.min.js

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

2a76e87b78f6d9653fe7bd14ed2418606dd15f992d1afa45258180c9474fef7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.637168,VS0,VE0
etag: cf256bc89f67d3d0f19703312108fb72c66d394b2f9bdcb75cb364aec985f7a7
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=3600
x-cache-hits: 84
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 10425
x-served-by: cache-hhn4038-HHN

GET
H2 200 libphonenumber-js.min.min.js Show response
sv.oilprofit.live/sv/js/components/formRegistration/js/ 136 KB
35 KB 123ms
94ms Script
text/javascript 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://sv.oilprofit.live/sv/js/components/formRegistration/js/libphonenumber-js.min.min.js

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

43b82bdbf0592eb53ae908dbbada8adab3c1aad7c795785956e783b86e4ceea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.637162,VS0,VE0
etag: 195ca6ec614c8bd871b771b1457c3c02cbf8bd958e425fecb1ec1188b50cccc7
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=3600
x-cache-hits: 37
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 36021
x-served-by: cache-hhn4038-HHN

GET
H2 200 utils.min.js Show response
sv.oilprofit.live/sv/js/components/formRegistration/js/ 229 KB
50 KB 150ms
119ms Script
text/javascript 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://sv.oilprofit.live/sv/js/components/formRegistration/js/utils.min.js

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

38d231dad9815e4ee06fed16ef398bde3a777a625cfc9f25c18110f7331b11bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.639170,VS0,VE0
etag: 2346be29ac2be9ac15ef45334c8c85afdbfcd8d0aeadd56fa29e36815cae2792
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=3600
x-cache-hits: 37
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 50879
x-served-by: cache-hhn4038-HHN

GET
H2 200 index.min.js Show response
sv.oilprofit.live/sv/js/components/formRegistration/ 78 KB
45 KB 144ms
114ms Script
text/javascript 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://sv.oilprofit.live/sv/js/components/formRegistration/index.min.js

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

7b4521f96b4ade5deb454ed60825bfb3ed3369dd1032d3c326db820e29335ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.639132,VS0,VE0
etag: 5fbd334503b6011566b82c6d9a14e2b45335cde25a9956740a30c2346f0f70a3
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=3600
x-cache-hits: 37
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 45622
x-served-by: cache-hhn4038-HHN

GET
H2 200 style.min.css
sv.oilprofit.live/sv/js/components/ivideo/ 1 KB
704 B 154ms
132ms Stylesheet
text/css 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://sv.oilprofit.live/sv/js/components/ivideo/style.min.css

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

2c107b62e9d7bb292fe11935c7be56572352204a7f4f3dd3af77ee7031bba79f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.639592,VS0,VE0
etag: c23145b34db2734a19f9453c42a045bfef065649d68c927b8973c8c8abcce871
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=3600
x-cache-hits: 36
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 449
x-served-by: cache-hhn4038-HHN

GET
H2 200 index.min.js Show response
sv.oilprofit.live/sv/js/components/ivideo/ 5 KB
2 KB 154ms
132ms Script
text/javascript 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://sv.oilprofit.live/sv/js/components/ivideo/index.min.js

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

a6bf1aa1f683d93c52c4c776d2335beb04147ac938f3367e0c3213346b6a485a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.639572,VS0,VE0
etag: dd7fc08b52e33dd48742c194cd332c470fcad48e87a17f971f0dcf1104dcb328
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=3600
x-cache-hits: 36
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 1627
x-served-by: cache-hhn4038-HHN

GET
H2 200 index.min.js Show response
sv.oilprofit.live/sv/js/components/services/ 3 KB
2 KB 155ms
133ms Script
text/javascript 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://sv.oilprofit.live/sv/js/components/services/index.min.js

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

f584bdb2ef6f2e170448b8fe867c17b600164c9572cd5fe43db1e97abdfbc104

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.639648,VS0,VE0
etag: c7385d30db2ec45e3ee7ba3a197fb9900035e98e2af139f76d51c1837011db98
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=3600
x-cache-hits: 37
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 1441
x-served-by: cache-hhn4038-HHN

GET
H2 200 scripts.min.js Show response
sv.oilprofit.live/sv/js/ 874 B
638 B 151ms
130ms Script
text/javascript 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://sv.oilprofit.live/sv/js/scripts.min.js

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

a4333a085121c0c989ac56e720fbd69310fbf698609dd5c44ec213894bf4f1d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.639706,VS0,VE0
etag: fb199f386679e963ec94d8589d687e8cb9fdacf14c4a28882fca0c0387338ef9
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=3600
x-cache-hits: 36
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 532
x-served-by: cache-hhn4038-HHN

GET
H2 200 tm.js Show response
mtm.pw/ 0
0 307ms
59ms Script
application/x-gzip 94.237.92.181
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://mtm.pw/tm.js
Requested by: Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.237.92.181 , Germany, ASN202053 (UPCLOUD, FI),
Reverse DNS: 94-237-92-181.de-fra1.upcloud.host
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 402 KB
53 KB 30ms
19ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WFBL9N7

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59353c22efa84ae39bf39bdb99ee961d0605431d1ed11f7f5ddf5ff76b608c70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54408
x-xss-protection: 0
expires: Thu, 04 Jun 2020 03:01:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFBL9N7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 320
date: Thu, 04 Jun 2020 02:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Thu, 04 Jun 2020 04:56:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 20ms
19ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,700|Source+Sans+Pro:400,400i,700&subset=latin-ext

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ef8221aa8bffb7431d4b13cc568647c5f928e401f851d241da75f165347072fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Jun 2020 03:01:39 GMT
server: ESF
date: Thu, 04 Jun 2020 03:01:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Jun 2020 03:01:39 GMT

GET
H2 200 oil_bg.jpg
sv.oilprofit.live/sv/images/ 150 KB
141 KB 87ms
63ms Image
image/jpeg 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sv.oilprofit.live/sv/images/oil_bg.jpg

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

e675e424e341c7bba75df96ad0f13c3cbb1f8c9ba1e0c0e026e6545778abda1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/sv/css/style.36390283a0f565fea0f6f4bc3d2d5324d90d2f6483e7e49787b3e8dc739e394b.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.818248,VS0,VE0
etag: 95f688b33c4a36fd1f1e4bcc055f66fe18ebb485a9cbcb8d8adbdf8ad6dd5b75
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=3600
x-cache-hits: 36
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 143814
x-served-by: cache-hhn4038-HHN

GET
H2 200 oil-rig.jpg
sv.oilprofit.live/sv/images/ 90 KB
78 KB 84ms
64ms Image
image/jpeg 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sv.oilprofit.live/sv/images/oil-rig.jpg

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

720afb9337edafc9c9b4c9a955737f688635e70e0006e27ec896b52e56e702a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/sv/css/style.36390283a0f565fea0f6f4bc3d2d5324d90d2f6483e7e49787b3e8dc739e394b.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.818319,VS0,VE0
etag: b72ea947e53c7ac78fdc7f560b6e242b3f6d4b255ea6ec42412021ac7d6dbae8
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=3600
x-cache-hits: 36
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 79833
x-served-by: cache-hhn4038-HHN

GET
DATA 200
OK truncated
/ 466 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92b3edd4ee87a9642bf9f2f65e9358f64ad80512ed025198478469e6f9b6bb89

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 13 KB
13 KB 21ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,700|Source+Sans+Pro:400,400i,700&subset=latin-ext
Origin: https://sv.oilprofit.live

Response headers

date: Wed, 20 May 2020 07:14:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:19 GMT
server: sffe
age: 1280812
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13324
x-xss-protection: 0
expires: Thu, 20 May 2021 07:14:47 GMT

GET
H2 200 fontawesome-webfont.woff2
sv.oilprofit.live/sv/fonts/ 75 KB
76 KB 75ms
60ms Font
font/woff2 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://sv.oilprofit.live/sv/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sv.oilprofit.live/sv/css/style.36390283a0f565fea0f6f4bc3d2d5324d90d2f6483e7e49787b3e8dc739e394b.css
Origin: https://sv.oilprofit.live

Response headers

date: Thu, 04 Jun 2020 03:01:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239700.817027,VS0,VE0
etag: 75408058f6c8f9bfcc2e90568ed90df3f6fb09b3c3ee1a8303a4afd3ac0bc921
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: font/woff2
status: 200
cache-control: max-age=3600
x-cache-hits: 33
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 77171
x-served-by: cache-hhn4038-HHN

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 13 KB
13 KB 15ms
9ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,700|Source+Sans+Pro:400,400i,700&subset=latin-ext
Origin: https://sv.oilprofit.live

Response headers

date: Tue, 19 May 2020 02:35:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:17 GMT
server: sffe
age: 1383952
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12976
x-xss-protection: 0
expires: Wed, 19 May 2021 02:35:47 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdP3pBms.woff2
fonts.gstatic.com/s/ibmplexsans/v7/ 13 KB
13 KB 23ms
21ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v7/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdP3pBms.woff2

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099787b39809b3ce2372aee29b8dae6a8447434df9fa734916709a64ac1eb061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,700|Source+Sans+Pro:400,400i,700&subset=latin-ext
Origin: https://sv.oilprofit.live

Response headers

date: Thu, 21 May 2020 12:08:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:48:37 GMT
server: sffe
age: 1176819
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13020
x-xss-protection: 0
expires: Fri, 21 May 2021 12:08:00 GMT

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFaxOedc.woff2
fonts.gstatic.com/s/ibmplexsans/v7/ 13 KB
13 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v7/zYXgKVElMYYaJe8bpLHnCwDKhdHeFaxOedc.woff2

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d32b2c653c571d5ebe401463197bd449b52f013c0da42995f8fc8b67524abccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,700|Source+Sans+Pro:400,400i,700&subset=latin-ext
Origin: https://sv.oilprofit.live

Response headers

date: Wed, 27 May 2020 08:23:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:47:55 GMT
server: sffe
age: 671897
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12872
x-xss-protection: 0
expires: Thu, 27 May 2021 08:23:22 GMT

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDJB9cme.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 12 KB
12 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDJB9cme.woff2

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cc2c8a7bd96173ee2a862c122630ab8d45ad0676ad2ad60fc55307763782230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,700|Source+Sans+Pro:400,400i,700&subset=latin-ext
Origin: https://sv.oilprofit.live

Response headers

date: Wed, 27 May 2020 04:00:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:00 GMT
server: sffe
age: 687641
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12656
x-xss-protection: 0
expires: Thu, 27 May 2021 04:00:58 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=749050338&t=pageview&_s=1&dl=https%3A%2F%2Fsv.oilprofit.live%2F%3Fa%3D6670%26o%3D17009%26s%3DmlClick-ryg8K3sM&dr=https%3A%2F%2Fgolead.pl%2Fp%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-133903746-1&cid=1894083858.1591239700&jid=207533839&_gid=761997430.1591239700&gjid=2002247854&_v=j82&z=545765910

35 B
99 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-133903746-1&cid=1894083858.1591239700&jid=207533839&_gid=761997430.1591239700&gjid=2002247854&_v=j82&z=545765910

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 04 Jun 2020 03:01:40 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Jun 2020 03:01:40 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-133903746-1&cid=1894083858.1591239700&jid=207533839&_gid=761997430.1591239700&gjid=2002247854&_v=j82&z=545765910
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rates Show response
bitpay.com/api/ 9 KB
4 KB 478ms
339ms XHR
application/json 2606:4700::6812:5b25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitpay.com/api/rates

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/sv/js/bundle.min.394009d58db3184898da2ca1c90b294439a4d9d14419345c47e591a0afabbb7d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:5b25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bd223998c7b0def2bd974a6f88b5ee175fe9c209228ccc7396c07b8bf50af59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
status: 200
strict-transport-security: max-age=31536000
cf-request-id: 031ee0087f0000176abf2f5200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
cf-ray: 59de6920cd03176a-FRA
expires: Thu, 04 Jun 2020 03:02:40 GMT

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 16 KB
6 KB 176ms
62ms Script
application/javascript 151.101.112.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js?_=1591239699734

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/sv/js/bundle.min.394009d58db3184898da2ca1c90b294439a4d9d14419345c47e591a0afabbb7d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3251d1a7dd9b4629dcd26b5a1709ef7e7558a026f13c401404387b49eb538bd5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Varnish-Cache: 1
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 531
X-Cache: HIT
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection: keep-alive
X-VServer: infra-playproxy-a-3
Content-Length: 5244
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4076-HHN
Access-Control-Allow-Origin: *
Expires: Thu, 04 Jun 2020 03:08:06 GMT
Server: nginx
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer: S1591239701.662335,VS0,VE0
Date: Thu, 04 Jun 2020 03:01:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript;charset=utf-8
Via: 1.1 varnish, 1.1 varnish
Vary: Accept-Encoding
X-Vimeo-DC: ge
Accept-Ranges: bytes
X-Cache-Hits: 268

GET
H2 200 geoip Show response
sv.oilprofit.live/ 41 B
210 B 86ms
85ms XHR
application/json 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://sv.oilprofit.live/geoip
Requested by: Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/sv/js/bundle.min.394009d58db3184898da2ca1c90b294439a4d9d14419345c47e591a0afabbb7d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),
Reverse DNS: 94-237-86-210.de-fra1.upcloud.host
Software: /
Resource Hash: 216af3baf2582576af1d460c17f16f37488cc096cdd8bb0180aca97e5f88269f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-version: 2020-05-27T14:48:24Z
date: Thu, 04 Jun 2020 03:01:40 GMT
content-encoding: gzip
content-type: application/json
status: 200
x-cloud-trace-context: ac1cf6905be701d41a7919e5ab3b8a1c
cache-control: private
function-execution-id: z0fsnouiu6jc
x-ip: 165.231.142.36
content-length: 57

GET
H2 200 play_btn.png
sv.oilprofit.live/images/ 2 KB
2 KB 62ms
61ms Image
image/png 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sv.oilprofit.live/images/play_btn.png

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

fe6e85aa6ea5cd1fa48bca845b0ffaf1d338426f8a368cdc1077868615598e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:40 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239701.638082,VS0,VE0
etag: 4ee9af2d369b674032b7c16397df32db8c7a89760e94c7f9a4b903e292c1e387
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=3600
x-cache-hits: 30
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 2282
x-served-by: cache-hhn4038-HHN

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22124179da4e79adceac7abe423fc21360af24dd44130701b324653bbd2b220d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ec7dab4829888dfc54301f9f680bbcf1908523d49f3f6549a101a1481103e52

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 15 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11f9f53d6e668313aabd981e32ac0650d803e248f62f07d4665294a9d772b545

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21fdaca0e790820a8d388e80f200b864fd5514c3ec9d0174e86b15de213cb4a0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53a38379592286cea290cd5315d36768edf6640aff3169573517fe82541e5a0a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 flags.png
sv.oilprofit.live/sv/formRegistration/images/ 20 KB
20 KB 62ms
61ms Image
image/png 94.237.86.210
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sv.oilprofit.live/sv/formRegistration/images/flags.png

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.237.86.210 , Germany, ASN202053 (UPCLOUD, FI),

Reverse DNS

94-237-86-210.de-fra1.upcloud.host

Software

Resource Hash

6260a53563ffdddde1cf864034653fa6ff0e45ff0595fa969d9de15a14a4ff6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sv.oilprofit.live/sv/js/components/formRegistration/style.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:40 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 07:58:08 GMT
x-timer: S1591239701.644289,VS0,VE0
etag: c44b82fe176d905fc0881a1b8d1712abc87f8d0c2b73f983bad2625d87be4e73
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=3600
x-cache-hits: 28
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
content-length: 19981
x-served-by: cache-hhn4038-HHN

GET
H/1.1 200
OK oembed.json Show response
vimeo.com/api/ 369 B
1 KB 249ms
175ms XHR
application/json 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/api/oembed.json?url=https%3A%2F%2Fplayer.vimeo.com%2Fvideo%2F314454665&url=https%3A%2F%2Fplayer.vimeo.com%2Fvideo%2F314454665&autoplay=false&muted=false

Requested by

Host: player.vimeo.com
URL: https://player.vimeo.com/api/player.js?_=1591239699734

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

17aea140bdddc5c2fc952646b71e7642d440fbb54a3189bf362b613d5c3cd4c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
Content-Security-Policy-Report-Only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
Content-Length: 246
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Access-Control-Allow-Origin: *
Last-Modified: Thu, 04 Jun 2020 02:17:56 GMT
Server: nginx
Cache-Control: max-age=60
X-Timer: S1591239701.959265,VS0,VE143
X-Frame-Options: sameorigin
Date: Thu, 04 Jun 2020 03:01:41 GMT
X-Served-By: cache-bwi5120-BWI, cache-bma1634-BMA
Vary: User-Agent,Accept-Encoding
Content-Type: application/json
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 04 Jun 2020 03:02:41 GMT
X-Vimeo-DC: ge
Etag: "f5a8083eb2f4e039508758097d80a1138ffdc8ed"
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 0

GET
H/1.1 200
OK 314454665
player.vimeo.com/video/ Frame 7F3A 0
0 201ms
200ms Document
text/html 151.101.112.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/314454665?app_id=122963

Requested by

Host: player.vimeo.com
URL: https://player.vimeo.com/api/player.js?_=1591239699734

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM

Response headers

Connection: keep-alive
Content-Length: 5687
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Thu, 04 Jun 2020 03:11:41 GMT
Via: 1.1 varnish 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 0
X-VServer: infra-playproxy-a-10
X-Vimeo-DC: ge
Accept-Ranges: bytes
Date: Thu, 04 Jun 2020 03:01:41 GMT
Age: 0
X-Served-By: cache-hhn4076-HHN
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1591239701.157712,VS0,VE145
Vary: Accept-Encoding

GET
H2 200 se.svg
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.1.0/flags/4x3/ 743 B
511 B 12ms
11ms Image
image/svg+xml 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.1.0/flags/4x3/se.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efea7283bea5c95ddcd74c169b35598ed3d95d4f032a87d78d993a239669f313

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:43 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 529751
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 031ee0153c0000177e383aa200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:52 GMT
server: cloudflare
etag: W/"5afd4938-2e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 59de69352f6e177e-FRA
expires: Tue, 25 May 2021 03:01:43 GMT

GET
H2 200 rates Show response
bitpay.com/api/ 9 KB
3 KB 19ms
19ms XHR
application/json 2606:4700::6812:5b25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitpay.com/api/rates

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/sv/js/bundle.min.394009d58db3184898da2ca1c90b294439a4d9d14419345c47e591a0afabbb7d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:5b25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bd223998c7b0def2bd974a6f88b5ee175fe9c209228ccc7396c07b8bf50af59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10
status: 200
strict-transport-security: max-age=31536000
cf-request-id: 031ee02f060000176abf0e0200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
cf-ray: 59de695e78da176a-FRA
expires: Thu, 04 Jun 2020 03:02:40 GMT

GET
H2 200 se.svg
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.1.0/flags/4x3/ 743 B
498 B 11ms
11ms Image
image/svg+xml 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.1.0/flags/4x3/se.svg

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/sv/js/bundle.min.394009d58db3184898da2ca1c90b294439a4d9d14419345c47e591a0afabbb7d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efea7283bea5c95ddcd74c169b35598ed3d95d4f032a87d78d993a239669f313

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 529758
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 031ee030950000177e380ab200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:52 GMT
server: cloudflare
etag: W/"5afd4938-2e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 59de6960ea41177e-FRA
expires: Tue, 25 May 2021 03:01:50 GMT

GET
H2 200 se.svg
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.1.0/flags/4x3/ 743 B
498 B 14ms
14ms Image
image/svg+xml 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.1.0/flags/4x3/se.svg

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/sv/js/bundle.min.394009d58db3184898da2ca1c90b294439a4d9d14419345c47e591a0afabbb7d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efea7283bea5c95ddcd74c169b35598ed3d95d4f032a87d78d993a239669f313

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:01:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 529765
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 031ee04beb0000177e381bb200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:52 GMT
server: cloudflare
etag: W/"5afd4938-2e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 59de698caa58177e-FRA
expires: Tue, 25 May 2021 03:01:57 GMT

GET
H2 200 rates Show response
bitpay.com/api/ 9 KB
3 KB 21ms
21ms XHR
application/json 2606:4700::6812:5b25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitpay.com/api/rates

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/sv/js/bundle.min.394009d58db3184898da2ca1c90b294439a4d9d14419345c47e591a0afabbb7d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:5b25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bd223998c7b0def2bd974a6f88b5ee175fe9c209228ccc7396c07b8bf50af59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:02:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20
status: 200
strict-transport-security: max-age=31536000
cf-request-id: 031ee056170000176abf221200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
cf-ray: 59de699cfec1176a-FRA
expires: Thu, 04 Jun 2020 03:02:40 GMT

GET
H2 200 se.svg
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.1.0/flags/4x3/ 743 B
498 B 12ms
12ms Image
image/svg+xml 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.1.0/flags/4x3/se.svg

Requested by

Host: sv.oilprofit.live
URL: https://sv.oilprofit.live/sv/js/bundle.min.394009d58db3184898da2ca1c90b294439a4d9d14419345c47e591a0afabbb7d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efea7283bea5c95ddcd74c169b35598ed3d95d4f032a87d78d993a239669f313

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://sv.oilprofit.live/?a=6670&o=17009&s=mlClick-ryg8K3sM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 03:02:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 529772
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 031ee067430000177e382f8200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:52 GMT
server: cloudflare
etag: W/"5afd4938-2e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 59de69b86d91177e-FRA
expires: Tue, 25 May 2021 03:02:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s3-eu-west-1.amazonaws.com
URL: https://s3-eu-west-1.amazonaws.com/pxgif/ajax-loader.gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sv.oilprofit.live/	1977-02-23 10:00:43	Name: s Value: mlClick-ryg8K3sM
sv.oilprofit.live/	1977-02-23 10:00:43	Name: o Value: 17009
.sv.oilprofit.live/	1970-01-19 10:00:39	Name: _gat_UA-133903746-1 Value: 1
sv.oilprofit.live/	1977-02-23 10:00:43	Name: a Value: 6670
.sv.oilprofit.live/	1970-01-19 10:02:06	Name: _gid Value: GA1.3.761997430.1591239700
.sv.oilprofit.live/	1970-01-20 03:31:51	Name: _ga Value: GA1.3.1894083858.1591239700

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

best.aliexpress.com
bitpay.com
cdnjs.cloudflare.com
clk.value.us
ct-redirect.com
ecapitalone.com
fonts.googleapis.com
fonts.gstatic.com
golead.pl
mtm.pw
player.vimeo.com
s.click.aliexpress.com
s3-eu-west-1.amazonaws.com
sarah.ttnrd.com
stats.g.doubleclick.net
sv.oilprofit.live
vimeo.com
www.g2a.com
www.gearbest.com
www.google-analytics.com
www.googletagmanager.com
s3-eu-west-1.amazonaws.com
104.111.214.74
104.111.253.247
151.101.112.217
151.101.128.217
212.32.237.91
23.43.126.245
2606:4700:3034::681f:42e9
2606:4700::6810:85e5
2606:4700::6812:5b25
2a00:1450:4001:81c::200e
2a00:1450:4001:81e::2003
2a00:1450:4001:821::200a
2a00:1450:4001:825::2008
2a00:1450:400c:c00::9d
2a03:b0c0:3:d0::d13:7001
35.172.40.232
94.237.86.210
94.237.92.181
94.237.92.24
099787b39809b3ce2372aee29b8dae6a8447434df9fa734916709a64ac1eb061
0bd223998c7b0def2bd974a6f88b5ee175fe9c209228ccc7396c07b8bf50af59
0f98c0b7c833e5b20ae39ada9ca288977e8585bd908227b833df5cec84f2596d
109b8554b8cb3a5390a1b79f68ebecc5c1247c03e9e09415f68c15fff7d8b9ee
11f9f53d6e668313aabd981e32ac0650d803e248f62f07d4665294a9d772b545
17aea140bdddc5c2fc952646b71e7642d440fbb54a3189bf362b613d5c3cd4c2
216af3baf2582576af1d460c17f16f37488cc096cdd8bb0180aca97e5f88269f
21fdaca0e790820a8d388e80f200b864fd5514c3ec9d0174e86b15de213cb4a0
22124179da4e79adceac7abe423fc21360af24dd44130701b324653bbd2b220d
2a76e87b78f6d9653fe7bd14ed2418606dd15f992d1afa45258180c9474fef7a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c107b62e9d7bb292fe11935c7be56572352204a7f4f3dd3af77ee7031bba79f
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3251d1a7dd9b4629dcd26b5a1709ef7e7558a026f13c401404387b49eb538bd5
364e110d581026bfc6d53f52d3d58f99e399da158c12c29d4e59040f5cf4ebee
3786bc18a13dbd2932b3989a6180a4cd142b10b5085e4992d98e014ac184e860
38d231dad9815e4ee06fed16ef398bde3a777a625cfc9f25c18110f7331b11bd
394009d58db3184898da2ca1c90b294439a4d9d14419345c47e591a0afabbb7d
3c6a0748fc567cdcf9bd52c08aa328e67ffac4ab6d7137cddf8dc29f944fba56
43b82bdbf0592eb53ae908dbbada8adab3c1aad7c795785956e783b86e4ceea5
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
4a0dd05cafdce90b48c1b89ae4d86f1120a0fdc7a9e929edb1ebe0404f663dad
53a38379592286cea290cd5315d36768edf6640aff3169573517fe82541e5a0a
59353c22efa84ae39bf39bdb99ee961d0605431d1ed11f7f5ddf5ff76b608c70
6260a53563ffdddde1cf864034653fa6ff0e45ff0595fa969d9de15a14a4ff6d
6acf0dac1055f35079302736303120a958532dc512e64242e3244eb4495fb227
720afb9337edafc9c9b4c9a955737f688635e70e0006e27ec896b52e56e702a5
729aa3aa8cda32aa66548e2a687db19454e9102b116c97989810fb16228e33bd
773c99dcd3df2f589161218f7ff9f94207157560dba0327fdeedd511749a284c
7b4521f96b4ade5deb454ed60825bfb3ed3369dd1032d3c326db820e29335ef9
7cc2c8a7bd96173ee2a862c122630ab8d45ad0676ad2ad60fc55307763782230
7dba7dee53a71b150e61a3c2e5a20301939557d62fae8e6687d38540c21488b2
7ec7dab4829888dfc54301f9f680bbcf1908523d49f3f6549a101a1481103e52
80aa8c57f74e10c6dbf738c621ab8cc773a57ff229056ea78ccced5888a418ce
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ccbf3724368fd3da007d3959266c24e00f8ec01758c5d8a97e451c3640261b4
92b3edd4ee87a9642bf9f2f65e9358f64ad80512ed025198478469e6f9b6bb89
951dc69829e6e88db4ba973f5de730fd8ee26875ca8ef037fa4830d2be735447
9f17abb5e9fe5587c60d6d1f67b2f96b037f3e01863237c9702e3000785cfaa7
a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f
a2399e6d17c6aa5bf5508638278ecc1f8b3aa78d6e4a79f20a456a7a1622be4e
a4333a085121c0c989ac56e720fbd69310fbf698609dd5c44ec213894bf4f1d0
a6bf1aa1f683d93c52c4c776d2335beb04147ac938f3367e0c3213346b6a485a
a90295f138eee897da6ab97dcf3b48ccc064962b98f40a264a3ec2d762b3ac59
b6702e7095375309e7c57dd39256d3adae67b5759215a0dc24cb6c185097fad5
c881a920341ea2de53c7e5e6011069e64437940e7ff55400a1d68cbedfee8837
cbefbc985112044d58dfa8662f61462363a90434179475c2feaabe5ccf137ab0
ce420bb269b0e1d5159977ed7515b7fecd42bfdc00fc4687f29cd0e3451db154
d32b2c653c571d5ebe401463197bd449b52f013c0da42995f8fc8b67524abccc
db82521f1fc9263029cdad99025db7b08d7ebf5f966a7eec620f433723a30298
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e675e424e341c7bba75df96ad0f13c3cbb1f8c9ba1e0c0e026e6545778abda1d
e9768538a6acb9ad2037b8acbf05349427a901368041e881df0c79657a2b88b4
e9d329a376a7a69e1c619ededc1c5f1112d91f924889865773a5f1ac59b348b1
ebd633493fa8c7fa28b6cb0aeeed68fdc8547cab17d1429f5348c5cbfa410c03
ecb3aaf54ab4f3572d33cd919a4835c0fb7f4e6ebb710382c53a986a9cad16b3
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
ed604dce8510d5b45691b495d5a17a4788c5ee2db7e2e686e5ac62381c2620e6
ef8221aa8bffb7431d4b13cc568647c5f928e401f851d241da75f165347072fa
efea7283bea5c95ddcd74c169b35598ed3d95d4f032a87d78d993a239669f313
f584bdb2ef6f2e170448b8fe867c17b600164c9572cd5fe43db1e97abdfbc104
fe6e85aa6ea5cd1fa48bca845b0ffaf1d338426f8a368cdc1077868615598e8f

sv.oilprofit.live Open in urlscan Pro 94.237.86.210 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

97 %HTTPS

47 %IPv6

19 Domains

21 Subdomains

19 IPs

4 Countries

969 kBTransfer

2167 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sv.oilprofit.live Open in urlscan Pro
94.237.86.210 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

97 %
HTTPS

47 %
IPv6

19
Domains

21
Subdomains

19
IPs

4
Countries

969 kB
Transfer

2167 kB
Size

6
Cookies

72 HTTP transactions
6 data transactions