urlscan.io logo urlscan.io
SecurityTrails logo

newsprofin.com Open in urlscan Pro
2606:4700:30::681c:1c69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://zdrbq.voluumtrk.com/95d423d0-1a24-465f-b895-68250e4112ce?utm_content=2036654&utm_term=2057738&utm_source=propeller&u...
Effective URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_so...
Submission: On October 03 via manual from TR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 11 domains to perform 25 HTTP transactions. The main IP is 2606:4700:30::681c:1c69, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is newsprofin.com.
This is the only time newsprofin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.153.1.92 16509 (AMAZON-02)
3 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 18.195.198.103 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 67.27.234.124 3356 (LEVEL3)
6 2a00:1450:400... 15169 (GOOGLE)
1 1 185.104.210.32 200449 (QRATOR-)
3 2a00:1450:400... 15169 (GOOGLE)
1 5 2a02:6b8::1:119 13238 (YANDEX)
25 10
1    18.153.1.92 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-1-92.eu-central-1.compute.amazonaws.com
zdrbq.voluumtrk.com
3    2606:4700:30::681c:1c69 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
newsprofin.com
1    2a00:1450:4001:81d::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
2    18.195.198.103 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-198-103.eu-central-1.compute.amazonaws.com
my.rtmark.net
1    2a00:1450:4001:816::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:816::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    2a00:1450:4001:81f::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com
3    67.27.234.124 (United States)

ASN3356 (LEVEL3 - Level 3 Parent, LLC, US)
static.olymptrade.com
6    2a00:1450:4001:816::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    185.104.210.32 (Norway)

ASN200449 (QRATOR-, CZ)
olymptrade.com
3    2a00:1450:4001:816::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
s.ytimg.com
www.google-analytics.com
5    2a02:6b8::1:119 (Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
Domain Requested by
6 fonts.gstatic.com newsprofin.com
5 mc.yandex.ru 1 redirects newsprofin.com
3 static.olymptrade.com newsprofin.com
3 newsprofin.com newsprofin.com
2 www.google-analytics.com www.googletagmanager.com
newsprofin.com
2 my.rtmark.net newsprofin.com
1 s.ytimg.com www.youtube.com
1 olymptrade.com 1 redirects
1 www.youtube.com newsprofin.com
1 www.googletagmanager.com newsprofin.com
1 fonts.googleapis.com newsprofin.com
1 ajax.googleapis.com newsprofin.com
1 zdrbq.voluumtrk.com 1 redirects
25 13

This site contains no links.

Subject Issuer Validity Valid
*.googleapis.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-09-18 -
2018-12-11		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-09-18 -
2018-12-11		 3 months crt.sh
static.olymptrade.com
COMODO RSA Domain Validation Secure Server CA		 2017-10-19 -
2019-01-27		 a year crt.sh
bs.yandex.ru
Yandex CA		 2017-11-23 -
2019-11-23		 2 years crt.sh

This page contains 3 frames:

Primary Page: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Frame ID: 75B113098DACCF86E495B2F1B563BEC9
Requests: 23 HTTP requests in this frame

Frame: https://static.olymptrade.com/lands/affiliate-new-form/?target=blank&lang=ru
Frame ID: ACE2B7483980940075A90637CE274C6C
Requests: 1 HTTP requests in this frame

Frame: https://static.olymptrade.com/lands/affiliate-new-form/?target=blank&lang=ru&horizontal=true&dark=true
Frame ID: AF1A0D0B838C5D9F8E9ADF3A62C0413F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://zdrbq.voluumtrk.com/95d423d0-1a24-465f-b895-68250e4112ce?utm_content=2036654&utm_term=2057738&ut... HTTP 302
    http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

25
Requests

80 %
HTTPS

67 %
IPv6

11
Domains

13
Subdomains

10
IPs

4
Countries

192 kB
Transfer

455 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://zdrbq.voluumtrk.com/95d423d0-1a24-465f-b895-68250e4112ce?utm_content=2036654&utm_term=2057738&utm_source=propeller&utm_campaign=1329963&utm_medium=p&ref=p_prop_ia_t67-ua_desk&eid=71362345816829952 HTTP 302
    http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://olymptrade.com/l/vid2/p_prop_ia_t67-ua_desk?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560&http_referer= HTTP 302
  • https://static.olymptrade.com/lands/LPL45-04en/index.html?af_siteid=LPL45-04en&eid=wJ9R369QO58IM68HHPKB0560&geocode=ru-ru&http_referer=&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560&lref=p_prop_ia_t67-ua_desk&lrefch=p&pixel=0&ref=p_prop_ia_t67-ua_desk&subid2=wJ9R369QO58IM68HHPKB0560&tmplcode=vid1&utm_campaign=1329963&utm_content=2036654&utm_medium=p&utm_source=propeller_ads&utm_term=2057738&video-controls=1
Request Chain 21
  • https://mc.yandex.ru/watch/45558069?wmode=7&page-url=http%3A%2F%2Fnewsprofin.com%2Fvid2%2F%3Fvideo-controls%3D1%26geocode%3Dru-ru%26tmplcode%3Dvid1%26ref%3Dp_prop_ia_t67-ua_desk%26utm_medium%3Dp%26utm_source%3Dpropeller_ads%26utm_campaign%3D1329963%26utm_content%3D2036654%26utm_term%3D2057738%26eid%3DwJ9R369QO58IM68HHPKB0560%26subid2%3DwJ9R369QO58IM68HHPKB0560%26lead_param%3Dpostback_subid2%253DwJ9R369QO58IM68HHPKB0560&charset=utf-8&site-info=%7B%7D&browser-info=ti%3A10%3Ans%3A1538577848715%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181003144409%3Aet%3A1538577849%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A977371979%3Ahid%3A996189655%3Ads%3A30%2C6%2C13%2C1%2C31%2C0%2C0%2C70%2C1%2C%2C%2C%2C171%3Afp%3A153%3Awn%3A14880%3Ahl%3A2%3Agdpr%3A14%3Av%3A1227%3Ast%3A1538577849%3Au%3A1538577849381590181%3At%3A%D0%9F%D0%BE%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%D0%B5%20%D1%8D%D1%82%D0%BE%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D0%B8%20%D1%83%D0%B7%D0%BD%D0%B0%D0%B9%D1%82%D0%B5%2C%20%D0%BA%D0%B0%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0%D1%82%D1%8C%20%241220%20%D0%B7%D0%B0%205%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82! HTTP 302
  • https://mc.yandex.ru/watch/45558069/1?wmode=7&page-url=http%3A%2F%2Fnewsprofin.com%2Fvid2%2F%3Fvideo-controls%3D1%26geocode%3Dru-ru%26tmplcode%3Dvid1%26ref%3Dp_prop_ia_t67-ua_desk%26utm_medium%3Dp%26utm_source%3Dpropeller_ads%26utm_campaign%3D1329963%26utm_content%3D2036654%26utm_term%3D2057738%26eid%3DwJ9R369QO58IM68HHPKB0560%26subid2%3DwJ9R369QO58IM68HHPKB0560%26lead_param%3Dpostback_subid2%253DwJ9R369QO58IM68HHPKB0560&charset=utf-8&site-info=%7B%7D&browser-info=ti%3A10%3Ans%3A1538577848715%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181003144409%3Aet%3A1538577849%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A977371979%3Ahid%3A996189655%3Ads%3A30%2C6%2C13%2C1%2C31%2C0%2C0%2C70%2C1%2C%2C%2C%2C171%3Afp%3A153%3Awn%3A14880%3Ahl%3A2%3Agdpr%3A14%3Av%3A1227%3Ast%3A1538577849%3Au%3A1538577849381590181%3At%3A%D0%9F%D0%BE%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%D0%B5%20%D1%8D%D1%82%D0%BE%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D0%B8%20%D1%83%D0%B7%D0%BD%D0%B0%D0%B9%D1%82%D0%B5%2C%20%D0%BA%D0%B0%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0%D1%82%D1%8C%20%241220%20%D0%B7%D0%B0%205%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82!

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
newsprofin.com/vid2/
Redirect Chain
  • http://zdrbq.voluumtrk.com/95d423d0-1a24-465f-b895-68250e4112ce?utm_content=2036654&utm_term=2057738&utm_source=propeller&utm_campaign=1329963&utm_medium=p&ref=p_prop_ia_t67-ua_desk&eid=71362345816...
  • http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&ei...
29 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
HTTP/1.1
Server
2606:4700:30::681c:1c69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c899abb8c4ba6432d60f84a6d949a15d3a2c2385a7eb6757373c00201a232b67

Request headers

Host
newsprofin.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 03 Oct 2018 14:44:08 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d67d531d7db5f5512520013851a80d6ea1538577848; expires=Thu, 03-Oct-19 14:44:08 GMT; path=/; domain=.newsprofin.com; HttpOnly moonfall=1538577848; expires=Wed, 10-Oct-2018 14:44:08 GMT; Max-Age=604800 moonfall=1538577848; expires=Thu, 04-Oct-2018 14:44:08 GMT; Max-Age=86400
Server
cloudflare
CF-RAY
46402f62e63497a4-FRA
Content-Encoding
gzip

Redirect headers

Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Date
Wed, 03 Oct 2018 14:44:08 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Pragma
no-cache
Server
nginx
Set-Cookie
95d423d0-1a24-465f-b895-68250e4112ce-v4=95d423d0-1a24-465f-b895-68250e4112ce;domain=zdrbq.voluumtrk.com;path=/;HttpOnly voluum-cid-v4=%7B%22cid%22%3A%22wJ9R369QO58IM68HHPKB0560%22%2C%22caid%22%3A%2295d423d0-1a24-465f-b895-68250e4112ce%22%7D;Max-Age=31536000;Expires=Thu, 03-Oct-2019 14:44:08 GMT;domain=zdrbq.voluumtrk.com;path=/;HttpOnly
Content-Length
0
Connection
keep-alive
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 14:16:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
779254
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
30306
x-xss-protection
1; mode=block
last-modified
Fri, 24 Mar 2017 20:55:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Sep 2019 14:16:34 GMT
p.js
my.rtmark.net/ 		709 B
863 B 		Script
General
Check archive.org
Download Go to
Full URL
http://my.rtmark.net/p.js?f=sync&lr=1&partner=d4780256675044be0407076ca188b382e5b1c31802f6607ba3813679a9c40d86
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
HTTP/1.1
Server
18.195.198.103 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-198-103.eu-central-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
40a6679b1db2606de28588f413173af698f120c478f395418d63810499ba87a5

Request headers

Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 03 Oct 2018 14:44:08 GMT
Server
nginx/1.12.1
Connection
keep-alive
Content-Length
709
Content-Type
text/javascript
fancybox.min.js
newsprofin.com/system/templates/vid1/js/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://newsprofin.com/system/templates/vid1/js/fancybox.min.js
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
HTTP/1.1
Server
2606:4700:30::681c:1c69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
newsprofin.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Cookie
__cfduid=d67d531d7db5f5512520013851a80d6ea1538577848
Connection
keep-alive
Cache-Control
no-cache
Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 03 Oct 2018 14:44:08 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Mon, 23 Apr 2018 14:05:58 GMT
Server
cloudflare
ETag
W/"5adde846-5a5f"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
46402f63063b97a4-FRA
Expires
Wed, 03 Oct 2018 18:44:08 GMT
app.js
newsprofin.com/system/templates/vid1/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://newsprofin.com/system/templates/vid1/js/app.js
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
HTTP/1.1
Server
2606:4700:30::681c:1c69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
03dac1934e5ca59f8080d74fee4f411407717f700cd764af5eab031b5f38a4f5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
newsprofin.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Cookie
__cfduid=d67d531d7db5f5512520013851a80d6ea1538577848
Connection
keep-alive
Cache-Control
no-cache
Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 03 Oct 2018 14:44:08 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 27 Jul 2018 10:40:35 GMT
Server
cloudflare
ETag
W/"5b5af6a3-973"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
46402f63564f97a4-FRA
Expires
Wed, 03 Oct 2018 18:44:08 GMT
css
fonts.googleapis.com/ 		7 KB
815 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic,latin-ext,vietnamese
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
c345fc13257023a5594f0be4a3b4643774ebfcba01a95d53c7842515d500ae7c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
last-modified
Wed, 03 Oct 2018 14:44:08 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 03 Oct 2018 14:44:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Wed, 03 Oct 2018 14:44:08 GMT
gtm.js
www.googletagmanager.com/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PKPQ2PC
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
fc72f641a40b7bce1ec8df44e1d3e05d9a306101db434ae7e30dde9eeb477fdb
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 03 Oct 2018 14:44:08 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
27207
x-xss-protection
1; mode=block
expires
Wed, 03 Oct 2018 14:44:08 GMT
iframe_api
www.youtube.com/ 		859 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
09e6d1639f3a8a34be7a88814cb51d4b5b0d8719b9feeb208c43002a511cfb08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 03 Oct 2018 14:44:08 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
859
x-xss-protection
1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
expires
Tue, 27 Apr 1971 19:44:06 EST
/
static.olymptrade.com/lands/affiliate-new-form/ Frame ACE2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.olymptrade.com/lands/affiliate-new-form/?target=blank&lang=ru
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.27.234.124 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Host
static.olymptrade.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560

Response headers

Date
Wed, 03 Oct 2018 13:57:02 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
23422
Connection
keep-alive
Cache-Control
max-age=604800
ETag
"5b7e-5773bdba1a781"
Expires
Wed, 10 Oct 2018 13:57:07 GMT
Last-Modified
Tue, 02 Oct 2018 09:50:55 GMT
Server
Apache
Access-Control-Allow-Origin
*
Age
2827
Accept-Ranges
bytes
/
static.olymptrade.com/lands/affiliate-new-form/ Frame AF1A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.olymptrade.com/lands/affiliate-new-form/?target=blank&lang=ru&horizontal=true&dark=true
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.27.234.124 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Host
static.olymptrade.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560

Response headers

Date
Wed, 03 Oct 2018 13:57:02 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
23422
Connection
keep-alive
Cache-Control
max-age=604800
ETag
"5b7e-5773bdba1a781"
Expires
Wed, 10 Oct 2018 13:57:07 GMT
Last-Modified
Tue, 02 Oct 2018 09:50:55 GMT
Server
Apache
Access-Control-Allow-Origin
*
Age
2827
Accept-Ranges
bytes
img.gif
my.rtmark.net/ 		43 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://my.rtmark.net/img.gif?f=sync&partner=d4780256675044be0407076ca188b382e5b1c31802f6607ba3813679a9c40d86&ttl=&rurl=
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
HTTP/1.1
Server
18.195.198.103 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-198-103.eu-central-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 03 Oct 2018 14:44:08 GMT
Server
nginx/1.12.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic,latin-ext,vietnamese
Origin
http://newsprofin.com

Response headers

date
Tue, 02 Oct 2018 06:22:27 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:46 GMT
server
sffe
age
116501
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8892
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 06:22:27 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic,latin-ext,vietnamese
Origin
http://newsprofin.com

Response headers

date
Tue, 02 Oct 2018 06:22:32 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:39 GMT
server
sffe
age
116496
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8800
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 06:22:32 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic,latin-ext,vietnamese
Origin
http://newsprofin.com

Response headers

date
Tue, 02 Oct 2018 06:22:27 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:48 GMT
server
sffe
age
116501
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8916
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 06:22:27 GMT
mem5YaGs126MiZpBA-UN7rgOVuhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v15/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOVuhpKKSTj5PW.woff2
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
737d7e70c48505d4a1500f4f5dcf097f7be50740acf894fc2bb23f45bd84bde0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic,latin-ext,vietnamese
Origin
http://newsprofin.com

Response headers

date
Tue, 02 Oct 2018 06:22:32 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:46 GMT
server
sffe
age
116496
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
5512
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 06:22:32 GMT
mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v15/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a726c8af799c4c310efca2a7fe577ac08ea2ffa7af4cba1198892e61a9ae1a6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic,latin-ext,vietnamese
Origin
http://newsprofin.com

Response headers

date
Tue, 02 Oct 2018 06:22:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:36 GMT
server
sffe
age
116499
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
5636
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 06:22:29 GMT
mem5YaGs126MiZpBA-UNirkOVuhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v15/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOVuhpKKSTj5PW.woff2
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
990b8bb1d9c71f1a17016c1b132d64028ef4dd3e54c6f513f27bb160c793ee34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic,latin-ext,vietnamese
Origin
http://newsprofin.com

Response headers

date
Tue, 02 Oct 2018 06:22:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:40 GMT
server
sffe
age
116499
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
5592
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 06:22:29 GMT
index.html
static.olymptrade.com/lands/LPL45-04en/
Redirect Chain
  • https://olymptrade.com/l/vid2/p_prop_ia_t67-ua_desk?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=203...
  • https://static.olymptrade.com/lands/LPL45-04en/index.html?af_siteid=LPL45-04en&eid=wJ9R369QO58IM68HHPKB0560&geocode=ru-ru&http_referer=&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560&lref=p_...
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.olymptrade.com/lands/LPL45-04en/index.html?af_siteid=LPL45-04en&eid=wJ9R369QO58IM68HHPKB0560&geocode=ru-ru&http_referer=&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560&lref=p_prop_ia_t67-ua_desk&lrefch=p&pixel=0&ref=p_prop_ia_t67-ua_desk&subid2=wJ9R369QO58IM68HHPKB0560&tmplcode=vid1&utm_campaign=1329963&utm_content=2036654&utm_medium=p&utm_source=propeller_ads&utm_term=2057738&video-controls=1
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.27.234.124 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 03 Oct 2018 13:56:59 GMT
Last-Modified
Wed, 03 Oct 2018 13:52:50 GMT
Server
Apache
Age
2830
ETag
"2050b-577535aa87f04"
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
132363
Expires
Wed, 10 Oct 2018 13:56:59 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 Oct 2018 14:44:08 GMT
Content-Type
text/html; charset=utf-8
Location
https://static.olymptrade.com/lands/LPL45-04en/index.html?af_siteid=LPL45-04en&eid=wJ9R369QO58IM68HHPKB0560&geocode=ru-ru&http_referer=&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560&lref=p_prop_ia_t67-ua_desk&lrefch=p&pixel=0&ref=p_prop_ia_t67-ua_desk&subid2=wJ9R369QO58IM68HHPKB0560&tmplcode=vid1&utm_campaign=1329963&utm_content=2036654&utm_medium=p&utm_source=propeller_ads&utm_term=2057738&video-controls=1
Cache-Control
must-revalidate, post-check=0, pre-check=0, private
X-Status-Code
200
Content-Length
0
Expires
0
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflgi5pml/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflgi5pml/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a599232b27762d0deef401c854b6c5f7f9f7b69c63a22fdf36b99bac156946fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Oct 2018 14:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88600
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
7696
x-xss-protection
1; mode=block
last-modified
Mon, 01 Oct 2018 20:20:18 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Wed, 10 Oct 2018 14:07:28 GMT
analytics.js
www.google-analytics.com/ 		39 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKPQ2PC
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Sep 2018 23:12:19 GMT
server
Golfe2
age
1305
date
Wed, 03 Oct 2018 14:22:23 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
16173
expires
Wed, 03 Oct 2018 16:22:23 GMT
watch.js
mc.yandex.ru/metrika/ 		124 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
b90f2e7392bb93e6873953c0101ae514b1ae392ec3a8144cbd25029d056afae9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 03 Oct 2018 14:44:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Oct 2018 14:04:17 GMT
Server
nginx/1.12.2
ETag
"5bb4cc61-a769"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
42857
Expires
Wed, 03 Oct 2018 15:44:08 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j69&a=1679517346&t=pageview&_s=1&dl=http%3A%2F%2Fnewsprofin.com%2Fvid2%2F%3Fvideo-controls%3D1%26geocode%3Dru-ru%26tmplcode%3Dvid1%26ref%3Dp_prop_ia_t67-ua_desk%26utm_medium%3Dp%26utm_source%3Dpropeller_ads%26utm_campaign%3D1329963%26utm_content%3D2036654%26utm_term%3D2057738%26eid%3DwJ9R369QO58IM68HHPKB0560%26subid2%3DwJ9R369QO58IM68HHPKB0560%26lead_param%3Dpostback_subid2%253DwJ9R369QO58IM68HHPKB0560&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%D0%B5%20%D1%8D%D1%82%D0%BE%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D0%B8%20%D1%83%D0%B7%D0%BD%D0%B0%D0%B9%D1%82%D0%B5%2C%20%D0%BA%D0%B0%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0%D1%82%D1%8C%20%241220%20%D0%B7%D0%B0%205%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=2080016375&gjid=404854276&cid=1351118416.1538577849&tid=UA-122932680-1&_gid=2091197167.1538577849&_r=1&gtm=G9oPKPQ2PC&cd1=1351118416.1538577849&z=935906640
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Oct 2018 14:44:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.ru/watch/45558069/
Redirect Chain
  • https://mc.yandex.ru/watch/45558069?wmode=7&page-url=http%3A%2F%2Fnewsprofin.com%2Fvid2%2F%3Fvideo-controls%3D1%26geocode%3Dru-ru%26tmplcode%3Dvid1%26ref%3Dp_prop_ia_t67-ua_desk%26utm_medium%3Dp%26...
  • https://mc.yandex.ru/watch/45558069/1?wmode=7&page-url=http%3A%2F%2Fnewsprofin.com%2Fvid2%2F%3Fvideo-controls%3D1%26geocode%3Dru-ru%26tmplcode%3Dvid1%26ref%3Dp_prop_ia_t67-ua_desk%26utm_medium%3Dp%...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/45558069/1?wmode=7&page-url=http%3A%2F%2Fnewsprofin.com%2Fvid2%2F%3Fvideo-controls%3D1%26geocode%3Dru-ru%26tmplcode%3Dvid1%26ref%3Dp_prop_ia_t67-ua_desk%26utm_medium%3Dp%26utm_source%3Dpropeller_ads%26utm_campaign%3D1329963%26utm_content%3D2036654%26utm_term%3D2057738%26eid%3DwJ9R369QO58IM68HHPKB0560%26subid2%3DwJ9R369QO58IM68HHPKB0560%26lead_param%3Dpostback_subid2%253DwJ9R369QO58IM68HHPKB0560&charset=utf-8&site-info=%7B%7D&browser-info=ti%3A10%3Ans%3A1538577848715%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181003144409%3Aet%3A1538577849%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A977371979%3Ahid%3A996189655%3Ads%3A30%2C6%2C13%2C1%2C31%2C0%2C0%2C70%2C1%2C%2C%2C%2C171%3Afp%3A153%3Awn%3A14880%3Ahl%3A2%3Agdpr%3A14%3Av%3A1227%3Ast%3A1538577849%3Au%3A1538577849381590181%3At%3A%D0%9F%D0%BE%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%D0%B5%20%D1%8D%D1%82%D0%BE%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D0%B8%20%D1%83%D0%B7%D0%BD%D0%B0%D0%B9%D1%82%D0%B5%2C%20%D0%BA%D0%B0%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0%D1%82%D1%8C%20%241220%20%D0%B7%D0%B0%205%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82!
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Oct 2018 14:44:09 GMT
Last-Modified
Wed, 03 Oct 2018 14:44:09 GMT
Server
nginx/1.12.2
Location
https://mc.yandex.ru/watch/45558069/1?wmode=7&page-url=http%3A%2F%2Fnewsprofin.com%2Fvid2%2F%3Fvideo-controls%3D1%26geocode%3Dru-ru%26tmplcode%3Dvid1%26ref%3Dp_prop_ia_t67-ua_desk%26utm_medium%3Dp%26utm_source%3Dpropeller_ads%26utm_campaign%3D1329963%26utm_content%3D2036654%26utm_term%3D2057738%26eid%3DwJ9R369QO58IM68HHPKB0560%26subid2%3DwJ9R369QO58IM68HHPKB0560%26lead_param%3Dpostback_subid2%253DwJ9R369QO58IM68HHPKB0560&charset=utf-8&site-info=%7B%7D&browser-info=ti%3A10%3Ans%3A1538577848715%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181003144409%3Aet%3A1538577849%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A977371979%3Ahid%3A996189655%3Ads%3A30%2C6%2C13%2C1%2C31%2C0%2C0%2C70%2C1%2C%2C%2C%2C171%3Afp%3A153%3Awn%3A14880%3Ahl%3A2%3Agdpr%3A14%3Av%3A1227%3Ast%3A1538577849%3Au%3A1538577849381590181%3At%3A%D0%9F%D0%BE%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%D0%B5%20%D1%8D%D1%82%D0%BE%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D0%B8%20%D1%83%D0%B7%D0%BD%D0%B0%D0%B9%D1%82%D0%B5%2C%20%D0%BA%D0%B0%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0%D1%82%D1%8C%20%241220%20%D0%B7%D0%B0%205%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82!
Strict-Transport-Security
max-age=31536000
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin
http://newsprofin.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Wed, 03 Oct 2018 14:44:09 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 Oct 2018 14:44:09 GMT
Last-Modified
Wed, 03 Oct 2018 14:44:09 GMT
Server
nginx/1.12.2
Location
https://mc.yandex.ru/watch/45558069/1?wmode=7&page-url=http%3A%2F%2Fnewsprofin.com%2Fvid2%2F%3Fvideo-controls%3D1%26geocode%3Dru-ru%26tmplcode%3Dvid1%26ref%3Dp_prop_ia_t67-ua_desk%26utm_medium%3Dp%26utm_source%3Dpropeller_ads%26utm_campaign%3D1329963%26utm_content%3D2036654%26utm_term%3D2057738%26eid%3DwJ9R369QO58IM68HHPKB0560%26subid2%3DwJ9R369QO58IM68HHPKB0560%26lead_param%3Dpostback_subid2%253DwJ9R369QO58IM68HHPKB0560&charset=utf-8&site-info=%7B%7D&browser-info=ti%3A10%3Ans%3A1538577848715%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181003144409%3Aet%3A1538577849%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A977371979%3Ahid%3A996189655%3Ads%3A30%2C6%2C13%2C1%2C31%2C0%2C0%2C70%2C1%2C%2C%2C%2C171%3Afp%3A153%3Awn%3A14880%3Ahl%3A2%3Agdpr%3A14%3Av%3A1227%3Ast%3A1538577849%3Au%3A1538577849381590181%3At%3A%D0%9F%D0%BE%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%D0%B5%20%D1%8D%D1%82%D0%BE%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D0%B8%20%D1%83%D0%B7%D0%BD%D0%B0%D0%B9%D1%82%D0%B5%2C%20%D0%BA%D0%B0%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0%D1%82%D1%8C%20%241220%20%D0%B7%D0%B0%205%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82!
Strict-Transport-Security
max-age=31536000
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin
http://newsprofin.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Wed, 03 Oct 2018 14:44:09 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 03 Oct 2018 14:44:09 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.12.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Wed, 03 Oct 2018 15:44:09 GMT
1
mc.yandex.ru/watch/45558069/ 		152 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/45558069/1?wmode=7&page-url=http%3A%2F%2Fnewsprofin.com%2Fvid2%2F%3Fvideo-controls%3D1%26geocode%3Dru-ru%26tmplcode%3Dvid1%26ref%3Dp_prop_ia_t67-ua_desk%26utm_medium%3Dp%26utm_source%3Dpropeller_ads%26utm_campaign%3D1329963%26utm_content%3D2036654%26utm_term%3D2057738%26eid%3DwJ9R369QO58IM68HHPKB0560%26subid2%3DwJ9R369QO58IM68HHPKB0560%26lead_param%3Dpostback_subid2%253DwJ9R369QO58IM68HHPKB0560&charset=utf-8&site-info=%7B%7D&browser-info=ti%3A10%3Ans%3A1538577848715%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181003144409%3Aet%3A1538577849%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A977371979%3Ahid%3A996189655%3Ads%3A30%2C6%2C13%2C1%2C31%2C0%2C0%2C70%2C1%2C%2C%2C%2C171%3Afp%3A153%3Awn%3A14880%3Ahl%3A2%3Agdpr%3A14%3Av%3A1227%3Ast%3A1538577849%3Au%3A1538577849381590181%3At%3A%D0%9F%D0%BE%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%D0%B5%20%D1%8D%D1%82%D0%BE%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D0%B8%20%D1%83%D0%B7%D0%BD%D0%B0%D0%B9%D1%82%D0%B5%2C%20%D0%BA%D0%B0%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0%D1%82%D1%8C%20%241220%20%D0%B7%D0%B0%205%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82!
Requested by
Host: newsprofin.com
URL: http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
efb2a490c203994593792ad6b025ddbb4d59c2007aa7cf325ead51a592857082
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://newsprofin.com/vid2/?video-controls=1&geocode=ru-ru&tmplcode=vid1&ref=p_prop_ia_t67-ua_desk&utm_medium=p&utm_source=propeller_ads&utm_campaign=1329963&utm_content=2036654&utm_term=2057738&eid=wJ9R369QO58IM68HHPKB0560&subid2=wJ9R369QO58IM68HHPKB0560&lead_param=postback_subid2%3DwJ9R369QO58IM68HHPKB0560
Origin
http://newsprofin.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 03 Oct 2018 14:44:09 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 03 Oct 2018 14:44:09 GMT
Server
nginx/1.12.2
Strict-Transport-Security
max-age=31536000
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin
http://newsprofin.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Wed, 03 Oct 2018 14:44:09 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| dataLayer object| tag object| firstScriptTag undefined| player number| reloads function| onYouTubeIframeAPIReady function| onPlayerReady object| mails function| regWidgetItem function| vid1Redirect string| vid1Origin function| bindEvent boolean| allowpop object| google_tag_manager object| YT object| YTConfig function| onYTReady string| GoogleAnalyticsObject function| ga object| yaParams object| allLinks undefined| allLinksIndlA undefined| allLinksIndlB undefined| allLinksIndlC undefined| allLinksBlg1A undefined| allLinksBlg1B undefined| allLinksBlg1C undefined| allLinksBlg1D undefined| allLinksDefaultA undefined| allLinksDefaultB undefined| allLinksDefaultC undefined| allLinksDefaultD object| all_platform_links object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| google_tag_data object| gaplugins object| sa object| gaGlobal object| gaData object| Ya object| yaCounter45558069

15 Cookies

Domain/Path Name / Value
.olymptrade.com/ Name: guest_id
Value: 1375367011745022979911428147318120153857784898544225530100084690
.olymptrade.com/ Name: enterdate
Value: 2018-10-03+17%3A44%3A08
.olymptrade.com/ Name: checked
Value: 1
.olymptrade.com/ Name: tr_http_referer
Value: http%3A%2F%2Fnewsprofin.com%2Fvid2%2F%3Fvideo-controls%3D1%26geocode%3Dru-ru%26tmplcode%3Dvid1%26ref%3Dp_prop_ia_t67-ua_desk%26utm_medium%3Dp%26utm_source%3Dpropeller_ads%26utm_campaign%3D1329963%26utm_content%3D2036654%26utm_term%3D2057738%26eid%3DwJ9R369QO58IM68HHPKB0560%26subid2%3DwJ9R369QO58IM68HHPKB0560%26lead_param%3Dpostback_subid2%253DwJ9R369QO58IM68HHPKB0560
newsprofin.com/vid2 Name: moonfall
Value: 1538577848
.newsprofin.com/ Name: _ym_d
Value: 1538577849
.olymptrade.com/ Name: tr_traffic
Value: %7B%22created_at%22%3A%222018-10-03+17%3A44%3A08%22%2C%22ref%22%3A%22p_prop_ia_t67-ua_desk%22%2C%22ref_channel%22%3A%22p%22%2C%22land%22%3A%22LPL45-04en%22%2C%22utm_campaign%22%3A%221329963%22%2C%22utm_term%22%3A%222057738%22%2C%22utm_content%22%3A%222036654%22%2C%22utm_medium%22%3A%22p%22%2C%22utm_source%22%3A%22propeller_ads%22%2C%22guest_id%22%3A%221375367011745022979911428147318120153857784898544225530100084690%22%2C%22platform_id%22%3A%22wJ9R369QO58IM68HHPKB0560%22%7D
.olymptrade.com/ Name: tr_request_uri
Value: %2Fl%2Fvid2%2Fp_prop_ia_t67-ua_desk%3Fvideo-controls%3D1%26geocode%3Dru-ru%26tmplcode%3Dvid1%26ref%3Dp_prop_ia_t67-ua_desk%26utm_medium%3Dp%26utm_source%3Dpropeller_ads%26utm_campaign%3D1329963%26utm_content%3D2036654%26utm_term%3D2057738%26eid%3DwJ9R369QO58IM68HHPKB0560%26subid2%3DwJ9R369QO58IM68HHPKB0560%26lead_param%3Dpostback_subid2%253DwJ9R369QO58IM68HHPKB0560%26http_referer%3D
.newsprofin.com/ Name: _ym_uid
Value: 1538577849381590181
.newsprofin.com/ Name: _ym_visorc_45558069
Value: b
.newsprofin.com/ Name: _ga
Value: GA1.2.1351118416.1538577849
.newsprofin.com/ Name: _ym_isad
Value: 2
.newsprofin.com/ Name: _gat_UA-122932680-1
Value: 1
.newsprofin.com/ Name: _gid
Value: GA1.2.2091197167.1538577849
.newsprofin.com/ Name: __cfduid
Value: d67d531d7db5f5512520013851a80d6ea1538577848

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.ru
my.rtmark.net
newsprofin.com
olymptrade.com
s.ytimg.com
static.olymptrade.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
zdrbq.voluumtrk.com
18.153.1.92
18.195.198.103
185.104.210.32
2606:4700:30::681c:1c69
2a00:1450:4001:816::2003
2a00:1450:4001:816::2008
2a00:1450:4001:816::200a
2a00:1450:4001:816::200e
2a00:1450:4001:81d::200a
2a00:1450:4001:81f::200e
2a02:6b8::1:119
67.27.234.124
03dac1934e5ca59f8080d74fee4f411407717f700cd764af5eab031b5f38a4f5
09e6d1639f3a8a34be7a88814cb51d4b5b0d8719b9feeb208c43002a511cfb08
40a6679b1db2606de28588f413173af698f120c478f395418d63810499ba87a5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
737d7e70c48505d4a1500f4f5dcf097f7be50740acf894fc2bb23f45bd84bde0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
990b8bb1d9c71f1a17016c1b132d64028ef4dd3e54c6f513f27bb160c793ee34
a599232b27762d0deef401c854b6c5f7f9f7b69c63a22fdf36b99bac156946fc
a726c8af799c4c310efca2a7fe577ac08ea2ffa7af4cba1198892e61a9ae1a6d
b90f2e7392bb93e6873953c0101ae514b1ae392ec3a8144cbd25029d056afae9
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
c345fc13257023a5594f0be4a3b4643774ebfcba01a95d53c7842515d500ae7c
c899abb8c4ba6432d60f84a6d949a15d3a2c2385a7eb6757373c00201a232b67
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
efb2a490c203994593792ad6b025ddbb4d59c2007aa7cf325ead51a592857082
fc72f641a40b7bce1ec8df44e1d3e05d9a306101db434ae7e30dde9eeb477fdb
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be