URL: https://posting4profitnow.com/
Submission: On December 06 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 75 IPs in 8 countries across 68 domains to perform 712 HTTP transactions. The main IP is 2606:4700:3034::6815:7d7, located in United States and belongs to CLOUDFLARENET, US. The main domain is posting4profitnow.com.
TLS certificate: Issued by R3 on December 6th 2021. Valid for: 3 months.
This is the only time posting4profitnow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
16 2a00:1450:400... 15169 (GOOGLE)
40 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
15 2606:4700::68... 13335 (CLOUDFLAR...)
10 2606:4700:303... 13335 (CLOUDFLAR...)
20 51.161.92.183 16276 (OVH)
10 2a00:1450:400... 15169 (GOOGLE)
28 2606:4700::68... 13335 (CLOUDFLAR...)
23 2606:4700:303... 13335 (CLOUDFLAR...)
22 2606:4700::68... 13335 (CLOUDFLAR...)
7 2600:9000:211... 16509 (AMAZON-02)
29 2a00:1450:400... 15169 (GOOGLE)
18 2620:1ec:21::14 8068 (MICROSOFT...)
6 6 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
6 151.101.64.176 54113 (FASTLY)
6 104.111.228.123 16625 (AKAMAI-AS)
3 104.18.9.127 13335 (CLOUDFLAR...)
2 13.35.253.30 16509 (AMAZON-02)
46 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
12 89.187.169.47 60068 (CDN77 ^_^)
1 8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
2 151.101.193.35 54113 (FASTLY)
8 2a00:1450:400... 15169 (GOOGLE)
6 142.250.181.226 15169 (GOOGLE)
18 2a00:1288:80:... 203220 (YAHOO-DEB)
18 2620:1ec:c11:... 8068 (MICROSOFT...)
6 2a02:2638::3 44788 (ASN-CRITE...)
30 52.70.96.75 14618 (AMAZON-AES)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
14 20 2a02:2638::1c 44788 (ASN-CRITE...)
13 212.82.100.181 34010 (YAHOO-IRD)
3 54.187.119.242 16509 (AMAZON-02)
6 178.250.0.157 44788 (ASN-CRITE...)
6 6 178.250.2.151 44788 (ASN-CRITE...)
6 74.119.119.150 19750 (AS-CRITEO)
18 108.128.72.146 16509 (AMAZON-02)
1 35.167.194.245 16509 (AMAZON-02)
18 13.32.22.59 16509 (AMAZON-02)
3 2600:9000:211... 16509 (AMAZON-02)
6 35.244.174.68 15169 (GOOGLE)
6 6 142.250.186.34 15169 (GOOGLE)
12 178.250.0.163 44788 (ASN-CRITE...)
1 7 34.255.54.140 16509 (AMAZON-02)
3 10 104.19.132.78 13335 (CLOUDFLAR...)
13 18.156.0.31 16509 (AMAZON-02)
6 3.220.31.25 14618 (AMAZON-AES)
6 70.42.32.127 22075 (AS-OUTBRAIN)
1 2 188.65.124.38 41690 (DAILYMOTI...)
7 104.75.88.126 16625 (AKAMAI-AS)
5 69.173.151.100 26667 (RUBICONPR...)
1 34.98.64.218 15169 (GOOGLE)
14 20 37.252.173.62 29990 (ASN-APPNEX)
6 185.64.190.80 62713 (AS-PUBMATIC)
2 8 76.223.111.18 16509 (AMAZON-02)
6 2.18.235.93 16625 (AKAMAI-AS)
3 9 2.18.234.21 16625 (AKAMAI-AS)
8 8 35.157.240.53 16509 (AMAZON-02)
1 7 3.127.209.187 16509 (AMAZON-02)
6 99.80.164.0 16509 (AMAZON-02)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
6 104.111.242.245 16625 (AKAMAI-AS)
6 141.226.228.48 200478 (TABOOLA-AS)
6 185.86.137.132 201081 (SMARTADSE...)
5 18.157.150.79 16509 (AMAZON-02)
3 8 52.211.218.251 16509 (AMAZON-02)
10 10 54.81.135.237 14618 (AMAZON-AES)
5 2600:1f18:444... 14618 (AMAZON-AES)
5 34.200.155.146 14618 (AMAZON-AES)
5 2600:1f18:612... 14618 (AMAZON-AES)
5 5 2.18.234.233 16625 (AKAMAI-AS)
5 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 104.111.215.191 16625 (AKAMAI-AS)
712 75
Apex Domain
Subdomains
Transfer
50 criteo.com
gum.criteo.com
mug.criteo.com
sslwidget.criteo.com
widget.us.criteo.com
dis.criteo.com
92 KB
48 licdn.com
static-exp1.licdn.com
media-exp1.licdn.com
dms.licdn.com
713 KB
40 groove.cm
app.groove.cm
15 MB
32 yahoo.com
sp.analytics.yahoo.com
ads.yahoo.com
ups.analytics.yahoo.com
5 KB
30 hyros.com
175592.tracking.hyros.com
116 KB
28 cloudflare.com
cdnjs.cloudflare.com
782 KB
24 googletagmanager.com
www.googletagmanager.com
773 KB
23 youtube.com
www.youtube.com
1 MB
23 gdapis.com
v1.gdapis.com
20 KB
22 grooveapps.com
assets.grooveapps.com
2 MB
20 adnxs.com
secure.adnxs.com
20 KB
20 groovetech.io
matomo.groovetech.io
227 KB
18 helpscout.net
beacon-v2.helpscout.net
2 MB
18 loopedin.io
api.loopedin.io
15 KB
18 bing.com
bat.bing.com
64 KB
18 linkedin.com
www.linkedin.com
20 KB
16 groovesell.com
tracking.groovesell.com
proof.groovesell.com
posting4profitnow.groovesell.com
2 MB
16 googleapis.com
fonts.googleapis.com
1 MB
15 liadm.com
i.liadm.com
i6.liadm.com
8 KB
15 doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
cm.g.doubleclick.net
8 KB
12 yimg.com
s.yimg.com
35 KB
12 productstash.io
cdn.productstash.io
48 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
224 KB
12 fontawesome.com
kit.fontawesome.com
ka-f.fontawesome.com
291 KB
10 stickyadstv.com
ads.stickyadstv.com
cdn.stickyadstv.com
5 KB
10 mgid.com
cm.mgid.com
5 KB
9 casalemedia.com
r.casalemedia.com
8 KB
8 360yield.com
ad.360yield.com
3 KB
8 advertising.com
pixel.advertising.com
3 KB
8 3lift.com
eb2.3lift.com
3 KB
8 stripe.com
js.stripe.com Failed
q.stripe.com
m.stripe.com
115 KB
7 bidswitch.net
x.bidswitch.net
2 KB
7 addthis.com
cw.addthis.com
3 KB
7 mediawallahscript.com
partner.mediawallahscript.com
5 KB
7 paypal.com
www.paypal.com
t.paypal.com
106 KB
7 google.com
www.google.com
14 KB
7 groovevideo.com
widget.groovevideo.com
videos.groovevideo.com
309 KB
6 smartadserver.com
rtb-csync.smartadserver.com
978 B
6 taboola.com
sync-t1.taboola.com
1 KB
6 teads.tv
criteo-sync.teads.tv
1 KB
6 revcontent.com
trends.revcontent.com
1 KB
6 media.net
contextual.media.net
4 KB
6 pubmatic.com
simage2.pubmatic.com
2 KB
6 outbrain.com
sync.outbrain.com
2 KB
6 yieldmo.com
sync-criteo.ads.yieldmo.com
1 KB
6 rlcdn.com
idsync.rlcdn.com
2 KB
6 google.de
www.google.de
1 KB
6 criteo.net
static.criteo.net
82 KB
6 googleadservices.com
www.googleadservices.com
85 KB
6 google-analytics.com
www.google-analytics.com
118 KB
6 groovefunnels.com
app.groovefunnels.com
3 KB
5 tremorhub.com
criteo-partners.tremorhub.com
911 B
5 postrelease.com
jadserve.postrelease.com
2 KB
5 sharethrough.com
match.sharethrough.com
1 KB
5 rubiconproject.com
pixel.rubiconproject.com
1 KB
3 smaato.net
s.ad.smaato.net
722 B
3 authorize.net
js.authorize.net Failed
9 KB
2 bluekai.com
tags.bluekai.com
1 KB
2 clmbtech.com
ade.clmbtech.com
526 B
2 dmxleo.com
public-prod-dspcookiematching.dmxleo.com
490 B
2 stripe.network
m.stripe.network
17 KB
2 braintreegateway.com
js.braintreegateway.com Failed
30 KB
2 gitcdn.link
gitcdn.link Failed
4 KB
1 openx.net
us-u.openx.net
275 B
1 ytimg.com
i.ytimg.com
16 KB
1 ggpht.com
yt3.ggpht.com
3 KB
1 paypalobjects.com
www.paypalobjects.com Failed
235 KB
1 posting4profitnow.com
posting4profitnow.com
88 KB
712 68
Domain Requested by
42 static-exp1.licdn.com www.linkedin.com
static-exp1.licdn.com
40 app.groove.cm posting4profitnow.com
widget.groovevideo.com
app.groove.cm
30 175592.tracking.hyros.com posting4profitnow.com
175592.tracking.hyros.com
28 cdnjs.cloudflare.com client
posting4profitnow.groovesell.com
app.groove.cm
24 www.googletagmanager.com app.groove.cm
www.googletagmanager.com
posting4profitnow.com
23 www.youtube.com posting4profitnow.com
www.youtube.com
matomo.groovetech.io
app.groove.cm
23 v1.gdapis.com proof.groovesell.com
posting4profitnow.groovesell.com
widget.groovevideo.com
app.groove.cm
22 assets.grooveapps.com posting4profitnow.com
posting4profitnow.groovesell.com
20 secure.adnxs.com 14 redirects posting4profitnow.com
20 gum.criteo.com 14 redirects static.criteo.net
20 matomo.groovetech.io posting4profitnow.com
app.groove.cm
18 beacon-v2.helpscout.net app.groove.cm
beacon-v2.helpscout.net
18 api.loopedin.io cdn.productstash.io
18 bat.bing.com posting4profitnow.com
bat.bing.com
app.groove.cm
18 www.linkedin.com posting4profitnow.com
static-exp1.licdn.com
16 fonts.googleapis.com posting4profitnow.com
app.groove.cm
client
14 posting4profitnow.groovesell.com posting4profitnow.com
posting4profitnow.groovesell.com
13 ups.analytics.yahoo.com posting4profitnow.com
13 sp.analytics.yahoo.com app.groove.cm
posting4profitnow.com
12 dis.criteo.com posting4profitnow.com
12 s.yimg.com posting4profitnow.com
s.yimg.com
12 cdn.productstash.io app.groove.cm
cdn.productstash.io
10 i.liadm.com 10 redirects
10 cm.mgid.com 3 redirects posting4profitnow.com
10 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
10 ka-f.fontawesome.com kit.fontawesome.com
posting4profitnow.com
9 r.casalemedia.com 3 redirects posting4profitnow.com
8 ad.360yield.com 3 redirects posting4profitnow.com
8 pixel.advertising.com 8 redirects
8 eb2.3lift.com 2 redirects posting4profitnow.com
8 googleads.g.doubleclick.net 1 redirects www.youtube.com
www.googleadservices.com
7 x.bidswitch.net 1 redirects posting4profitnow.com
7 cw.addthis.com posting4profitnow.com
7 partner.mediawallahscript.com 1 redirects posting4profitnow.com
7 www.google.com www.youtube.com
app.groove.cm
6 videos.groovevideo.com posting4profitnow.com
6 rtb-csync.smartadserver.com posting4profitnow.com
6 sync-t1.taboola.com posting4profitnow.com
6 criteo-sync.teads.tv posting4profitnow.com
6 trends.revcontent.com posting4profitnow.com
6 contextual.media.net posting4profitnow.com
6 simage2.pubmatic.com posting4profitnow.com
6 sync.outbrain.com posting4profitnow.com
6 sync-criteo.ads.yieldmo.com posting4profitnow.com
6 ads.yahoo.com posting4profitnow.com
6 cm.g.doubleclick.net 6 redirects
6 idsync.rlcdn.com posting4profitnow.com
6 widget.us.criteo.com app.groove.cm
6 sslwidget.criteo.com 6 redirects
6 mug.criteo.com app.groove.cm
6 www.google.de app.groove.cm
6 static.criteo.net www.googletagmanager.com
6 www.googleadservices.com www.googletagmanager.com
6 www.google-analytics.com www.googletagmanager.com
6 app.groovefunnels.com 6 redirects
5 cdn.stickyadstv.com posting4profitnow.com
5 ads.stickyadstv.com 5 redirects
5 criteo-partners.tremorhub.com posting4profitnow.com
5 jadserve.postrelease.com posting4profitnow.com
5 i6.liadm.com posting4profitnow.com
5 match.sharethrough.com posting4profitnow.com
5 pixel.rubiconproject.com posting4profitnow.com
5 www.paypal.com www.paypalobjects.com
posting4profitnow.groovesell.com
www.paypal.com
4 media-exp1.licdn.com posting4profitnow.com
static-exp1.licdn.com
4 js.stripe.com posting4profitnow.groovesell.com
js.stripe.com
3 s.ad.smaato.net posting4profitnow.com
3 q.stripe.com posting4profitnow.com
3 js.authorize.net posting4profitnow.groovesell.com
js.authorize.net
2 tags.bluekai.com posting4profitnow.com
2 ade.clmbtech.com posting4profitnow.com
2 public-prod-dspcookiematching.dmxleo.com 1 redirects posting4profitnow.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 dms.licdn.com posting4profitnow.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 t.paypal.com posting4profitnow.groovesell.com
posting4profitnow.com
2 js.braintreegateway.com posting4profitnow.groovesell.com
2 gitcdn.link posting4profitnow.groovesell.com
2 kit.fontawesome.com posting4profitnow.com
posting4profitnow.groovesell.com
1 us-u.openx.net posting4profitnow.com
1 m.stripe.com m.stripe.network
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 www.paypalobjects.com posting4profitnow.groovesell.com
1 widget.groovevideo.com posting4profitnow.com
1 proof.groovesell.com posting4profitnow.com
1 tracking.groovesell.com posting4profitnow.com
1 posting4profitnow.com
712 88

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
Subject Issuer Validity Valid
*.posting4profitnow.com
R3
2021-12-06 -
2022-03-06
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-11 -
2022-06-10
a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2021-12-01 -
2023-01-01
a year crt.sh
*.groovetech.io
Sectigo RSA Domain Validation Secure Server CA
2021-08-18 -
2022-08-18
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
videos.groovevideo.com
Amazon
2021-07-05 -
2022-08-03
a year crt.sh
*.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2021-12-06 -
2022-06-06
6 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2021-10-21 -
2022-02-02
3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2021-11-03 -
2022-10-31
a year crt.sh
js.authorize.net
Cloudflare Inc ECC CA-3
2021-08-08 -
2022-08-07
a year crt.sh
checkout.paypal.com
DigiCert SHA2 Extended Validation Server CA
2021-07-07 -
2022-08-07
a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2021-07-15 -
2022-07-20
a year crt.sh
cdn.productstash.io
R3
2021-11-11 -
2022-02-09
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
www.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2021-11-08 -
2022-01-31
3 months crt.sh
edgestatic.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-11-08 -
2022-01-31
3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA
2021-09-21 -
2022-10-22
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-11-08 -
2021-12-29
2 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2021-09-30 -
2022-03-30
6 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-12-01 -
2022-02-24
3 months crt.sh
tracking.hyros.com
Amazon
2021-06-01 -
2022-06-30
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-12-01 -
2022-02-26
3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-10-19 -
2022-04-13
6 months crt.sh
*.stripe.com
DigiCert SHA2 Secure Server CA
2021-09-08 -
2022-09-07
a year crt.sh
www.google.de
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
api.loopedin.io
R3
2021-12-04 -
2022-03-04
3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-20 -
2022-02-02
3 months crt.sh
*.helpscout.net
Amazon
2021-04-25 -
2022-05-24
a year crt.sh
s.ad.smaato.net
Amazon
2021-09-21 -
2022-10-20
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-08-17 -
2022-02-09
6 months crt.sh
*.ads.yieldmo.com
Amazon
2021-05-25 -
2022-06-23
a year crt.sh
*.outbrain.com
Thawte RSA CA 2018
2021-10-24 -
2022-11-24
a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2021-04-25 -
2022-04-27
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-03-30 -
2022-04-04
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2021-08-04 -
2022-09-04
a year crt.sh
*.3lift.com
Amazon
2021-06-12 -
2022-07-11
a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA
2021-04-12 -
2022-04-20
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2020-04-23 -
2022-05-04
2 years crt.sh
revcontent.com
Amazon
2021-08-09 -
2022-09-07
a year crt.sh
colombiaonline.com
R3
2021-09-13 -
2021-12-12
3 months crt.sh
teads.tv
R3
2021-11-03 -
2022-02-01
3 months crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA
2020-01-30 -
2022-02-03
2 years crt.sh
*.mediawallahscript.com
Amazon
2021-05-19 -
2022-06-17
a year crt.sh
*.sharethrough.com
Amazon
2021-08-13 -
2022-09-11
a year crt.sh
*.postrelease.com
Amazon
2021-01-28 -
2022-02-25
a year crt.sh
*.tremorhub.com
Amazon
2021-06-27 -
2022-07-26
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
*.360yield.com
Amazon
2021-07-28 -
2022-08-26
a year crt.sh

This page contains 26 frames:

Primary Page: https://posting4profitnow.com/
Frame ID: 8D7D813DA7473061CEBD05C8141FCEDB
Requests: 59 HTTP requests in this frame

Frame: https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
Frame ID: 321342B46DAF5942C332A21762D781BC
Requests: 15 HTTP requests in this frame

Frame: https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
Frame ID: DB7DD45BF376FA958BBCDAB4B5D9E4BD
Requests: 41 HTTP requests in this frame

Frame: https://www.youtube.com/embed/k2m2g3U0KIQ?rel=0&modestbranding=1&controls=1
Frame ID: 8D69AEFE69F04D52D0BA50D2D25FCC37
Requests: 18 HTTP requests in this frame

Frame: https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6862063190298259456?compact=1
Frame ID: E8907D32D07F2C16EEF5D028CF003956
Requests: 34 HTTP requests in this frame

Frame: https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6846197346825588736?compact=1
Frame ID: 117A9319EF193AF014DB2D1086168030
Requests: 34 HTTP requests in this frame

Frame: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Frame ID: 2A8061BDCAAAB489AF995957B95C31C6
Requests: 58 HTTP requests in this frame

Frame: https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Frame ID: 5E6E6E51344734ECE6DED483D27F44F7
Requests: 46 HTTP requests in this frame

Frame: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Frame ID: 312334F170F5BE4CB02834B887779DED
Requests: 46 HTTP requests in this frame

Frame: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Frame ID: 19F203A46B1507E7929F416DABCDD876
Requests: 47 HTTP requests in this frame

Frame: https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Frame ID: DE4CB35367E25C19B55818C250E3C7AC
Requests: 46 HTTP requests in this frame

Frame: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Frame ID: A047D055EA8B710CED2E79880F4D16DE
Requests: 46 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=posting4profitnow.com&origin=onetag
Frame ID: 6F1CC425A2A013882FF5DB0C019AEE54
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=posting4profitnow.com&origin=onetag
Frame ID: DEBAD3B492AD216B1271587946EA83C5
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Frame ID: 394C561EE4758CAE17442A75652F0385
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=posting4profitnow.com&origin=onetag
Frame ID: 92E8F662CC34F18D2CF1382B916C4D27
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=posting4profitnow.com&origin=onetag
Frame ID: F8CFFA31CEC321C95132034775399425
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=posting4profitnow.com&origin=onetag
Frame ID: 22A8484F6D770FE874950C8AEB2AAE52
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=posting4profitnow.com&origin=onetag
Frame ID: F26B41C7FED2610978D64F2C19A5A7E9
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 1A3916AA5AEDB441DB6AEE0688B9959F
Requests: 5 HTTP requests in this frame

Frame: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-1_F-wPDDaHmphzx3-EDPscMMJ2wyYYEiEJmuhw
Frame ID: A05FF21AB6E019808BFF04B9FC2186AB
Requests: 30 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/397596.gif?partner_uid=6VvJFZpoEZUiM7AuQu8JLSLzHZFKIHIx
Frame ID: 15DC156E78EF272BBA595E200610916D
Requests: 30 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/397596.gif?partner_uid=RFShoctgniEiYTfHS3TS32xEPXL1qpfU
Frame ID: 2BC1FCC6EE6A8FBD46A59A5225D869FF
Requests: 30 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/397596.gif?partner_uid=WQs2UjqrH5x4GiWd9OQTOAp2a6SIqgGt
Frame ID: DB6AD1088AB636C93D02B8F07977014C
Requests: 30 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/397596.gif?partner_uid=oKUOC7tgH1vVGAvr3kDjQ1AcUFKC6wRs
Frame ID: B0180823DF7A760054FF5CE44031C239
Requests: 30 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/397596.gif?partner_uid=RpH3ncTKblLOO9DsNBGW4cv7hE_e7xxm
Frame ID: 4506E05D9E432FF6657858B86FD1B8E0
Requests: 30 HTTP requests in this frame

Screenshot

Page Title

Posting4ProfitNow - Online Course Rhonda Sheir

Page Statistics

712
Requests

87 %
HTTPS

43 %
IPv6

68
Domains

88
Subdomains

75
IPs

8
Countries

28769 kB
Transfer

105771 kB
Size

78
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://app.groovefunnels.com/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49 HTTP 302
  • https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Request Chain 68
  • https://app.groovefunnels.com/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M HTTP 302
  • https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Request Chain 70
  • https://app.groovefunnels.com/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN HTTP 302
  • https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Request Chain 72
  • https://app.groovefunnels.com/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb HTTP 302
  • https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Request Chain 74
  • https://app.groovefunnels.com/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY HTTP 302
  • https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Request Chain 76
  • https://app.groovefunnels.com/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8 HTTP 302
  • https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Request Chain 91
  • https://gitcdn.link/repo/lykmapipo/themify-icons/master/css/themify-icons.css HTTP 301
  • https://gitcdn.link/cdn/lykmapipo/themify-icons/9600186b24a7242f0e1e0a186983e6253301bb5d/css/themify-icons.css
Request Chain 167
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 340
  • https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=posting4profitnow.com&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=jyHkG3xjL0NTZ3VvNFByMVZqWGczVFpFSE05dEltcFhLS282a0ltVkdVTlpMT0JROStCN01ZUm5JeTVua09WL3ZSb0ZiMzBGOVExRThvdUxGT2h4T1Y2VXVaYUd1ZEFIZkRNOHowQm1HcmNTcFhFY0ZISHJ1cldCVTdnVnFoR01xRCt6ZE1vekY4TjdRd2JQVHZHY2ZCZ05GN0x0OFdxWGJjckpOOWJWZWEvRHZPVW1lTWFTalFOYVp4RFJTRXplMHJuVW9kakZhNFlxS21OeE9MVkw4OU8xVXcxOCtmUlEvdWJmOUo3dm5RTDE0Z2hFVTY4VWdGYWo2SHVmck4vNFR0Ym5rcHE4b3U4VDdXRnprbG9GSmF5M2d5MlpnYkJKMVRCemFRZ3hkeStsYjZoWT18&cppv=2
Request Chain 341
  • https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=posting4profitnow.com&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=qqfu1nxsQlBXVWdjT0xGeFRPbkZUZ2pPSXlIQkMzcjNhZzRndzZ0cFBYUkMraVMvbTZ6YzZTTGp5S0Y4M09lMjRVSmRBaDRkT05DbmtHaEoweU90Si9Lb3JUYmpnNHVpT3p5NklVVW5nZXpqSTlJQmpETzFKR0F0cko3NFl6T3paTXQvVnFYS0dNa3ZnZHJPTXltUytmZklac3liOTE1QXl4L2FVMCtKWGRBWGxJUkM0V1VDTTNhNkJVSnl2bGtlK1ZtMkUwWHhkakhaRWpVOTZtOU1sb0xqeFg5anFKWEd2OGJncXoxV05pSDU3OTZLclhqQWVURnM3Z1habzJDRTVKSmN4aWhWNGowWEFoeHdUTmh4aGFCWHJjMXlhZDVFc0JWa3FzR3NxL3E4WkxBVT18&cppv=2
Request Chain 352
  • https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=posting4profitnow.com&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=GfF8aXxXVHM5YkFkTjZ0OWd6Q0ZGOVEyKzF4eHR1Tm15YnowVnpnMVNNeGpRVnhyZE56TW5HTzZVSllVSExtSGNSMWRHRVprdFVVR0hHZmJleWI3VU52b0Z3SWI4NjFtQ24wRzIxeGROTmZTNk0wUURncit3eHpuNUU2NjlYUFl6K1p0WWV0cHpka2N0dGdYQnlTMkY2SENuY21sYTd1S2lIN3JrWGtkSGU5YTBXZ1RKUjRWd3Yybm5OMkhneFNMODBwc0FmNGtqZ2tKb2ZnNnk4MmZzWTRvbzJ0eWxKdHg0b244NTFYRjNPeEYwSnA4ZzA1c016TXNxMW1JTnRtS2xmWVpqQkVnRUtqenQvYVRocEZpSGJIejFycFBJeG9LSTg4R3ZPeDZVVkxhcTlmQT18&cppv=2
Request Chain 353
  • https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=posting4profitnow.com&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=r5W4vXw5NGo1UGRHYVZ6RjVhcW0rRDlTMzJyWFRWUzhHUGl0L3RhdXVQY3BrREV5M3gxZURwWVMvU2hWdVgvKzhiTmxxclpQQ21xODJ0SE5OVnp1TzVIUS9aZlpNcmFQdWw5emFtb1pOLzF6NmxqenJybHBzdDB2SVBMMlpoR2JlZ085dnBOUUF5bm5adW11L2R2ci80S1g5YkdrZW5kVTNCWEZwNUhjdUlSTXlGOTB2eFltT3VCc28vK21CcFlVWlZoNk5FYzY0OTlKYmVoRVdOVHN4R3RKTDh2UzJGcHhxYk1Iblh2a1E2K0xRb1E3bGNYeVduUHNhWnQ3ZmpGdGVPaDZwWHN5WmZQYmMxbHJLenA5YlBScWs5TnVSN1lYTzBTQjdGRGVXM0w0SlBpTT18&cppv=2
Request Chain 357
  • https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=posting4profitnow.com&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=u-BYTXxza3NhSVFPbXNWc2x3M2JiRGdXZzdMRFNmbit4RHpCU3dDbG5ZRzhGbDBReWhxRFVkRkZQNEpvcWl4WlJyaExVMktweVB1dHg2bTZxaiswNlBWRzVNM3R4WmpNTmRrZDFlbzh3Z3RVa0tzSWFOYWdILzdtT0JqU0NGNmZKTnRhRHFMaTA3TVFsTUxsNHFsSWlScDE2c1piNDV6STJMWE15bHU0NytvVUdRZU9sZWRsZjVRUFZDS1dGdGdoUTdObFNCWmhBMUlFZ1Rlb1g3T3dzSE1GLzBJK0JQeTRtVEhYbndYV3JLVWw0VXBzMFVNUVFsT2pWQkdFRUVobkRRd1J1dlJ5THA5V0NnaHhGay90NzlmNnBmazFOQ3FrbmVMUVdvTUphNm5ncGRSYz18&cppv=2
Request Chain 358
  • https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=posting4profitnow.com&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=KD75inwwV0VXQ2ZMb3dIVE9yQS8vUVphRzcxNHBXNHVQNVdNcGRqbDRUTDZFVDZGUlVQWTdDOU1xSkNEdEl0YmU4ZEhESUdqOXg0Z0tBSExMV2FtYm9QQWlqL3NaamY4aExDeDVqb2hNZVRYSnRCaGlZZm5qRFI1QkdoS0Z1VitYUFl2RElRT2lhbC9lNnR2WTF0d3pZc25FUXNITWwxenpaakp0STY2RGcvN0dvR2hFK1c2Z2t4NjdCZ2l6cjFtaFpiMnZGL2twdVoyUmIyUTg5Sy9BUWs5b3lUY2Rvb3dUU2JMd3ZoRmkrb3QxVlVkU3czSGRNUWdBN1Qxd1ZMbnJTSWJya3VrczVTaHRYWGFRRjdWM21wSjdDZnFMYnFRZ3NhSGgwVEZLQUw3SDBDMD18&cppv=2
Request Chain 378
  • https://sslwidget.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=vA0S-V93YTd4UWVpNElTTTRkVDYweTVtTWh2SnlIbHE3NDdhYVA3djJUZ2s1dmVMYVhiTGRROXN4MTBsbmJuclFHRXZZWjNlQVUzY2hSRTh5MGlBZFcwSGg5WXJDWGclMkI2NjhMV1Vab3pFUWo0S2taa1dwNFNFQU9ibHh1TlI4SkNCcEdnREdjVGt4TzRuajFQTGFtejlJN3U1JTJGUmFpZ0c3VnpyUW4zRm1JMEplVTdrJTNE&tld=app.groove.cm&dtycbr=85129 HTTP 302
  • https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=vA0S-V93YTd4UWVpNElTTTRkVDYweTVtTWh2SnlIbHE3NDdhYVA3djJUZ2s1dmVMYVhiTGRROXN4MTBsbmJuclFHRXZZWjNlQVUzY2hSRTh5MGlBZFcwSGg5WXJDWGclMkI2NjhMV1Vab3pFUWo0S2taa1dwNFNFQU9ibHh1TlI4SkNCcEdnREdjVGt4TzRuajFQTGFtejlJN3U1JTJGUmFpZ0c3VnpyUW4zRm1JMEplVTdrJTNE&tld=app.groove.cm&dtycbr=85129
Request Chain 379
  • https://sslwidget.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=ghQCsF9naDQ3RFVyYzNERUZ6TlBla1dKZGliRmxnOGpsd0d6akJaSWlvVlZ3aVBnVzRTWkc4OWhWeDViTTY2WXYlMkZTbjVDc0FuSTNaRUhhNGg1bDUlMkZhNXdJMHNFQ2JXaSUyRjM0Zk5Td0haN3NYMVZTJTJGOUxaJTJGJTJGWEpxTHNvSXdhT01GTWRBSUVndWFJUDl0NzFBcXRlMWVNMXg5ejJjR0IybENIbXd1d05hRHRpS2hLJTJCTSUzRA&tld=app.groove.cm&dtycbr=9944 HTTP 302
  • https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=ghQCsF9naDQ3RFVyYzNERUZ6TlBla1dKZGliRmxnOGpsd0d6akJaSWlvVlZ3aVBnVzRTWkc4OWhWeDViTTY2WXYlMkZTbjVDc0FuSTNaRUhhNGg1bDUlMkZhNXdJMHNFQ2JXaSUyRjM0Zk5Td0haN3NYMVZTJTJGOUxaJTJGJTJGWEpxTHNvSXdhT01GTWRBSUVndWFJUDl0NzFBcXRlMWVNMXg5ejJjR0IybENIbXd1d05hRHRpS2hLJTJCTSUzRA&tld=app.groove.cm&dtycbr=9944
Request Chain 380
  • https://sslwidget.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=jddwVV9WcVVMVm9HaHdsMHBwVFNmRzJacThvcEpERXNldUYzeEZtV1ppSyUyRm9qSW9QZEYlMkJNVnNIcmRtJTJGN0VOVTFLTjVTRWVLRVp2MGpyTU5GeEpiSTZjSXEwU2FVREdyYWMzTnFzR2hwU3VsdUc0MDJwUkJpN3hIMUklMkJqMFZRYVVxVVFYTWdZaDBNMFRBMEQ1czN0Q3JlZERGanBsV2RFY3FsYzZKTW55RGw4NEtUSSUzRA&tld=app.groove.cm&dtycbr=45736 HTTP 302
  • https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=jddwVV9WcVVMVm9HaHdsMHBwVFNmRzJacThvcEpERXNldUYzeEZtV1ppSyUyRm9qSW9QZEYlMkJNVnNIcmRtJTJGN0VOVTFLTjVTRWVLRVp2MGpyTU5GeEpiSTZjSXEwU2FVREdyYWMzTnFzR2hwU3VsdUc0MDJwUkJpN3hIMUklMkJqMFZRYVVxVVFYTWdZaDBNMFRBMEQ1czN0Q3JlZERGanBsV2RFY3FsYzZKTW55RGw4NEtUSSUzRA&tld=app.groove.cm&dtycbr=45736
Request Chain 381
  • https://sslwidget.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=ffvOpl9hJTJCWDVvVzF6YXlkVmM4M0JXSllsQUsxVmVWJTJCUnNpREViRWo2dUJpcGpwZ3VOaGNNOWoxZlQwS3l6TWRkczhjeko0anlyZGREMVNMNWkzekhjN0JjYTB1TmxxejVlWCUyQnhqTW94VHFyRUhKRGJ6TXlsJTJCd0tpVmh2NGZFM0JNd3ZUcXZBWEJnZW4ycjc4ckZGVVVPQXMlMkZWWjBvdjRwcHJjVXFPeXR2ZGZwRWdvJTNE&tld=app.groove.cm&dtycbr=15067 HTTP 302
  • https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=ffvOpl9hJTJCWDVvVzF6YXlkVmM4M0JXSllsQUsxVmVWJTJCUnNpREViRWo2dUJpcGpwZ3VOaGNNOWoxZlQwS3l6TWRkczhjeko0anlyZGREMVNMNWkzekhjN0JjYTB1TmxxejVlWCUyQnhqTW94VHFyRUhKRGJ6TXlsJTJCd0tpVmh2NGZFM0JNd3ZUcXZBWEJnZW4ycjc4ckZGVVVPQXMlMkZWWjBvdjRwcHJjVXFPeXR2ZGZwRWdvJTNE&tld=app.groove.cm&dtycbr=15067
Request Chain 382
  • https://sslwidget.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=FmZDVV9ZdkRVejY4OFNHYyUyQkdkWm5mb1ZETldxRk8lMkYwNDFFZkdDZUZyN25vY2lERkp4N3NmVENnYU1VOFpGVWpVc3NrSVBhaDhod2Z6V1olMkZpS0FYTnNqaWx0ZkhUQWlaSyUyRms4QVFYRm9EYU1JUHdhc24zenU3TmNvck1idlV2b0kxc3RMU2M2SlRXUVFIS0RnbktMZ3d1WEU4RzJiamVDeW5PMXBHaDNUTHJzdkxUVSUzRA&tld=app.groove.cm&dtycbr=60617 HTTP 302
  • https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=FmZDVV9ZdkRVejY4OFNHYyUyQkdkWm5mb1ZETldxRk8lMkYwNDFFZkdDZUZyN25vY2lERkp4N3NmVENnYU1VOFpGVWpVc3NrSVBhaDhod2Z6V1olMkZpS0FYTnNqaWx0ZkhUQWlaSyUyRms4QVFYRm9EYU1JUHdhc24zenU3TmNvck1idlV2b0kxc3RMU2M2SlRXUVFIS0RnbktMZ3d1WEU4RzJiamVDeW5PMXBHaDNUTHJzdkxUVSUzRA&tld=app.groove.cm&dtycbr=60617
Request Chain 383
  • https://sslwidget.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=wjY6ml9zJTJGNldHUnYzN1k3c0FVTjNpaTBaJTJCUWJBR2ZKQjdMbk1QN2wzSUpnRzNUeXl3QWJLTVU4aTZvRkdrOXdQdkE1OUd2d0pKb3c1SGtVWVA2WEhpbXRXSmxSTVhKNjZETlFsSE8lMkI3ZmttZExWZ0I5ciUyRnJLdzJ4cFFlOXJXNDlMb1NGcSUyQnFNNWRFWXlIRUtEdlJ3N1pHN2M5dXBhbUVKOUw2Q2lwSU51Y0clMkJEMWclM0Q&tld=app.groove.cm&dtycbr=56008 HTTP 302
  • https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=wjY6ml9zJTJGNldHUnYzN1k3c0FVTjNpaTBaJTJCUWJBR2ZKQjdMbk1QN2wzSUpnRzNUeXl3QWJLTVU4aTZvRkdrOXdQdkE1OUd2d0pKb3c1SGtVWVA2WEhpbXRXSmxSTVhKNjZETlFsSE8lMkI3ZmttZExWZ0I5ciUyRnJLdzJ4cFFlOXJXNDlMb1NGcSUyQnFNNWRFWXlIRUtEdlJ3N1pHN2M5dXBhbUVKOUw2Q2lwSU51Y0clMkJEMWclM0Q&tld=app.groove.cm&dtycbr=56008
Request Chain 488
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397596.gif?partner_uid=NbE6oXP6ueaWUIf2wzhyc_wdpFwqMk8U
Request Chain 489
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay04M1Vmd3ZERGFIbXBoengzLUVEUHNjTU1KMnc4ci1rNVRFc2NpQQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 490
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&custom=&tag_format=img&tag_action=sync&custom=&cb=39119344-2bd5-4ed0-a5f8-964418dc5aa6 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=39119344-2bd5-4ed0-a5f8-964418dc5aa6&final=true&reqid=cff1ecf0-56e9-11ec-8a42-672da2a98bfa&timestamp=2021-12-06T23%3A11%3A15.775Z
Request Chain 491
  • https://cm.mgid.com/m?cdsp=617660&c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA HTTP 307
  • https://cm.mgid.com/m?c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&cdsp=617660&sct=1
Request Chain 497
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-b4tNw_DDaHmphzx3-EDPscMMJ2yshooaA3SwaQ HTTP 307
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-b4tNw_DDaHmphzx3-EDPscMMJ2yshooaA3SwaQ&cookieRequired=true
Request Chain 505
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA&C=1
Request Chain 506
  • https://pixel.advertising.com/ups/55945/sync?uid=k-jQZY_vDDaHmphzx3-EDPscMMJ2wAn0deCThEpw&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55945/sync?uid=k-jQZY_vDDaHmphzx3-EDPscMMJ2wAn0deCThEpw&_origin=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-jQZY_vDDaHmphzx3-EDPscMMJ2wAn0deCThEpw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
Request Chain 515
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397596.gif?partner_uid=6VvJFZpoEZUiM7AuQu8JLSLzHZFKIHIx
Request Chain 516
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay04M1Vmd3ZERGFIbXBoengzLUVEUHNjTU1KMnc4ci1rNVRFc2NpQQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 517
  • https://cm.mgid.com/m?cdsp=617660&c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA HTTP 307
  • https://cm.mgid.com/m?c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&cdsp=617660&sct=1
Request Chain 524
  • https://secure.adnxs.com/setuid?entity=52&code=k-VRW-4fDDaHmphzx3-EDPscMMJ2wXn8SENDwQAg&seg=95287 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-VRW-4fDDaHmphzx3-EDPscMMJ2wXn8SENDwQAg%26seg%3D95287
Request Chain 526
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-IHfF0vDDaHmphzx3-EDPscMMJ2ze6_ZoSbLTNA&dongle=013b HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-IHfF0vDDaHmphzx3-EDPscMMJ2ze6_ZoSbLTNA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Request Chain 528
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA&C=1
Request Chain 538
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jvwCv_DDaHmphzx3-EDPscMMJ2wh8Yutyt5n_g HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jvwCv_DDaHmphzx3-EDPscMMJ2wh8Yutyt5n_g
Request Chain 539
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg HTTP 303
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg&_li_chk=true&previous_uuid=63111467f40f4fec99df663a2742efd3 HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
Request Chain 541
  • https://pixel.advertising.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
Request Chain 543
  • https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-C04Ac_DDaHmphzx3-EDPscMMJ2zZ3wr9oHvjxw&redirectId=69 HTTP 302
  • https://cdn.stickyadstv.com/one-shot/empty.gif
Request Chain 544
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397596.gif?partner_uid=RFShoctgniEiYTfHS3TS32xEPXL1qpfU
Request Chain 545
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay04M1Vmd3ZERGFIbXBoengzLUVEUHNjTU1KMnc4ci1rNVRFc2NpQQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 546
  • https://cm.mgid.com/m?cdsp=617660&c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA HTTP 307
  • https://cm.mgid.com/m?c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&cdsp=617660&sct=1
Request Chain 552
  • https://secure.adnxs.com/setuid?entity=52&code=k-VRW-4fDDaHmphzx3-EDPscMMJ2wXn8SENDwQAg&seg=95287 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-VRW-4fDDaHmphzx3-EDPscMMJ2wXn8SENDwQAg%26seg%3D95287
Request Chain 554
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-IHfF0vDDaHmphzx3-EDPscMMJ2ze6_ZoSbLTNA&dongle=013b HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-IHfF0vDDaHmphzx3-EDPscMMJ2ze6_ZoSbLTNA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Request Chain 556
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA&C=1
Request Chain 558
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-cTtojPDDaHmphzx3-EDPscMMJ2xC6o945sFeXA&expires=30&user_group=5 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-cTtojPDDaHmphzx3-EDPscMMJ2xC6o945sFeXA&expires=30&user_group=5
Request Chain 564
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jvwCv_DDaHmphzx3-EDPscMMJ2wh8Yutyt5n_g HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jvwCv_DDaHmphzx3-EDPscMMJ2wh8Yutyt5n_g
Request Chain 565
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg HTTP 303
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg&_li_chk=true&previous_uuid=2e9c8545b66f4139a04b5b1e1eab31f1 HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
Request Chain 567
  • https://pixel.advertising.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
Request Chain 569
  • https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-C04Ac_DDaHmphzx3-EDPscMMJ2zZ3wr9oHvjxw&redirectId=69 HTTP 302
  • https://cdn.stickyadstv.com/one-shot/empty.gif
Request Chain 585
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
Request Chain 586
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=LLiRQVCTtFWOTIKg_kRKL_2C4AFhwJ-e
Request Chain 588
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397596.gif?partner_uid=WQs2UjqrH5x4GiWd9OQTOAp2a6SIqgGt
Request Chain 589
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay04M1Vmd3ZERGFIbXBoengzLUVEUHNjTU1KMnc4ci1rNVRFc2NpQQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 606
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jvwCv_DDaHmphzx3-EDPscMMJ2wh8Yutyt5n_g HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jvwCv_DDaHmphzx3-EDPscMMJ2wh8Yutyt5n_g
Request Chain 607
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg HTTP 303
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg&_li_chk=true&previous_uuid=fc507cf909d646538463df56401eefd9 HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
Request Chain 609
  • https://pixel.advertising.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
Request Chain 611
  • https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-C04Ac_DDaHmphzx3-EDPscMMJ2zZ3wr9oHvjxw&redirectId=69 HTTP 302
  • https://cdn.stickyadstv.com/one-shot/empty.gif
Request Chain 621
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
Request Chain 622
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
Request Chain 623
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
Request Chain 629
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397596.gif?partner_uid=oKUOC7tgH1vVGAvr3kDjQ1AcUFKC6wRs
Request Chain 630
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay04M1Vmd3ZERGFIbXBoengzLUVEUHNjTU1KMnc4ci1rNVRFc2NpQQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 646
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg HTTP 303
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg&_li_chk=true&previous_uuid=80d121be748c4e44aae6a1bc1ba2a127 HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
Request Chain 649
  • https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-C04Ac_DDaHmphzx3-EDPscMMJ2zZ3wr9oHvjxw&redirectId=69 HTTP 302
  • https://cdn.stickyadstv.com/one-shot/empty.gif
Request Chain 656
  • https://pixel.advertising.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
Request Chain 657
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397596.gif?partner_uid=RpH3ncTKblLOO9DsNBGW4cv7hE_e7xxm
Request Chain 658
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay04M1Vmd3ZERGFIbXBoengzLUVEUHNjTU1KMnc4ci1rNVRFc2NpQQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 678
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg HTTP 303
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg&_li_chk=true&previous_uuid=f827bae69b004116af786208969438bb HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
Request Chain 680
  • https://pixel.advertising.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
Request Chain 682
  • https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-C04Ac_DDaHmphzx3-EDPscMMJ2zZ3wr9oHvjxw&redirectId=69 HTTP 302
  • https://cdn.stickyadstv.com/one-shot/empty.gif
Request Chain 685
  • https://pixel.advertising.com/ups/55945/sync?uid=k-m4THKfDDaHmphzx3-EDPscMMJ2yQB5NHTVF01Q&_origin=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-m4THKfDDaHmphzx3-EDPscMMJ2yQB5NHTVF01Q&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
Request Chain 690
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
Request Chain 697
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
Request Chain 703
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=OhUaM8k4TdaZyS7E1cB4GTMrQ9L81uJr

712 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
posting4profitnow.com/
673 KB
88 KB
Document
General
Full URL
https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:7d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f45e784f99c68c16018fea1b2bdb6aca693cf80c5a89d90666f38480b4e61ca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
content-type
text/html
last-modified
Mon, 06 Dec 2021 22:42:34 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvaX6ZaB%2FUjSYFSIAwfvXomV74IoNnpLuPHjEihJ9dcous52%2F8s1vZTC%2Flr085knVfVlVbs5%2B77yCrBCCN%2FZtpmZ9I1aP8g20rVTGu2g0jpRvqJhaHvCjnIyP8gfzCz5sxoV%2B3eNF5epxOphEmzvtyOOqPY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b993110394159e9-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css2
fonts.googleapis.com/
714 KB
137 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f05db6aee4045654ed90e8a6f87e7d703f326ede4af5e72737a30463b572b76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 22:50:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 23:11:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 23:11:09 GMT
inpage_published.css
app.groove.cm/groovepages/css/
376 KB
54 KB
Stylesheet
General
Full URL
https://app.groove.cm/groovepages/css/inpage_published.css
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
674c54a80e8101724b4f692785cc009918c079cc7fc313cd3a4e545bb677ebe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:14:24 GMT
server
cloudflare
age
917
etag
W/"61ae1ac0-5e17e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4jH5rt1zuMvRKr8beC4QgjZc7%2BWmc9RCII3gBzE1FzQOcQcXiEG08BTiB1J6kjqE%2Fs1nX%2FdrywqoqX3AZ04VHZtPrU0Kh%2BQn3FJO2HkFM0BdJdEjjpRXpRzkRJmfaiXbA2ShVrsYc0wDm6P"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b9931122baa4dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
chunk-vendors.css
app.groove.cm/groovepages/css/
0
0
Stylesheet
General
Full URL
https://app.groove.cm/groovepages/css/chunk-vendors.css
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

e7647a48d4.js
kit.fontawesome.com/
11 KB
4 KB
Script
General
Full URL
https://kit.fontawesome.com/e7647a48d4.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a7249a1f634a0ecfc772e774a158a0ab74c354609558c382b130bf37a91b346
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://posting4profitnow.com/
Origin
https://posting4profitnow.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, public, must-revalidate
strict-transport-security
max-age=31536000; preload
cf-ray
6b993112390659d1-MXP
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
Fr5NRBRU4oOkSdTkBNLh
51411
tracking.groovesell.com/salespage/tracking/
43 B
598 B
Image
General
Full URL
https://tracking.groovesell.com/salespage/tracking/51411
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33-42+ubuntu20.04.1+deb.sury.org+1
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.1.33-42+ubuntu20.04.1+deb.sury.org+1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
must-revalidate, no-cache, no-store, private
cf-ray
6b993113efc95995-MXP
content-length
43
app.js
proof.groovesell.com/proofembed/js/
1 MB
184 KB
Script
General
Full URL
https://proof.groovesell.com/proofembed/js/app.js?n=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ce4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61bcb49e0e5eeb7c6756111054b15c9e9b8d3917396573a73165060b6319ad13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 20 Nov 2021 21:53:25 GMT
server
cloudflare
age
5056
etag
"126018-5d13f6bcc9b9d-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
6b993113da620e16-MXP
expires
Tue, 07 Dec 2021 03:11:09 GMT
css2
fonts.googleapis.com/
695 KB
136 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,700;0,900;1,400&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovepages/css/inpage_published.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
35af9a27f80bffb6417fa2de898eb862ffb73c5294eaae895326c1e9065dc898
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 23:11:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 23:11:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 23:11:09 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/
59 KB
13 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=e7647a48d4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
via
1.1 75606caa7122049e455c8f29e5ce11c7.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP64-C1
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uynfgdNCcAPU27fY1FfJ%2Fny5soEuAU0ylh2X46LMmxo%2FnEvDtvVzJ%2BdRaJflocXr7bekSJbQa57qbUbFlK1oOmH9Cw4BAHvb7Nn07KpcbgduU1fs5jPQCbWSEgP34S8NKya7FO7HoG5O4scK2Ynbq4yQ6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6b993113eebf83a8-MXP
access-control-allow-headers
fa-kit-token
x-amz-cf-id
QxcAdJ2-hp4SAd7g3pp-FAZHwZ8yT8P8qy_QolBzKUjS9UZ-ANhVHg==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/
26 KB
5 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=e7647a48d4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
via
1.1 d952e65bda0e6131468d44ec8b072180.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP64-C1
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bhncmGGxngGDaNbVeiblx7T6G%2BFFe3rZ%2FwjUzXSgXk%2B0q9lg4oH9%2BhOVsGSU%2BNSSLOzall2%2FpvhGUjE7TdORrZxJNpmTvCKSs2nzEoUvTlhzNhYRUy%2BVjSWiSIHCHICfqfcN%2F8n%2FaerATCXO4R5I%2FQOHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6b993113eec083a8-MXP
access-control-allow-headers
fa-kit-token
x-amz-cf-id
ywZI0WNCzkqfxrziS05gigDJh9lKp-QaaE1jKqKlhQrxXwd1Nxk_Dg==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/
3 KB
2 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=e7647a48d4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
via
1.1 7a06a73d3c4d9b2940678fa230525001.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP64-C1
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lENNyTq2oKhfl9bKPnQEHSyGoqCZeYIVcBoT3tFAzfh8Wl9sCIa1vYQXVmJ6b4aQxojOEx48dfDi6WaJEaa%2BDPR9Pcq3JdYwqAGg1mPxet60MEOdVngs8otpHoxqlYdHBG2VRtuRHXlLF03Fy6%2BvNhQv6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6b993113eec183a8-MXP
access-control-allow-headers
fa-kit-token
x-amz-cf-id
2Q9zcpfuiuVRfcf8afNqdELBK8OGkjbnYuY_UOag5-IR5lUT-wPvXw==
matomo.js
matomo.groovetech.io/
100 KB
32 KB
Script
General
Full URL
https://matomo.groovetech.io/matomo.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 Laval, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 /
Resource Hash
68fed142b211b51c4d2e9b610dd4d09bc4812739b5beaa63535d88e38e90a946

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
content-encoding
gzip
last-modified
Tue, 21 Jul 2020 21:11:02 GMT
server
nginx/1.19.2
etag
"19167-5aafa0f820d0f-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
32444
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://posting4profitnow.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 13:52:02 GMT
x-content-type-options
nosniff
age
292747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 03 Dec 2022 13:52:02 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3048401
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JciYj3HIxa%2Bw0luc%2FhvFidh2xauoq2QzFCD3hIX%2BdPEXiFzk%2FcRexxUgnJzbUj%2FtGzghP8tScgvDTi01U%2BJtLJMsdgpgQH1wLfsNXJlXkoMUifwL0ektQ4jfoNHw3wuBCsAh7e373cJZMFAPubyG36M"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b993114a9fc0f7e-MXP
expires
Sat, 26 Nov 2022 23:11:09 GMT
css2
fonts.googleapis.com/
709 KB
136 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09beb243bc525f7408a734441a247a66b49e2dfec0c93c408a481d032f28da7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 23:11:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 23:11:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 23:11:09 GMT
v4fHr1FHWcRu
v1.gdapis.com/api/groovesell/get-proof-widget/
492 B
1 KB
XHR
General
Full URL
https://v1.gdapis.com/api/groovesell/get-proof-widget/v4fHr1FHWcRu
Requested by
Host: proof.groovesell.com
URL: https://proof.groovesell.com/proofembed/js/app.js?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
aeb8be443d15d89fe2d2200d261cec21470952b0d7799d821f435778036eb0d6

Request headers

Accept
application/json, text/plain, */*
Referer
https://posting4profitnow.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.24
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
599
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TI0%2BB3oWb%2FStEUWcsDEFfBQQ3Zp5emTZJ4PmdDldVjFgTKHqMW1cYoVeFdL5tRMnarCtBQ%2B%2FvIDywEirCizQnVLqqpqc8Sm0YvblE4D%2BrB0iRNVlk027yXE8TGchFK7v0y9MBrQwHbh0FwFE"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6b9931151d8c5a37-MXP
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v20/
35 KB
35 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v20/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f13665e8ba61f667b58de7b04ac6e7bcb8f2095933fa301675fc0abc5bae66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://posting4profitnow.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 21:25:26 GMT
x-content-type-options
nosniff
age
524743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35928
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 20:53:46 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 21:25:26 GMT
countdown-lib.web.js
assets.grooveapps.com/plugins/
8 KB
4 KB
Script
General
Full URL
https://assets.grooveapps.com/plugins/countdown-lib.web.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd14a6dddb1f04c09ec74fa2cb7da24d2d34d95291ec2855da3a88ddc9e5b3a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
content-encoding
br
cf-cache-status
MISS
x-guploader-uploadid
ADPycdvBF1e7RW-JIGIxF639-SmBqQge8LqbDiAJh_RKNX86nMMDyjUSENS4C8WY672Vbd3qNA98_JbmnDVmmo9v9xc
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Fri, 03 Dec 2021 15:20:20 GMT
server
cloudflare
etag
W/"598a1aa9a83fc61d9a6b003923370a96"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=c0nx2w==, md5=WYoaqag/xh2aawA5IzcKlg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1638544820641874
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
8440
cf-ray
6b993114fce04339-FRA
expires
Tue, 06 Dec 2022 23:11:09 GMT
app.js
posting4profitnow.groovesell.com/embed/js/
1 MB
188 KB
Script
General
Full URL
https://posting4profitnow.groovesell.com/embed/js/app.js?n=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ce4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc1f81962975fa38dcbd3ffd82822ccbc2c6737f14ff9fa7b3770fdf0cd92f91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 20 Nov 2021 21:53:25 GMT
server
cloudflare
etag
"128986-5d13f6bcc4d7c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
6b993114ebcb0e16-MXP
expires
Tue, 07 Dec 2021 03:11:09 GMT
1626860805_Line.png
assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/
902 B
1 KB
Image
General
Full URL
https://assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/1626860805_Line.png
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80ad2515a632f3ba0837f6f54a10919e138694e485e0d93516e79dd4f93293cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=2602
x-guploader-uploadid
ADPycduovfDAznYjvMFHwBrK0JJ-_7i2XrvB6E9qMWC8nQcXLMJFdeTJYzJEAJSoUyNZuNM4SNd1HkJQ6gOUt65yf4A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1626860805_Line.webp"
content-type
image/webp
content-length
902
expires
Tue, 07 Dec 2021 03:11:09 GMT
last-modified
Wed, 21 Jul 2021 09:46:46 GMT
server
cloudflare
etag
"8cee569779c11faa075f077e55a5d777"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=+axBZQ==, md5=jO5Wl3nBH6oHXwd+VaXXdw==
x-goog-generation
1626860806081001
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
2602
accept-ranges
bytes
cf-ray
6b993114fce34339-FRA
cf-bgj
imgq:85,h2pri
1638745895_Overview-min.png
assets.grooveapps.com/images/5ef02765e1ce590013d90067/
960 KB
961 KB
Image
General
Full URL
https://assets.grooveapps.com/images/5ef02765e1ce590013d90067/1638745895_Overview-min.png
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab59b1ab6cc029da3bac5141e8f11980854466ff57b2be6109cdd40a491cc277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdsVmbYxN8FoyeP06H6QfPhSgBcClxMbY-JUCclU0hXzHo52cG7GF_xSNKxqZ0SKGKCflzTsm66JKyAkE6-Q9w4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
982948
last-modified
Sun, 05 Dec 2021 23:11:35 GMT
server
cloudflare
etag
"a09351b202363b0fb40ca953beb1da18"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=PmdRkQ==, md5=oJNRsgI2Ow+0DKlTvrHaGA==
x-goog-generation
1638745895688809
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
982948
accept-ranges
bytes
cf-ray
6b993114fce54339-FRA
expires
Tue, 07 Dec 2021 03:11:09 GMT
1626863712_1625600918_Paypal-card-light@2x.png
assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/
2 KB
3 KB
Image
General
Full URL
https://assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/1626863712_1625600918_Paypal-card-light@2x.png
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdd4dfc8ac108d5ab8f4f7d3083621c2c1c6986a2056d5aca70a2120329eed54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
cf-cache-status
HIT
age
1307
cf-polished
origFmt=png, origSize=3169
x-guploader-uploadid
ADPycdvM0hZXwzvglaUjsM6BUIi9SpPUsQw0Iljua3TQlxgUgyE0ODPsrDloFJWrhPPs2--DGCR_wI6P0FsqBnbiDAJFjgfJKw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1626863712_1625600918_Paypal-card-light@2x.webp"
content-type
image/webp
content-length
2234
expires
Tue, 07 Dec 2021 03:11:09 GMT
last-modified
Wed, 21 Jul 2021 10:35:12 GMT
server
cloudflare
etag
"3bee56fb034db7c92128650e6913ab54"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=/3JDrg==, md5=O+5W+wNNt8khKGUOaROrVA==
x-goog-generation
1626863712310105
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
3169
accept-ranges
bytes
cf-ray
6b993114fce74339-FRA
cf-bgj
imgq:85,h2pri
1626863815_1625600980_Visa-card-light@2x.png
assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/
3 KB
3 KB
Image
General
Full URL
https://assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/1626863815_1625600980_Visa-card-light@2x.png
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a2f5170e220b04696e924807efec37215a932d0c6862d23aad231cf5d724a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdsXA-5vqosyvZ1JxfKdegodw6HcGEkE7LNYgunDAG02OsZ4FfDH_1ODwsgpp6Kt_YSj-gnA1ZWooo990AnuMnI
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
3155
last-modified
Wed, 21 Jul 2021 10:36:56 GMT
server
cloudflare
etag
"3bfc98663a2f2193967e1ebbb0c1cee6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=XyFf9w==, md5=O/yYZjovIZOWfh67sMHO5g==
x-goog-generation
1626863816054666
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
3155
accept-ranges
bytes
cf-ray
6b993114fce94339-FRA
expires
Tue, 07 Dec 2021 03:11:09 GMT
1626863823_1625601017_MasterCard-light@2x.png
assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/
6 KB
7 KB
Image
General
Full URL
https://assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/1626863823_1625601017_MasterCard-light@2x.png
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a8ff2bfb19b26a3a78fc00836753ee76bbdfdad6261861e28dc3c8cc394881c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycds9TfUleKfUIOsRszSvKalcO-Q2OA5GIssgdnw3poMrSLvHB62Nu-JFKT6Fm1xrWQzUbJXV6i9DqHKrwLlVw1M
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
6524
last-modified
Wed, 21 Jul 2021 10:37:04 GMT
server
cloudflare
etag
"b764f4b1a1037676a4adcea5177c2dd4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=VR6uCg==, md5=t2T0saEDdnakrc6lF3wt1A==
x-goog-generation
1626863824220045
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
6524
accept-ranges
bytes
cf-ray
6b993114fceb4339-FRA
expires
Tue, 07 Dec 2021 03:11:09 GMT
1626863827_1625601109_AmericanExpress-light@2x.png
assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/
4 KB
5 KB
Image
General
Full URL
https://assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/1626863827_1625601109_AmericanExpress-light@2x.png
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57487b63a88922427ffe1f85fae766e1b7869e41f644695b667d819df4b689c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdtg2DHm8p0Go5VeYa59U0ovdPzsizrhsCBiddqYc5rEk9eNaGZW9dpYburijfUBQuf518fAKqKDkEPmNKmuYwY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
4244
last-modified
Wed, 21 Jul 2021 10:37:08 GMT
server
cloudflare
etag
"7a1d834c06adbb04352c5f61afd59ac0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=USPxKA==, md5=eh2DTAatuwQ1LF9hr9WawA==
x-goog-generation
1626863828121968
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
4244
accept-ranges
bytes
cf-ray
6b993114fcef4339-FRA
expires
Tue, 07 Dec 2021 03:11:09 GMT
1626863831_1625601287_Discover-card-light@2x.png
assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/
4 KB
4 KB
Image
General
Full URL
https://assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/1626863831_1625601287_Discover-card-light@2x.png
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb26ba8466692013b851804e166293acdc65b9282524aea0109e4b15f80da96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycduAoYAZFuTFqwhUeT6wFbk7NKr4KWwYHJqpYAq4xfkEB-4OMf7q7oO_JReHBKhAHlG2nf67pZUM5763u69kvYOFOq_UJQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
3870
last-modified
Wed, 21 Jul 2021 10:37:11 GMT
server
cloudflare
etag
"7c5e61587680658b56121d0730ac1ee1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=tFWM/A==, md5=fF5hWHaAZYtWEh0HMKwe4Q==
x-goog-generation
1626863831761137
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
3870
accept-ranges
bytes
cf-ray
6b9931150cf84339-FRA
expires
Tue, 07 Dec 2021 03:11:09 GMT
app.js
widget.groovevideo.com/widget/
308 KB
309 KB
Script
General
Full URL
https://widget.groovevideo.com/widget/app.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b200:b:d801:7900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85a2384595926a0d1306834e955dceff74b539d22f78e06a276c3c6c5d8a09cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 03:58:18 GMT
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
last-modified
Tue, 23 Nov 2021 13:48:27 GMT
server
AmazonS3
age
69172
etag
"c720b112e41afb0ce50f2715cd52d83b"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
315185
x-amz-cf-id
JzDR1HhNvr70cEGrtTCuWZnMQRrN1cD9MLgyQq99KJJocnF8NjoHbg==
1600418807_Group%206.png
assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/
970 B
1 KB
Image
General
Full URL
https://assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/1600418807_Group%206.png
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c66642179d9eb50a18dc0356926b6d045f7ecfaccb66a0dc7dfbf398ee06c78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
cf-cache-status
HIT
age
2027
cf-polished
origFmt=png, origSize=2894
x-guploader-uploadid
ADPycdvzH2EIV-lIw8glY4X6cBgRrW58T2qgAFdjdTcKmGWg8qKDyL1JWuq5af6vBLuIXY2H2Wrh3-OoQvcC4t_uMkQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1600418807_Group%206.webp"
content-length
970
cf-ray
6b9931150cf94339-FRA
expires
Tue, 07 Dec 2021 03:11:09 GMT
last-modified
Fri, 18 Sep 2020 08:46:47 GMT
server
cloudflare
etag
"09e3e864f993313753f891baa1d701bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=Uuq89Q==, md5=CePoZPmTMTdT+JG6odcBvQ==
x-goog-generation
1600418807719885
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
2894
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
1638745822_Picture5-removebg-preview.png
assets.grooveapps.com/images/5ef02765e1ce590013d90067/
186 KB
186 KB
Image
General
Full URL
https://assets.grooveapps.com/images/5ef02765e1ce590013d90067/1638745822_Picture5-removebg-preview.png
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
458692a3d91886d83b287a433c5b536bb7aadf55de38d91b53e6915cbf90543b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdsexSFz8bbvQZMzWsJU32ayyc7lrVhDlIE7F9v5NKPpjV_W1slX5KCV3XfYNG55SU_tCnY3olBXgcQFYSZ7ll4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
190446
last-modified
Sun, 05 Dec 2021 23:10:22 GMT
server
cloudflare
etag
"2fea6f27beeb0e63be9b67aac152d675"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=BJnPGA==, md5=L+pvJ77rDmO+m2eqwVLWdQ==
x-goog-generation
1638745822388833
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
190446
accept-ranges
bytes
cf-ray
6b9931150cfa4339-FRA
expires
Tue, 07 Dec 2021 03:11:09 GMT
1631375771_SG.jpeg
assets.grooveapps.com/images/5ef02765e1ce590013d90067/
24 KB
25 KB
Image
General
Full URL
https://assets.grooveapps.com/images/5ef02765e1ce590013d90067/1631375771_SG.jpeg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b8978faf7eed6722bd148468c7f5f6a9cedfabbd4282652d0e7629222a79c55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdvGd7JdNK57PY1o0nH3qmkUIxthpLtwW4DGHbFkxnyphlch7RRniiufuECM2kK3s8pg0-h1hNKHh7nKbI8zTOM
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
25018
last-modified
Sat, 11 Sep 2021 15:56:11 GMT
server
cloudflare
etag
"c8f160866c0c83d8fae76951ce51c123"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=JlR1eA==, md5=yPFghmwMg9j652lRzlHBIw==
x-goog-generation
1631375771754638
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
25018
accept-ranges
bytes
cf-ray
6b9931150cfb4339-FRA
expires
Tue, 07 Dec 2021 03:11:09 GMT
1631375806_AC.jpeg
assets.grooveapps.com/images/5ef02765e1ce590013d90067/
23 KB
24 KB
Image
General
Full URL
https://assets.grooveapps.com/images/5ef02765e1ce590013d90067/1631375806_AC.jpeg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc79d5f36badeb299e770c10eb24c43088005cb12971346463daea56aaed0391

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdto_2FsH4dlWyaMGLj9hrprJGVMfyxrxC5xj3EVQNesVtJCwhxwiq21w56BdOCy5RvwEcBXLCeOpsgMQ7HvFJw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
23811
last-modified
Sat, 11 Sep 2021 15:56:46 GMT
server
cloudflare
etag
"06442064d8b5601171edeb91c69b4421"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=kSTbXg==, md5=BkQgZNi1YBFx7euRxptEIQ==
x-goog-generation
1631375806613984
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
23811
accept-ranges
bytes
cf-ray
6b9931150cfc4339-FRA
expires
Tue, 07 Dec 2021 03:11:09 GMT
1631375840_JD.jpeg
assets.grooveapps.com/images/5ef02765e1ce590013d90067/
28 KB
28 KB
Image
General
Full URL
https://assets.grooveapps.com/images/5ef02765e1ce590013d90067/1631375840_JD.jpeg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
688be2f424e60178801b24c2e81b5fd6e73a94f15355946d444e6dea987618f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdsU9PJa4Cj2DdPtcR3AWoJQJanje1wd65e6wbeAJ2OFc7VCzcvjmuKgaSL_H8N1lWisNh1g1gXLC_l1rQ9m6ncYQvvHhQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
28406
last-modified
Sat, 11 Sep 2021 15:57:20 GMT
server
cloudflare
etag
"e347c700d7d6a821f3a8394a6204dbcd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=yzdLiQ==, md5=40fHANfWqCHzqDlKYgTbzQ==
x-goog-generation
1631375840562599
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
28406
accept-ranges
bytes
cf-ray
6b9931150cfd4339-FRA
expires
Tue, 07 Dec 2021 03:11:09 GMT
1631375878_ToB.jpeg
assets.grooveapps.com/images/5ef02765e1ce590013d90067/
27 KB
27 KB
Image
General
Full URL
https://assets.grooveapps.com/images/5ef02765e1ce590013d90067/1631375878_ToB.jpeg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0985da82ccdc18d43f21767b56b9d399a2199213bf1b16a0800fb359ebf082a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdu7-h44MtxQiT_qHGCYFkWpXNsv3jaHX1NlxfLN-u0eQTg262D9hdamqtn2kjCnIE1Bz8ubi5BaHVeEYp4W6T0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
27726
last-modified
Sat, 11 Sep 2021 15:57:58 GMT
server
cloudflare
etag
"9644e51fa3250d219d5ce53ee262f44f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=bCx34A==, md5=lkTlH6MlDSGdXOU+4mL0Tw==
x-goog-generation
1631375878788225
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
27726
accept-ranges
bytes
cf-ray
6b9931150d004339-FRA
expires
Tue, 07 Dec 2021 03:11:10 GMT
slider-lib.web.js
assets.grooveapps.com/plugins/
186 KB
52 KB
Script
General
Full URL
https://assets.grooveapps.com/plugins/slider-lib.web.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69bf0e8b906adbf76c8847fd208a6c25ef4f2d4ad6dd1613ca6d2a4e91f1890d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
content-encoding
br
cf-cache-status
MISS
x-guploader-uploadid
ADPycdtm85JCh3tX3ETBiUKLkmuyQKd7H8BHgCPdF_TaPFDiFagOyYskm6tRr5M2p7ZpseP3NZqrG-4Z288maaCQ6Ok
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Fri, 03 Dec 2021 15:20:28 GMT
server
cloudflare
etag
W/"3d630076a3ff225b701da777d2a81b19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=Hn1B6w==, md5=PWMAdqP/IltwHad30qgbGQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1638544828542613
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
190094
cf-ray
6b993114fced4339-FRA
expires
Tue, 06 Dec 2022 23:11:09 GMT
1625600918_Paypal-card-light@2x.png
assets.grooveapps.com/images/5daeb623b256c50e25993cc6/
5 KB
5 KB
Image
General
Full URL
https://assets.grooveapps.com/images/5daeb623b256c50e25993cc6/1625600918_Paypal-card-light@2x.png
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b4489e8399daf86985372967ecc91c13f6eaa955aeaed2d50270d28225bd5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdtRiKxPE3upXCx6IjGi9Llkdu863u1k_3pLK9KEvsk1hrjePaFXGPm2MmH3-g3yVfpJRUXjSf3WX5kFflym1IqSlfUGJw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
4716
last-modified
Tue, 06 Jul 2021 19:48:39 GMT
server
cloudflare
etag
"9f4405a961b71fd05ed3f016602745e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=VvoIyg==, md5=n0QFqWG3H9Be0/AWYCdF4w==
x-goog-generation
1625600919077625
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
4716
accept-ranges
bytes
cf-ray
6b9931150d014339-FRA
expires
Tue, 07 Dec 2021 03:11:09 GMT
1625600980_Visa-card-light@2x.png
assets.grooveapps.com/images/5daeb623b256c50e25993cc6/
5 KB
5 KB
Image
General
Full URL
https://assets.grooveapps.com/images/5daeb623b256c50e25993cc6/1625600980_Visa-card-light@2x.png
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e89eab313aa1fbab7b18eb43b8783b24d0ceef5bcbcaf9609d8207daaad54e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdtJMIzyJjthJlk5DTUnqFhjzVVApKy3cPdXHU4qdLecwCZBnmISSBv5Vc1aNr7NbqQ6mtn9TVEhGCiBPA81NB8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
4788
last-modified
Tue, 06 Jul 2021 19:49:41 GMT
server
cloudflare
etag
"45d2e8fc9f3544f47dafb0fbe2712f0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=QU3A2Q==, md5=RdLo/J81RPR9r7D74nEvDA==
x-goog-generation
1625600981095473
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
4788
accept-ranges
bytes
cf-ray
6b9931150d024339-FRA
expires
Tue, 07 Dec 2021 03:11:09 GMT
1625601017_MasterCard-light@2x.png
assets.grooveapps.com/images/5daeb623b256c50e25993cc6/
9 KB
9 KB
Image
General
Full URL
https://assets.grooveapps.com/images/5daeb623b256c50e25993cc6/1625601017_MasterCard-light@2x.png
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a11c788458e98c99a1a1f38b4f6c07260f31e4e382a25a24d062c1a4e5dd3aea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdsPgfW5pbSRtiSOZupRxHKpDaB3USRoRNQrKvB9Zx4FMcC9-j7QsqSxx_uqm1rPxN4cji0mKbgSxLGrs5Q2Oq0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
8916
last-modified
Tue, 06 Jul 2021 19:50:17 GMT
server
cloudflare
etag
"9dcfe21c3b6ce144fb6c54621d9ff0a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=Tm01Ew==, md5=nc/iHDts4UT7bFRiHZ/wpA==
x-goog-generation
1625601017419219
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
8916
accept-ranges
bytes
cf-ray
6b9931150d034339-FRA
expires
Tue, 07 Dec 2021 03:11:09 GMT
1625601109_AmericanExpress-light@2x.png
assets.grooveapps.com/images/5daeb623b256c50e25993cc6/
7 KB
7 KB
Image
General
Full URL
https://assets.grooveapps.com/images/5daeb623b256c50e25993cc6/1625601109_AmericanExpress-light@2x.png
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdb88ed8b08973ffde9d9b5b89b7cdb1d7b40969ec52901acf3148e3f74e8ef2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdtVk1SeHhZkMM2NlEnzL6C353mf0FtBgIE65bpu4pDCFlivoWK9R3thFukSgQsDo5AFbzOlctk8sTv_UuZKZjk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
7103
last-modified
Tue, 06 Jul 2021 19:51:49 GMT
server
cloudflare
etag
"abc29e2254019bb0b1fafc79944d198a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=KpinEw==, md5=q8KeIlQBm7Cx+vx5lE0Zig==
x-goog-generation
1625601109830104
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
7103
accept-ranges
bytes
cf-ray
6b9931150d044339-FRA
expires
Tue, 07 Dec 2021 03:11:09 GMT
1625601287_Discover-card-light@2x.png
assets.grooveapps.com/images/5daeb623b256c50e25993cc6/
2 KB
3 KB
Image
General
Full URL
https://assets.grooveapps.com/images/5daeb623b256c50e25993cc6/1625601287_Discover-card-light@2x.png
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c76fad26c9a58db698fd234d82e9deb7cd7034aea9462c45357174594aad1ba3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
cf-cache-status
HIT
age
1307
cf-polished
origFmt=png, origSize=5693
x-guploader-uploadid
ADPycdvz7YK02XPbj2iozYKrWIoMwhwyqx6R5b_PIa_CMdNEXnSKTW-5PlmJSSmiY3_uqb7WjJySlyN6M4JAk0bv1dk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1625601287_Discover-card-light@2x.webp"
content-length
2384
cf-ray
6b9931150d054339-FRA
expires
Tue, 07 Dec 2021 03:11:09 GMT
last-modified
Tue, 06 Jul 2021 19:54:48 GMT
server
cloudflare
etag
"3874cc7f80da902cd98acd570877cf57"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=lwerKA==, md5=OHTMf4DakCzZis1XCHfPVw==
x-goog-generation
1625601288150728
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
5693
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
inpage_published.js
app.groove.cm/groovepages/js/
72 KB
26 KB
Script
General
Full URL
https://app.groove.cm/groovepages/js/inpage_published.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b54d20ab40591e93a610d8817912222c29f38f2083b7ac6ea70b128507558315

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:14:24 GMT
server
cloudflare
age
917
etag
W/"61ae1ac0-11f34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kw6rd0PZ2QlEjVCBzUw0zpChPasyK5w44gbBGgwI1iqOWAyHfV9%2BZhySM3GVmDd8WAHFOZsYnxzusEhmGTmGb9pYLX81I2VFMnJVpCVpwMhHpIlmcUOU%2BxZiAqZtg49TJp1gN%2FTsI7ABn%2BLm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b993114ff6b4dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
chunk-vendors.js
app.groove.cm/groovepages/js/
0
0
Script
General
Full URL
https://app.groove.cm/groovepages/js/chunk-vendors.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

matomo.php
matomo.groovetech.io/
43 B
217 B
Image
General
Full URL
https://matomo.groovetech.io/matomo.php?action_name=posting4profitnow.com%2FPosting4ProfitNow%20-%20Online%20Course%20Rhonda%20Sheir&idsite=4&rec=1&r=687550&h=23&m=11&s=9&url=https%3A%2F%2Fposting4profitnow.com%2F&_id=8ecb8e30db11f38c&_idts=1638832270&_idvc=1&_idn=0&_refts=0&_viewts=1638832270&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&dimension1=488386&dimension2=gDLMQfRx6&gt_ms=731&pv_id=UWPfbU
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 Laval, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 / PHP/7.4.16
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:09 GMT
cache-control
no-store
server
nginx/1.19.2
x-powered-by
PHP/7.4.16
content-length
43
content-type
image/gif
b24c91ff4a294541a19f193028759f8a
posting4profitnow.groovesell.com/checkout-widget/ Frame 3213
3 KB
1 KB
Document
General
Full URL
https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ce4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33-42+ubuntu20.04.1+deb.sury.org+1
Resource Hash
8f63a8046717a7cd1f9e5b3b8b47b2d3cb7bf1b707a505766bad48da80eee67f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.1.33-42+ubuntu20.04.1+deb.sury.org+1
cache-control
no-cache, private
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b9931160ce00e16-MXP
content-encoding
gzip
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v20/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v20/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb8dfe31c1772278d6e6c6237aa0bdf1d686bf1464cc3c40ed925c6193ec62f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://posting4profitnow.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 21:26:02 GMT
x-content-type-options
nosniff
age
524707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14004
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 20:46:45 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 21:26:02 GMT
gdui_styles.d4f43a.css
posting4profitnow.groovesell.com/admin/css/ Frame 3213
0
0

app.d4f43a.css
posting4profitnow.groovesell.com/admin/css/ Frame 3213
0
0

iconfont.css
posting4profitnow.groovesell.com/admin/css/ Frame 3213
0
0

material-icons.css
posting4profitnow.groovesell.com/admin/css/material-icons/ Frame 3213
0
0

themify-icons.css
gitcdn.link/repo/lykmapipo/themify-icons/master/css/ Frame 3213
0
0

/
js.stripe.com/v3/ Frame 3213
0
0

/
js.stripe.com/terminal/v1/ Frame 3213
0
0

checkout.js
www.paypalobjects.com/api/ Frame 3213
0
0

Accept.js
js.authorize.net/v1/ Frame 3213
0
0

client.min.js
js.braintreegateway.com/web/3.68.0/js/ Frame 3213
0
0

hosted-fields.min.js
js.braintreegateway.com/web/3.68.0/js/ Frame 3213
0
0

iframeResizer.contentWindow.min.js
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.2.8/ Frame 3213
13 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.2.8/iframeResizer.contentWindow.min.js
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b79dedcd9e48e0977603301bb9dd2809400389cc0978578e6001c91dfaec993
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2435206
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4395
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9f-348d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73GgChKqPPU6RD5SWB79qjUqI2GArAb2sThC8nV%2B7AEcARUpyi0FDn2wYOk%2Bwh0zf6F%2BPUMVnNUfcrZZRQyZE0D1vvOTBngVExSVsdzh5YUjOuNxEG8JIne1qaIUCkOzb5cxb96CETV74U6CSEtDkyoi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311808f75c02-FRA
expires
Sat, 26 Nov 2022 23:11:10 GMT
4c9b43643d.js
kit.fontawesome.com/ Frame 3213
0
0

app.503b59.js
posting4profitnow.groovesell.com/admin/js_new/ Frame 3213
0
0

b24c91ff4a294541a19f193028759f8a
posting4profitnow.groovesell.com/checkout-widget/ Frame DB7D
3 KB
1005 B
Document
General
Full URL
https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/embed/js/app.js?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ce4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33-42+ubuntu20.04.1+deb.sury.org+1
Resource Hash
9941b03296572d472f2626686ab783c34eb1d7b87bc57aeab62d0d02b4a93266

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.1.33-42+ubuntu20.04.1+deb.sury.org+1
cache-control
no-cache, private
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b993118af910e16-MXP
content-encoding
gzip
b24c91ff4a294541a19f193028759f8a
v1.gdapis.com/api/groovesell/fetch-checkout-link-info/
39 B
725 B
XHR
General
Full URL
https://v1.gdapis.com/api/groovesell/fetch-checkout-link-info/b24c91ff4a294541a19f193028759f8a
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/embed/js/app.js?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
d9f9bd83e9f6cf0298b1acb1c5e464426f92ecc9e24064ba11ba3205602fdc0f

Request headers

Accept
application/json, text/plain, */*
Referer
https://posting4profitnow.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.24
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
599
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i99phvUAvhKsgx6W4ZwK0FSM4q%2FobySdBnH%2FG08R2TAbWv2r%2FU3TiMjwwDiYWQ6peOmxfEcSHTk9GnsgD0cdUGuPboivjzYkDCSl4HH9ko81VMAyX6pXRP%2BgI%2FgMOd8PFHKX52UOe9PrHoeE"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6b993118dd12691c-FRA
k2m2g3U0KIQ
www.youtube.com/embed/ Frame 8D69
59 KB
25 KB
Document
General
Full URL
https://www.youtube.com/embed/k2m2g3U0KIQ?rel=0&modestbranding=1&controls=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
42ea5536b0636eb2350fe15c40a03709b787ccc703ae2be90b48d2fb76bd9856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 06 Dec 2021 23:11:10 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/
76 KB
77 KB
Font
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer
https://posting4profitnow.com/
Origin
https://posting4profitnow.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
via
1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
78168
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"a9fd1225fb2cd32320e2b931dca01089"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqdsr6JIPfsQsY1W7P6%2FDG8Fe6XF8g00l1Gmg2m1ZoX2%2BiMUUnfsq76MkbH%2BcUpnho%2BrAA7doUpTrvsTlYzTHQ%2F2pH8dX7apFXgBwTApuBuJNxGXNT%2FXb3yRQmIUOnfMYPOuk5q%2BZeDghcO%2Bc0OPS0Cqvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6b993119a9a94edf-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
mUORhPmpqTV1Vo2-WzgTGaOH0qrjKx02MAsYvqDy8cadFkBGym4CHA==
urn:li:ugcPost:6862063190298259456
www.linkedin.com/embed/feed/update/ Frame E890
12 KB
4 KB
Document
General
Full URL
https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6862063190298259456?compact=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b909ba3f68d54f87ebf0356c665ab74ae0024e0e5ff3c3fbb9e25293f3500898
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; child-src blob: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com www.google-analytics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; report-uri /security/csp?e=p&f=nf
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/

Response headers

cache-control
no-cache, no-store
pragma
no-cache
content-length
3336
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
Thu, 01 Jan 1970 00:00:00 GMT
vary
Accept-Encoding
x-li-fabric
prod-ltx1
x-fs-uuid
0005d2825f539afa114dd2129f4028e1
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; child-src blob: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com www.google-analytics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; report-uri /security/csp?e=p&f=nf
x-li-source-fabric
prod-lva1
x-li-pop
afd-prod-lva1-x
x-li-proto
http/2
x-li-uuid
AAXSgl9TmvoRTdISn0Ao4Q==
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: F5F72D0928DC4C458E0E5CB950E37228 Ref B: FRAEDGE1214 Ref C: 2021-12-06T23:11:10Z
date
Mon, 06 Dec 2021 23:11:10 GMT
urn:li:ugcPost:6846197346825588736
www.linkedin.com/embed/feed/update/ Frame 117A
13 KB
5 KB
Document
General
Full URL
https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6846197346825588736?compact=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
65ee53e3811cb0fa507afda499bd12321a6d424e723626a8372fcd71caaf2923
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; child-src blob: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com www.google-analytics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; report-uri /security/csp?e=p&f=nf
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/

Response headers

cache-control
no-cache, no-store
pragma
no-cache
content-length
3464
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
Thu, 01 Jan 1970 00:00:00 GMT
vary
Accept-Encoding
x-li-fabric
prod-ltx1
x-fs-uuid
0005d2825f538d8babab5eb5b7677390
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; child-src blob: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com www.google-analytics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; report-uri /security/csp?e=p&f=nf
x-li-source-fabric
prod-lva1
x-li-pop
afd-prod-lva1-x
x-li-proto
http/2
x-li-uuid
AAXSgl9TjYurq161t2dzkA==
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: D40320EC4942481C999D7621F7CEF839 Ref B: FRAEDGE1214 Ref C: 2021-12-06T23:11:10Z
date
Mon, 06 Dec 2021 23:11:10 GMT
1638635736_linkedin-gf7c17b501_1280.jpg
assets.grooveapps.com/images/5ef02765e1ce590013d90067/
147 KB
148 KB
Image
General
Full URL
https://assets.grooveapps.com/images/5ef02765e1ce590013d90067/1638635736_linkedin-gf7c17b501_1280.jpg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8951d0251b2da3fac33b1b143bc7e037c86dffcd45b0dcb0dd04549709c5a259

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdsEQ9fBwACwQd-kjbZAJGsQ2XT6mixUpyilaysIxXv7iWimUYk6j_8zzhbpLVN5eL2uOfqtWO_qPvRRIfCmYCc
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
150733
last-modified
Sat, 04 Dec 2021 16:35:36 GMT
server
cloudflare
etag
"fd256b93fbd0f9624d24f5cb356b8409"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=HK9bEg==, md5=/SVrk/vQ+WJNJPXLNWuECQ==
x-goog-generation
1638635736582134
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
150733
accept-ranges
bytes
cf-ray
6b993119ed5d4339-FRA
expires
Tue, 07 Dec 2021 03:11:10 GMT
free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/
13 KB
14 KB
Font
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-regular-400.woff2
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b

Request headers

Referer
https://posting4profitnow.com/
Origin
https://posting4profitnow.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13216
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"b8f1c6a3a94d42b082c29f0b1db8ba95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBI3KMK5lzr5XobTfz0MJI2Km6TKDLtiQjb9M%2FgmHdWeQjc2sdw5v1zQImZG9HSRSLJjNmo20Z%2FwJSsMQ2CV7otQLJmHyshJtKep4xRk4NWZaEWJ6gwa%2FY9FDOpl3YvPmvx6tdKhX7N2%2F5wgVLrT1GBLLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6b993119f9ee4edf-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
weqDZjonNSH3vj9NKzbfGMMeCo9FCFVhP0XznhfgZuyj6vIAY9gsrQ==
jGx72GODkUqq1ZyTrN49
v1.gdapis.com/api/groovevideo/generate-css/79654/
563 B
891 B
Stylesheet
General
Full URL
https://v1.gdapis.com/api/groovevideo/generate-css/79654/jGx72GODkUqq1ZyTrN49
Requested by
Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
d63a1ba9cb9aeb58cba4adb0793451c4a4c830300cb946d96b69592524f77475

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.24
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4k1%2FP1xGj8swLqxwGvCZ1ApT1KYgkRt3PUAZBx6Cfv%2FCLXe6q5hRd1QgzdlInlgLDE7MlBR2sg6fHOCA72EpJPTV9dcUa6CoDQv7YA5oVgfU0paeU1XoYjJvUUl8XEqvjAyYCMOggeQvwnVd"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-ratelimit-remaining
597
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6b99311a5cc23753-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jGx72GODkUqq1ZyTrN49
app.groove.cm/groovevideo/video/79654/ Frame 2A80
Redirect Chain
  • https://app.groovefunnels.com/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
  • https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
5 KB
2 KB
Document
General
Full URL
https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Requested by
Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f90d562a7a85c5cff7b8fc6190ee9e5fea65a896f45ac9790134659560f622

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12EOMcCwcIXh%2FTQRQ6viSLGRES0lEkhQ18ZqUP8%2BUUCpcZqz3v1xEJ40Vd26aWYWKagD2n7NvXZ4bisQotdiPPLBBQcM%2FxO7bfm8zn8uweU9HovjUxSMxQd6SU2f%2BnUrX2jZr24YarTg33rJ"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b99311ace564dfa-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Mon, 06 Dec 2021 23:11:10 GMT
location
https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoxi7RjsB5tt1Es%2BJHthsfUVIM6vsV4HXGeTWiIuyKhfGmPE56GsO8c%2B71mSmJ4OmZN2kOOz92Ux6cvdukOaWfPgh7l3zOVD6kNRYxoe%2FvGm5t3fr6AgeBdNKw3aOt9XNTUNq8nO%2BSRSNPqgSyQI2vQP19k%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6b99311aaef83752-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jZ9IfBVyFOKNxl9jU54M
v1.gdapis.com/api/groovevideo/generate-css/79651/
563 B
865 B
Stylesheet
General
Full URL
https://v1.gdapis.com/api/groovevideo/generate-css/79651/jZ9IfBVyFOKNxl9jU54M
Requested by
Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
6ba28aa206fe515a3b0ab9739ee5c5191644a6ea6ff85b8bf4fc5edbf154cb3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.24
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6rsHarMDqRqyXaABiPmJxR%2FpBh72gujfHm8wXL%2F4VHM%2BUJNZFOQEZL%2By0ojPcCMPkY5ddSUxPQdIg5%2BkkgdkvKmyvdePoOr98TvoGHC69MGE1QX5WPo5xjDMMYg%2Ft8k5GMjgYo3xfTDflId"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-ratelimit-remaining
599
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6b99311a5cbe3753-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jZ9IfBVyFOKNxl9jU54M
app.groove.cm/groovevideo/video/79651/ Frame 5E6E
Redirect Chain
  • https://app.groovefunnels.com/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
  • https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
5 KB
2 KB
Document
General
Full URL
https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Requested by
Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f90d562a7a85c5cff7b8fc6190ee9e5fea65a896f45ac9790134659560f622

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIi9stmHO79KOWkWG86QdwQ6cV0LcaqXdRikRJ967SPSyqYm%2BtQeRe4TpazdpI9urcvpHgWOFdThaPexMF%2FNFZDOYZFHBRz8eakHLeHjzVrhfYmGNJK%2B1RNczuT4XkkwzJre34TIvpBrfm5F"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b99311ace4c4dfa-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Mon, 06 Dec 2021 23:11:10 GMT
location
https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icNjPWWf87%2B9pdu0hUwzWGVGk5uOIDh9aDgZwgxFg%2Fj4GlvIGoz2gNqUauMmyrErBnUGDEJ6VYFmGddQBxIbsgymHPqmqitjaLnxRF74et62eonyApca1TeECYcD0Owi%2BWMhNb6AcnnCLHbDoP8I%2BF2%2BqDI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6b99311aaef93752-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
dytj8Zl0tXGVRJ1e2VfN
v1.gdapis.com/api/groovevideo/generate-css/79650/
563 B
860 B
Stylesheet
General
Full URL
https://v1.gdapis.com/api/groovevideo/generate-css/79650/dytj8Zl0tXGVRJ1e2VfN
Requested by
Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
d29172f2fb05b6bf32998d8021bb10e09f6d7561c7580c64aeff95624d36ec10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.24
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfFpJ92SFggemm9zkYNu6ME1Km3kdp6rBGOoYoMQM8rhA5G%2B2F9zFaXoyjrm9aElOBbomHNHEH%2BSV4Sr2l8Vh23xFbHc%2FywIp%2FHUmI%2Fn78ba26d0hEZWOBCexQ5n24KPSSkBi7dysey5tg2X"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-ratelimit-remaining
597
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6b99311a5cc43753-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
dytj8Zl0tXGVRJ1e2VfN
app.groove.cm/groovevideo/video/79650/ Frame 3123
Redirect Chain
  • https://app.groovefunnels.com/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
  • https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
5 KB
2 KB
Document
General
Full URL
https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Requested by
Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f90d562a7a85c5cff7b8fc6190ee9e5fea65a896f45ac9790134659560f622

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cHGCTJDtbU3QHApWQk9G%2FCq4K%2Fs9M%2BgJocQ%2FlFuCHprRVPNbBv5YOCqbIGOyST%2FRchesVrlOcvHkZLCbp%2BrUbYRDuZsX6d0ZAHzKnpzfaE04Ch3%2BC8nFOPVmoNRAy3HHmorTAaXktttM1k4"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b99311ace504dfa-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Mon, 06 Dec 2021 23:11:10 GMT
location
https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwxPwETtvHUr4xQ4lZRMOlgMTe2WhQ%2BzktjLj1XDlbEk1MXuvoS13sgV0ZkZKx5LWGCsNCY94q29yNaq2ziqbN%2Bm0u%2BicRCl5H6JU2I8Qq2taHBkEJSlSHqYsBtl%2BWldFdcBt3Q8oEjppAYokjaXtdd5tdE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6b99311aaefb3752-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Tot2pgPvI8YiKGUNLHCb
v1.gdapis.com/api/groovevideo/generate-css/79652/
563 B
861 B
Stylesheet
General
Full URL
https://v1.gdapis.com/api/groovevideo/generate-css/79652/Tot2pgPvI8YiKGUNLHCb
Requested by
Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
e8e9fa3e6c415f7fbf3cf8de366eebd0357a2a8345ae13db9c4cfe02f86ce303

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.24
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICiKU1vnCI6kPg7HzgZ%2B9dvHOLpIwFj3r%2BqEAIpsqpzjJ%2B5AaZI1vemqYWDjxOiz8a4Us38Memy0ibkNj%2FzZRTCEAiGJEYg357BJWrPwPSNPwlwPPTO9seGPMscacOrB0wqlG%2Bh3htmpfJSA"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-ratelimit-remaining
597
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6b99311a6ce53753-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Tot2pgPvI8YiKGUNLHCb
app.groove.cm/groovevideo/video/79652/ Frame 19F2
Redirect Chain
  • https://app.groovefunnels.com/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
  • https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
5 KB
2 KB
Document
General
Full URL
https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Requested by
Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f90d562a7a85c5cff7b8fc6190ee9e5fea65a896f45ac9790134659560f622

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MERLuUk2TWvicshbJ1IeyXkmI8jDZzPyZUbw0863%2BuaEkavqF8qnBFLO%2BT4w4eXD1MBHOQuBohr3%2BWD5ui3Zk2I4cXGSecRthWKWhKbVbvXpURZ2GzY%2F91tED%2F8zbpCRCsNZJGmjkXDBnFB"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b99311ace524dfa-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Mon, 06 Dec 2021 23:11:10 GMT
location
https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wU%2Fbp%2FJn44XZZ%2FBVUNS4dqPQYO%2FWkKf8hPjtHei4zyMh8fDw2VjlhasIjIS7nz5uCQoSNtH8tpmKVzoNmJ18p9GkEpwMOKItxm%2FQSJRrMG0PbwbRsJwrwqZh8jxROFdPc%2BJs2eS%2BbcedYFTyAOYpdp00Ez0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6b99311aaefc3752-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1pRJ3JmNn0gEPIi1nIoY
v1.gdapis.com/api/groovevideo/generate-css/79645/
563 B
859 B
Stylesheet
General
Full URL
https://v1.gdapis.com/api/groovevideo/generate-css/79645/1pRJ3JmNn0gEPIi1nIoY
Requested by
Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
94bc5af79ea99205d32fc0d2a73684cbd9ff4715249bd2e3f0137f798c7828f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.24
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T697Cwj8%2B8ZXafDCjwQdetAg2qmnQHdeMlR7og6F84vAnqMGmH3R0ykCHg8X2m6dDuFq%2FoRUOiXSo%2Bb764BD08KRmcV0t9iJZHsZgjxwB1f%2BO%2FCGasJAMj3T8TnInTCvWfh9F1BV110VdRrv"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-ratelimit-remaining
598
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6b99311a6ceb3753-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1pRJ3JmNn0gEPIi1nIoY
app.groove.cm/groovevideo/video/79645/ Frame DE4C
Redirect Chain
  • https://app.groovefunnels.com/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
  • https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
5 KB
2 KB
Document
General
Full URL
https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Requested by
Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f90d562a7a85c5cff7b8fc6190ee9e5fea65a896f45ac9790134659560f622

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9QBehAB6n9DrTcPcc3BeduQA9u4FvSn92i%2FcYoCiUuMSi9QHjwc9I3IHgyn89WHA8n%2BAnj2Kz%2B5vK%2BUa1ZAUTDjdb%2FZ7wU2T1EfWDgCs0WzZt92WKvs%2B2sI%2FUB3ej7LteVAqYjJWBZQulI4"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b99311ace574dfa-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Mon, 06 Dec 2021 23:11:10 GMT
location
https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvzhc1utJ6G7YnPi%2FrWbL4yJ5JgDaJdRsf%2F7bL4RQRvizsM2k65TZSEs3Qzcy%2Fy%2BF4uomRr6Yr7aozbxzru0JKK7ynYEDj4eG71BFw44UHvx%2BwrF09l6U8IG6yc9uYs7CEN9pBYcL49wTICHGoBC1EILLKo%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6b99311aaefd3752-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
6RU0RcHbRRAQUOkM9eE8
v1.gdapis.com/api/groovevideo/generate-css/79647/
563 B
864 B
Stylesheet
General
Full URL
https://v1.gdapis.com/api/groovevideo/generate-css/79647/6RU0RcHbRRAQUOkM9eE8
Requested by
Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
aab703f193cae7b4772ab108fb1d86a32358555c097b7701b4b48a9c70049c0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.24
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vJLcCD4zbR66aI7j2%2FXEu%2BZ%2FI1KJ%2BoELlC5H2RRAX2JwM2eU6SE2hkIlwYxy44PMS6yO1QllsOslwXb%2F1W3mBQH0p807Yv5nyjqbRohY8jtCxRxFln%2FQCtxDBiFUw3SWsKluY2IwYiXKZvf"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-ratelimit-remaining
598
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6b99311b2e953753-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
6RU0RcHbRRAQUOkM9eE8
app.groove.cm/groovevideo/video/79647/ Frame A047
Redirect Chain
  • https://app.groovefunnels.com/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
  • https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
5 KB
2 KB
Document
General
Full URL
https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Requested by
Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f90d562a7a85c5cff7b8fc6190ee9e5fea65a896f45ac9790134659560f622

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bm8xWI9C4MTfpTOklDIUw%2F8nHg5L%2BDQO8oz5vHu6LsAy5Ur3%2BltH9BWz4V1t8LQKv2CeWz5B%2Bl9pn1sn842ZjsF4AUW0%2BGw1cYGS7O8j%2FZFLc2iNapZe%2BQshM89waen7uW6wkK4OmNu0lOgZ"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b99311b7f564dfa-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Mon, 06 Dec 2021 23:11:10 GMT
location
https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIgk6mikaQt%2BkNFKoskyutGtXctbp8jOKQLxiB1McsyWbORtqqEIK3EFVfmVw%2FVd%2B6MekK3qH5w6au%2F84%2B5tpRiZj6wXoD7brdCHynBo5W9hZwERbQlSqRNh579mAR3MqtPTKRWFaZSIMCFtjV4RzjBo2wU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6b99311b4e87374a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
www-player-webp.css
www.youtube.com/s/player/8040e515/ Frame 8D69
336 KB
46 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/8040e515/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/k2m2g3U0KIQ?rel=0&modestbranding=1&controls=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d98637a1c12b32b467e6238367e35c66a1af6ee1d7cf1ec86fa8762b5e613fe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/k2m2g3U0KIQ?rel=0&modestbranding=1&controls=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 01:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
164392
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47245
x-xss-protection
0
last-modified
Sun, 05 Dec 2021 00:07:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 05 Dec 2022 01:31:18 GMT
www-embed-player.js
www.youtube.com/s/player/8040e515/www-embed-player.vflset/ Frame 8D69
217 KB
71 KB
Script
General
Full URL
https://www.youtube.com/s/player/8040e515/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/k2m2g3U0KIQ?rel=0&modestbranding=1&controls=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74bd1062da373eabae4c6bb2e0da3831272ca2b25ac3a19649b65dd188bd5fe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/k2m2g3U0KIQ?rel=0&modestbranding=1&controls=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 11:24:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
42395
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72751
x-xss-protection
0
last-modified
Sun, 05 Dec 2021 00:07:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Dec 2022 11:24:35 GMT
base.js
www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/ Frame 8D69
2 MB
524 KB
Script
General
Full URL
https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/k2m2g3U0KIQ?rel=0&modestbranding=1&controls=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bd4a9f952e5929601bd170da52e68f0e6313e954091cd5a87c10fdda17979e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/k2m2g3U0KIQ?rel=0&modestbranding=1&controls=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 01:31:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
164396
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
535989
x-xss-protection
0
last-modified
Sun, 05 Dec 2021 00:07:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 05 Dec 2022 01:31:14 GMT
fetch-polyfill.js
www.youtube.com/s/player/8040e515/fetch-polyfill.vflset/ Frame 8D69
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/8040e515/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/k2m2g3U0KIQ?rel=0&modestbranding=1&controls=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/k2m2g3U0KIQ?rel=0&modestbranding=1&controls=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 21:40:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
5434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Sun, 05 Dec 2021 00:07:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Dec 2022 21:40:36 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://posting4profitnow.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 21:14:29 GMT
x-content-type-options
nosniff
age
7001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 06 Dec 2022 21:14:29 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://posting4profitnow.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 21:26:28 GMT
x-content-type-options
nosniff
age
6282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 06 Dec 2022 21:26:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8D69
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/k2m2g3U0KIQ?rel=0&modestbranding=1&controls=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 17:06:41 GMT
x-content-type-options
nosniff
age
540269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 17:06:41 GMT
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/
75 KB
76 KB
Font
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer
https://posting4profitnow.com/
Origin
https://posting4profitnow.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
via
1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
76736
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"4f5ec865a8274ab291b6a42b5f70639e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FfHVpgVzvUwiIk8A7ntq4A%2FuYkVi3RkoGgG8bCTTRrkzUfMNxqK%2B7NFDSjEpdQZStBu3K9c8Cwd53w2W8PaKfHyKaZW9j1%2FUsL0%2FvhrqRfafhaXEcMzQw8AKAYeyvt7p78tpXWU2wE7J6KUvFL5mijy6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6b99311cfda24edf-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
-MePkm_h42ovdcgoGh-xl9Z4GvvNvY_uzzsnE9pGtdbpOnUXHtv6sA==
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://posting4profitnow.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 17:55:21 GMT
x-content-type-options
nosniff
age
18949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15640
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 06 Dec 2022 17:55:21 GMT
iframe_api
www.youtube.com/
980 B
513 B
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: matomo.groovetech.io
URL: https://matomo.groovetech.io/matomo.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfb416f542c3ed137ea4e44f1bf97101652d271887060f5d971bdfedd20aadda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires
Mon, 06 Dec 2021 23:11:10 GMT
gdui_styles.d4f43a.css
posting4profitnow.groovesell.com/admin/css/ Frame DB7D
0
57 B
Stylesheet
General
Full URL
https://posting4profitnow.groovesell.com/admin/css/gdui_styles.d4f43a.css
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ce4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
cf-cache-status
MISS
last-modified
Sat, 20 Nov 2021 21:53:25 GMT
server
cloudflare
etag
"0-5d13f6bcd283d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6b99311d5dcd0e16-MXP
content-length
0
expires
Tue, 07 Dec 2021 03:11:11 GMT
app.d4f43a.css
posting4profitnow.groovesell.com/admin/css/ Frame DB7D
829 B
420 B
Stylesheet
General
Full URL
https://posting4profitnow.groovesell.com/admin/css/app.d4f43a.css
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ce4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
452e236eb929e43213926695c66e53e6d37b0453a4938754a3b6b2c9475414b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 20 Nov 2021 21:53:25 GMT
server
cloudflare
etag
"33d-5d13f6bcd08fd-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6b99311d5dd90e16-MXP
content-length
337
expires
Tue, 07 Dec 2021 03:11:11 GMT
iconfont.css
posting4profitnow.groovesell.com/admin/css/ Frame DB7D
13 KB
3 KB
Stylesheet
General
Full URL
https://posting4profitnow.groovesell.com/admin/css/iconfont.css
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ce4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39246f8765241fdc8a3609f458a6d5778a8f80e84f4ba3d5ab6fb918d0686637

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 20 Nov 2021 21:53:25 GMT
server
cloudflare
etag
"33ac-5d13f6bcd189d-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6b99311d5ddc0e16-MXP
content-length
2454
expires
Tue, 07 Dec 2021 03:11:11 GMT
material-icons.css
posting4profitnow.groovesell.com/admin/css/material-icons/ Frame DB7D
922 B
504 B
Stylesheet
General
Full URL
https://posting4profitnow.groovesell.com/admin/css/material-icons/material-icons.css
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ce4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdbdd4eb73a277bcbf241221bed8c3b7b444eb2024f3f6f16a8673169edc3e00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 20 Nov 2021 21:53:25 GMT
server
cloudflare
etag
"39a-5d13f6bcd189d-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6b99311d5ddf0e16-MXP
content-length
422
expires
Tue, 07 Dec 2021 03:11:11 GMT
themify-icons.css
gitcdn.link/cdn/lykmapipo/themify-icons/9600186b24a7242f0e1e0a186983e6253301bb5d/css/ Frame DB7D
Redirect Chain
  • https://gitcdn.link/repo/lykmapipo/themify-icons/master/css/themify-icons.css
  • https://gitcdn.link/cdn/lykmapipo/themify-icons/9600186b24a7242f0e1e0a186983e6253301bb5d/css/themify-icons.css
16 KB
3 KB
Stylesheet
General
Full URL
https://gitcdn.link/cdn/lykmapipo/themify-icons/9600186b24a7242f0e1e0a186983e6253301bb5d/css/themify-icons.css
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
Protocol
H3
Server
2606:4700:3038::6815:ea37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ec82a71992aa64b77ec2a84f76fec382a34505cda562bb2497a7dda603d3d024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
via
1.1 vegur
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4426
x-powered-by
Express
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 06 Dec 2021 21:57:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2B4f0KhFSKEm8NZ1rpJJahB4f6%2FBjuNM1pO8lxmdQB30ygcA%2FT2B%2FJ%2BA%2BZm7WpDkkbSQG2tepgLEyDNmaRm9udodezoBsBsl7l2cq9QaBwBNo8A8tVq%2FHmCimsk34yM2MwUpb2z9AfSmtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
6b99311f7c7ad6f9-FRA
expires
Wed, 05 Jan 2022 21:57:25 GMT

Redirect headers

date
Mon, 06 Dec 2021 23:11:11 GMT
via
1.1 vegur
cf-cache-status
STALE
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103165
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
144
access-control-allow-origin
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNZ4eGJ7TTHv8K%2FluaVqq8hP6OuGjk4x1cOgSb8LQO%2Fzgc%2F2S%2BdJGQIyRUsaQA1e6EnlCuK1X6c3pLt638o%2BwSOY1G4CdHHK9WULvpr7kZroAiL49z6ZJGbLnVlGwjaOzqNLmqCujCtfcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
location
https://gitcdn.link/cdn/lykmapipo/themify-icons/9600186b24a7242f0e1e0a186983e6253301bb5d/css/themify-icons.css
cache-control
max-age=7200
cf-ray
6b99311d5a8d0f5a-MXP
/
js.stripe.com/v3/ Frame DB7D
268 KB
64 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
219d55b0a442e35619d798a9cb86c13c8d266a52b7d57da0454b9fcaff4ba0a5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
89
x-cache
HIT
content-length
65795
etag
"90914ce6d55cc2e7701a38757435fe8c"
x-request-id
5180c80b-cd69-4a0d-adf6-234530e511e5
x-served-by
cache-hhn4069-HHN
access-control-allow-origin
*
last-modified
Mon, 06 Dec 2021 21:25:34 GMT
server
Fastly
date
Mon, 06 Dec 2021 23:11:10 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
37
/
js.stripe.com/terminal/v1/ Frame DB7D
229 KB
48 KB
Script
General
Full URL
https://js.stripe.com/terminal/v1/
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a62e2f770838fc7f8d4708a5e27fc496c9928f0767ea4c6c17958e335de24be4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
100
x-cache
HIT
content-length
48907
etag
"cf66980ae4d991b3e80918b51c97a5d0"
x-request-id
20ff7838-b89b-437c-9270-95900d6b54ef
x-served-by
cache-hhn4069-HHN
access-control-allow-origin
*
last-modified
Tue, 19 Oct 2021 17:44:26 GMT
server
Fastly
date
Mon, 06 Dec 2021 23:11:10 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
checkout.js
www.paypalobjects.com/api/ Frame DB7D
1 MB
235 KB
Script
General
Full URL
https://www.paypalobjects.com/api/checkout.js
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
911cedca4de02342bd10e87598103fccdb14b5965a91a4b21a1310082e8f9076
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
d3b0517d371ca
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
239797
last-modified
Thu, 12 Aug 2021 19:29:50 GMT
etag
W/"611576ae-16d559"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-headers
x-csrf-token
expires
Tue, 07 Dec 2021 23:11:10 GMT
Accept.js
js.authorize.net/v1/ Frame DB7D
4 KB
2 KB
Script
General
Full URL
https://js.authorize.net/v1/Accept.js
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.18.9.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f4501c6e024ec5ecc8ec86d5a09b9e603e226ab83149c8f481708bffcbd3f8e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Sep 2019 01:10:11 GMT
server
cloudflare
age
3629
etag
W/"bf6213fecf69d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=432000
cf-ray
6b99311d5a2c71e0-LHR
expires
Sat, 11 Dec 2021 23:11:10 GMT
client.min.js
js.braintreegateway.com/web/3.68.0/js/ Frame DB7D
41 KB
13 KB
Script
General
Full URL
https://js.braintreegateway.com/web/3.68.0/js/client.min.js
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-30.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
938e3e20c94051c714c276b047eab4adbe5b771c62bb45b95f1d8d3a75331021

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 20:35:28 GMT
content-encoding
gzip
last-modified
Tue, 30 Nov 2021 17:02:59 GMT
server
nginx
age
9342
etag
W/"61a65943-a502"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
QgF35n4358l_5ab0BTW9W_8rGyelYk5nV0Q9Wqkfo_s8z4HQb_Arqg==
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
expires
Tue, 07 Dec 2021 20:35:28 GMT
hosted-fields.min.js
js.braintreegateway.com/web/3.68.0/js/ Frame DB7D
62 KB
18 KB
Script
General
Full URL
https://js.braintreegateway.com/web/3.68.0/js/hosted-fields.min.js
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-30.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
000e93badb3626183cb9302710ef294e8e2c904e5775caeb435587baf0994c95

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 22:42:30 GMT
content-encoding
gzip
last-modified
Tue, 30 Nov 2021 17:03:00 GMT
server
nginx
age
2943
etag
W/"61a65944-f938"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
tX7cRqLktF2hCehQObk_lt9hOE-Ob1LBqgS_jIvXRm-V5raV9ovNGg==
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
expires
Tue, 07 Dec 2021 22:22:07 GMT
iframeResizer.contentWindow.min.js
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.2.8/ Frame DB7D
13 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.2.8/iframeResizer.contentWindow.min.js
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b79dedcd9e48e0977603301bb9dd2809400389cc0978578e6001c91dfaec993
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2435206
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4395
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9f-348d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdLb%2BbPm9eYXvM7EvFpNFfZ0iO23cxEb5ERVAlxahNSKUty92slgVlB9%2BEtL6SCXgyBbOvWPlr6MqjtrGPdTjxXm24JCMBV8PPFHsUU5nfV5VdCgqj1RPQEU1d%2FClQLOWvqLBNpSF8HmzDEv6Ud4lyCD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311d5b985c02-FRA
expires
Sat, 26 Nov 2022 23:11:10 GMT
4c9b43643d.js
kit.fontawesome.com/ Frame DB7D
11 KB
4 KB
Script
General
Full URL
https://kit.fontawesome.com/4c9b43643d.js
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abedc9bbc41385de00656cb65f1455b28c538a1f96425619f2f4e03b1e990e7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:10 GMT
content-encoding
gzip
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status
HIT
age
0
strict-transport-security
max-age=31536000; preload
x-request-id
FrpYLT-JJ3XHvUkB_y1i
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
cf-ray
6b99311d5edf59cb-MXP
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
app.503b59.js
posting4profitnow.groovesell.com/admin/js_new/ Frame DB7D
4 MB
1 MB
Script
General
Full URL
https://posting4profitnow.groovesell.com/admin/js_new/app.503b59.js
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ce4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a813d054cb6a81a06d99b09522ce055245f9fe1e22967e2a7eeecccefc0bc665

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 20 Nov 2021 21:53:25 GMT
server
cloudflare
etag
"3eeeec-5d13f6bcd08fd-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
6b99311d5de20e16-MXP
expires
Tue, 07 Dec 2021 03:11:11 GMT
dijwsa7oqzy8jbn2zwplyoy39
static-exp1.licdn.com/sc/h/ Frame 117A
154 KB
19 KB
Stylesheet
General
Full URL
https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
Requested by
Host: www.linkedin.com
URL: https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6846197346825588736?compact=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
e5399697f8d75c5763a9ec0f8e739c08ec1c6898c9bbf53a3f212bc935e0b500

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
Content-Encoding
gzip
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-LI-Static-Content
1
X-Li-Fabric
prod-ltx1
X-CDN-Proto
HTTP1
Connection
keep-alive
Content-Length
19131
X-LI-UUID
XlT8nL0csBZA8o1+NCsAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-eda6
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
5e54fc9cbd1cb01640f28d7e342b0000
Expires
Fri, 21 Oct 2022 17:44:25 GMT
1do6zzumecnl1wz319skt1m9k
static-exp1.licdn.com/sc/h/ Frame 117A
117 KB
36 KB
Script
General
Full URL
https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Requested by
Host: www.linkedin.com
URL: https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6846197346825588736?compact=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
3c14d03c22a3efff598e04e7c02c14e6517e98d32156fd9601683997e7ff81cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
Content-Encoding
gzip
NEL
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-CDN
AKAM
X-LI-Static-Content
1
X-Li-Fabric
prod-ltx1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
36340
X-LI-UUID
wXkuzxMerBbgbnNUXysAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-eda6
X-CDN-CLIENT-IP-VERSION
IPV6
Vary
Accept-Encoding
Report-To
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
c1792ecf131eac16e06e73545f2b0000
Expires
Sat, 08 Oct 2022 17:23:55 GMT
4e4kai3ejqb6obx8g6x1pjh0p
static-exp1.licdn.com/sc/h/ Frame 117A
83 KB
26 KB
Script
General
Full URL
https://static-exp1.licdn.com/sc/h/4e4kai3ejqb6obx8g6x1pjh0p
Requested by
Host: www.linkedin.com
URL: https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6846197346825588736?compact=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
2c7520a69a964496388ef6a3e458f81520ec71be0a0ad2921f44e5ab27dd8774

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
Content-Encoding
gzip
NEL
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-CDN
AKAM
X-LI-Static-Content
1
X-Li-Fabric
prod-ltx1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
25902
X-LI-UUID
PZGPn70csBbwJYzbfCsAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-ltx1
X-CDN-CLIENT-IP-VERSION
IPV6
Vary
Accept-Encoding
Report-To
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
3d918f9fbd1cb016f0258cdb7c2b0000
Expires
Fri, 21 Oct 2022 17:44:25 GMT
dijwsa7oqzy8jbn2zwplyoy39
static-exp1.licdn.com/sc/h/ Frame E890
154 KB
19 KB
Stylesheet
General
Full URL
https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
Requested by
Host: www.linkedin.com
URL: https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6862063190298259456?compact=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
e5399697f8d75c5763a9ec0f8e739c08ec1c6898c9bbf53a3f212bc935e0b500

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
Content-Encoding
gzip
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-LI-Static-Content
1
X-Li-Fabric
prod-ltx1
X-CDN-Proto
HTTP1
Connection
keep-alive
Content-Length
19131
X-LI-UUID
XlT8nL0csBZA8o1+NCsAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-eda6
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
5e54fc9cbd1cb01640f28d7e342b0000
Expires
Fri, 21 Oct 2022 17:44:25 GMT
1do6zzumecnl1wz319skt1m9k
static-exp1.licdn.com/sc/h/ Frame E890
117 KB
36 KB
Script
General
Full URL
https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Requested by
Host: www.linkedin.com
URL: https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6862063190298259456?compact=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
3c14d03c22a3efff598e04e7c02c14e6517e98d32156fd9601683997e7ff81cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
Content-Encoding
gzip
NEL
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-CDN
AKAM
X-LI-Static-Content
1
X-Li-Fabric
prod-ltx1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
36340
X-LI-UUID
wXkuzxMerBbgbnNUXysAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-eda6
X-CDN-CLIENT-IP-VERSION
IPV6
Vary
Accept-Encoding
Report-To
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
c1792ecf131eac16e06e73545f2b0000
Expires
Sat, 08 Oct 2022 17:23:55 GMT
4e4kai3ejqb6obx8g6x1pjh0p
static-exp1.licdn.com/sc/h/ Frame E890
83 KB
26 KB
Script
General
Full URL
https://static-exp1.licdn.com/sc/h/4e4kai3ejqb6obx8g6x1pjh0p
Requested by
Host: www.linkedin.com
URL: https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6862063190298259456?compact=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
2c7520a69a964496388ef6a3e458f81520ec71be0a0ad2921f44e5ab27dd8774

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
Content-Encoding
gzip
NEL
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-CDN
AKAM
X-LI-Static-Content
1
X-Li-Fabric
prod-ltx1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
25902
X-LI-UUID
PZGPn70csBbwJYzbfCsAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-ltx1
X-CDN-CLIENT-IP-VERSION
IPV6
Vary
Accept-Encoding
Report-To
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
3d918f9fbd1cb016f0258cdb7c2b0000
Expires
Fri, 21 Oct 2022 17:44:25 GMT
video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame 3123
39 KB
10 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video-js.min.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
352286
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9046
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401f-9c5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ni0qzV2kzV%2BXFLXI7uJzN6Jku0j3j8clJWoTN37b5Mp6pZ3WKmV4StqTGExW6NpSVtRGLdiYwtQbD4mAD5QX7dN%2B0aUiZMw9RnQLLoYqNHitzFbLchIQNV0QwtpBglnU0TsqQoBEew1zTm2kMuDbKFv"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311e1ce45c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
video.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame 3123
470 KB
106 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video.min.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19bd09a46cd5735572bec1a138df1d0c1d408767e59c890581a417bdfcd29b25
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1228987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
107564
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401f-757c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muWN7pBgYZNGwCkmAcYlepTrahJwz8vtJgNzgKKy5qjQtYe5PseqpBzKP48RS790V6vBjSN5KqWB%2BiGp33e5AAnl1L0dWqSpH7pKsTMMoB9QZp78heFHtE9T%2Bp30KcTyNYDd%2FV8BoKo0%2FlW9xqX7rRIX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311e1ce55c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
videojs-ie8.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/ Frame 3123
19 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/videojs-ie8.min.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cdefb09aa8ed6fcfcb5ee50239a85d38f1a700653ce9f0420878508c07925ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5259735
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5911
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401e-4a99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71dfuZFhGpMbbbTZKckzJBZIHedDkzu0GJKaw73fFLD8GJx8PK1cehd5vUbq5Y%2BaWyIZpkCtW6QGpN6MQ2Wc4rsnccbzhDBxZaBGHXQE1Uk%2BPYyffa3NOaJYn8xmoxDDbByIMc8G9VsYzcbFEJGtNxQ9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311e1ce75c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
css2
fonts.googleapis.com/ Frame 3123
12 KB
791 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;0,900;1,400&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
135ddf3be68cbef0e9cceae5236cc19c7d000626bfb1eeb22f2848b16bc956d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 23:11:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 23:11:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 23:11:11 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 3123
70 KB
5 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
352514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4216
timing-allow-origin
*
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Q6V%2F4Fz2HjEC3e7QdSf3YYI%2B40%2FPwkKVhpTBWb%2Bgb7wOzZJG%2FYXCAOKaflu7iULJ9ZGwxe7bavPplI1NrX2gcbcalkMXK80hUp2E65EPigY2%2B3IsrhhePAD1Z6XdzkynYrDHzbDfbMFyegnQVDWzB6K"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311e1ce95c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
app.83fff398.css
app.groove.cm/groovevideo/css/ Frame 3123
43 KB
8 KB
Stylesheet
General
Full URL
https://app.groove.cm/groovevideo/css/app.83fff398.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7470e23afe8b590dbe5a5350a2ebd6593b4d652f5b49399b94eae371bd9d8264

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-acdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MxuYcwZ5l5oe7WCXdCZCVzJzBj1qsjBhvRgDSSlss4lwjXwQySeBU8WOTJa%2BQKCPxzawgdZm5kSZ1KQrZzDOyMvfbwUGBLuvgEhrir7t0dDHB1TJESlOC3avAiRhBur1wdVqChBej9%2B2ePuo"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311e1aaa4dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
chunk-vendors.ebe8269c.css
app.groove.cm/groovevideo/css/ Frame 3123
2 MB
210 KB
Stylesheet
General
Full URL
https://app.groove.cm/groovevideo/css/chunk-vendors.ebe8269c.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db3d7cca43f18907ca60fbe5e15a2c8ef50942f78e8cff7db3c4ff296137d89a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-1e274a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxrx9J%2FpndxRRvpGub8%2BzQZ09niL31eLg1shyoDfCPMvA0V61mc%2Fex%2FN0R8PMZVZMtDumXDy8LvFt5wB%2BhwNtemF2c%2Btq2BQJFh7kVV84jP%2FvaERL%2FT0pO3%2BpRvL5c%2B3p58NjR07apZtDntC"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311e1aab4dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
app.1b25fad9.js
app.groove.cm/groovevideo/js/ Frame 3123
1 MB
262 KB
Script
General
Full URL
https://app.groove.cm/groovevideo/js/app.1b25fad9.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8420247bcd42facb01542f3b4560859531da5de681cb5c7a3cb665a572cfefd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-159cec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOFvNFpuRmjrU1S0HJSXwv5BVKx%2B47VFuVL3Rz1NiiMeb8RBHJKbDSaRM%2Br142S3ePPcvaPK00R9Z6czQr6ltld5IMTv%2FuDOvjDbfp7RRASziKunj4zYJqQbPiGBHIkoNyKdKXd7rJ1aOhD6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311e1aac4dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
chunk-vendors.f108d678.js
app.groove.cm/groovevideo/js/ Frame 3123
7 MB
2 MB
Script
General
Full URL
https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c203d1249b1decc01d2cbc954e54adb658fc9a44ef0681502210d50d91832707

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-6c2338"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dztSDPASWZZWmDVO7ETmrLDTAaxBRon6pe75%2B8Sf%2BeV0jrVUeQworzEcdOG7XJj2WsipJ3EMFFpVM1qf3ogx%2FMNbgcrNrml4GoZ9uMAP9Ebb57i%2FyF8xA1ESv%2FyFoeHFY83PhoudgocM%2FfLm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311e1aad4dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
widget.min.js
cdn.productstash.io/js/ Frame 3123
23 KB
6 KB
Script
General
Full URL
https://cdn.productstash.io/js/widget.min.js?v=0.8
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8796e1b1f79080cbb8112a0cf3d1d6cb6ff8dd4b096a323b1486d1702f41020d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
via
1.1 vegur
x-content-type-options
nosniff
cdn-edgestorageid
756
x-dns-prefetch-control
off
cdn-cachedat
09/06/2021 12:25:53
cdn-pullzone
173232
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-DE1-756
last-modified
Mon, 06 Sep 2021 09:41:06 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control
public, max-age=31536000
cdn-requestid
0c24dfce5702ad463f02b434d39f5705
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame DE4C
39 KB
10 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video-js.min.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
352286
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9046
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401f-9c5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qlw5GhiVW6D2qYfxUoLSa2tux4yxe5lNWF2n6HsIqP%2FfgJjS79JKyF1zBtTxJGnTzrYgOrGgpo%2FhdMo795qHeT1INb5buFGDBKb6ZwEMZe%2Bug8AIW3tb07KHtIdNRfqUNE2G8WWfjEmGudZx7Pt5r69J"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311efeac5c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
video.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame DE4C
470 KB
106 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video.min.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19bd09a46cd5735572bec1a138df1d0c1d408767e59c890581a417bdfcd29b25
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1228987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
107564
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401f-757c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGc4fRY93%2FzdXMIXIftDWSuyd4DMLaxjYtF4kgGV3ihY8JUviwCvtD9ZAoJk6iIahCpZ1yPdUpxX2N%2FlNT2Rou%2FwdGrCK2Gz5kUV9i8FXVuNshnOEWKwwyo2tBqmrbv2uAeZv9tSrurVt9AkRgKMUyye"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311efeae5c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
videojs-ie8.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/ Frame DE4C
19 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/videojs-ie8.min.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cdefb09aa8ed6fcfcb5ee50239a85d38f1a700653ce9f0420878508c07925ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5259735
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5911
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401e-4a99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ljh5%2FvkSs%2BIW2eWwo3osNZJyCMdT8BywaxwT3sm3saGIVGjoU6yy6iZjhR%2BQxGm%2B34ElIfWnMOHaZZahHczTQlVwCSVxOtC2HhWDlVUSFTDQvIsWGv9AvFydcDlZAM3pWAPQqXTeIQDAcAVU9rZIFESp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311efeaf5c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
css2
fonts.googleapis.com/ Frame DE4C
12 KB
791 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;0,900;1,400&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
135ddf3be68cbef0e9cceae5236cc19c7d000626bfb1eeb22f2848b16bc956d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 23:11:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 23:11:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 23:11:11 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame DE4C
70 KB
5 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
352514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4216
timing-allow-origin
*
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MrtaQC6ERD6v0xqSvnDJlvlFFlqJHRIMGiQKISu2sZVBoJmlwh%2BIqep5ueRpJwJdO88E4aSJetLdi6LhVWPGSOSe8z0gzuxNiqM4DnqLLyV1COST1wMto6yRYm4veezIx67pa0cV%2BRuy9IVhWkXhOcp"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311efeb05c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
app.83fff398.css
app.groove.cm/groovevideo/css/ Frame DE4C
43 KB
8 KB
Stylesheet
General
Full URL
https://app.groove.cm/groovevideo/css/app.83fff398.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7470e23afe8b590dbe5a5350a2ebd6593b4d652f5b49399b94eae371bd9d8264

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-acdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uvqxXhNl8es8YTYnUh0G632Zpqw9pXEOACLp33QM700aqAW387hIfd3y9H6rn38i53VNtyA%2BcUMAeakwByhrsoFkG6QihPAmw%2BSNxwdZ7IUyymvCbcIDsWP9zkruA05FSFlb42XElp7d4UA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311efbe44dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
chunk-vendors.ebe8269c.css
app.groove.cm/groovevideo/css/ Frame DE4C
2 MB
210 KB
Stylesheet
General
Full URL
https://app.groove.cm/groovevideo/css/chunk-vendors.ebe8269c.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db3d7cca43f18907ca60fbe5e15a2c8ef50942f78e8cff7db3c4ff296137d89a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-1e274a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEmeP8oQuJZCxstJMlUSq22dve7sgw6QJdxO83V7UbDzekpdTgQqrAVkRc7SvJdLCB3q7TqCdA5etbB6Eo4MOnm5I6D1EF4l57jLtrEJKAOhCxlYlVj5EryYj5EvjfJlnkWmm%2BHHIXyTehts"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311efbe64dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
app.1b25fad9.js
app.groove.cm/groovevideo/js/ Frame DE4C
1 MB
262 KB
Script
General
Full URL
https://app.groove.cm/groovevideo/js/app.1b25fad9.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8420247bcd42facb01542f3b4560859531da5de681cb5c7a3cb665a572cfefd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-159cec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZJDr10NWqFL%2FzLahokEZAz6H8mpExHwG3EddIFpDGCVu27N8m%2Foc09I9CnqJ9u6gma4s6PqVO%2B5eC8%2FqoVROqPukcM49WYjZWd6mXvGhXtD245rv%2FQ7qg%2BWUfy8SqQHzXj3pGjnZxwM2gFr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311efbe94dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
chunk-vendors.f108d678.js
app.groove.cm/groovevideo/js/ Frame DE4C
7 MB
2 MB
Script
General
Full URL
https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c203d1249b1decc01d2cbc954e54adb658fc9a44ef0681502210d50d91832707

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-6c2338"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYy4VRQUVw8p9pi8hNE1xYdGS7uV92V6q37CNuwlhYwInRqvh6SUahKd1c%2BMaORBPRe07TSy%2F2UrmasNK0a1EXbcIPSxv3NgkjhD8MXLyu%2Bi%2BSNmdx%2F7AVshIzE17%2FP09V6VRwMdyzmSNk0n"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311efbea4dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
widget.min.js
cdn.productstash.io/js/ Frame DE4C
23 KB
6 KB
Script
General
Full URL
https://cdn.productstash.io/js/widget.min.js?v=0.8
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8796e1b1f79080cbb8112a0cf3d1d6cb6ff8dd4b096a323b1486d1702f41020d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
via
1.1 vegur
x-content-type-options
nosniff
cdn-edgestorageid
756
x-dns-prefetch-control
off
cdn-cachedat
09/06/2021 12:25:53
cdn-pullzone
173232
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-DE1-756
last-modified
Mon, 06 Sep 2021 09:41:06 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control
public, max-age=31536000
cdn-requestid
8d46e71a9f529caedd2668166c4b1bb9
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame 5E6E
39 KB
10 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video-js.min.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
352286
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9046
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401f-9c5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcluRR9yN3B8OfkMXQ8Ek1BDUOVUKv8fOv%2BBrnh8gvdyQnj7vzREdiUl3CrJPmfcnGX6eggXWP0tor9Xb417T%2Bgd95P9GZpW4L7GuI8wBlZbFKjGI6kaWc3e3x4H%2F5uy1ltUGLp5hEq3Al5GPv8cS06E"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311efeb45c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
video.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame 5E6E
470 KB
106 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video.min.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19bd09a46cd5735572bec1a138df1d0c1d408767e59c890581a417bdfcd29b25
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1228987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
107564
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401f-757c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtlAr4o4G4Hw%2FD8U4ZNjURHLnjJWRRxN1HLt%2Bq3qVv%2FTyaoTkX4ah%2Fp9CL52zEMCwgXUmBk5UFM%2FSIDCgPhHKQANLGI9Wz6IPd69JPSAQcq%2FXdr1P3iTD0AKcwq1tSZE5mstnNkORif1NsPFutHD7ErP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311efeb75c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
videojs-ie8.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/ Frame 5E6E
19 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/videojs-ie8.min.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cdefb09aa8ed6fcfcb5ee50239a85d38f1a700653ce9f0420878508c07925ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5259735
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5911
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401e-4a99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqbl%2FgL0%2BUe1Ua57w95Ovxnh2vZFu5y4sNVu7xqTfpdH7Z3ua4bBHwm5bovTds9ExduoEwFVdLxq%2FV85M5fMc7VlkPCSkWYLG2ZQjUybZ0BtEAxRaAsuM3NgFxf4af%2BuiiXnOiH%2FIrlcQgYgkmP8tfgQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311efeb95c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
css2
fonts.googleapis.com/ Frame 5E6E
12 KB
791 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;0,900;1,400&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
135ddf3be68cbef0e9cceae5236cc19c7d000626bfb1eeb22f2848b16bc956d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 22:50:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 23:11:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 23:11:11 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 5E6E
70 KB
5 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
352514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4216
timing-allow-origin
*
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=do9EM6RXkwZtFibO9IuxBdrZW6N7395nlOd5LD%2Fp0tUDJPrmyneMNLGMKBD1xAhNnx8WJRwE6U5c5%2FmP67vkAfSh0IIFf954Svs3GXXXpg0yJA65HPMtxs5XSYqZN%2FjUkA7UHMBXxkdb0xkTkdlcJ5NY"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311efeba5c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
app.83fff398.css
app.groove.cm/groovevideo/css/ Frame 5E6E
43 KB
8 KB
Stylesheet
General
Full URL
https://app.groove.cm/groovevideo/css/app.83fff398.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7470e23afe8b590dbe5a5350a2ebd6593b4d652f5b49399b94eae371bd9d8264

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-acdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1HriNEUa6A2WJa%2FoPJ08aoAGsj9M54x7oMIhcnL4clSRpeCNECp5R3KNS%2F9O%2BvQ490H8CY3BKlp7iq6LBydLu9OEv%2BQpuZJWiF5bdKN02kdGnqjIUh5pjBIUpQm3wmLZDHTgb25WB5SlFcb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311efbef4dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
chunk-vendors.ebe8269c.css
app.groove.cm/groovevideo/css/ Frame 5E6E
2 MB
210 KB
Stylesheet
General
Full URL
https://app.groove.cm/groovevideo/css/chunk-vendors.ebe8269c.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db3d7cca43f18907ca60fbe5e15a2c8ef50942f78e8cff7db3c4ff296137d89a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-1e274a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTALgWU8x8bu3BFr35Nc%2FUdGZednDdUglKXjT9dn5MkrUTbWPQGex3xazbBYK6r%2Fb7YRfTzn4Xpg1lgO48t5SRfaVazIeCgmyZ70AvXnz%2FAbyOxMts6iCmw70w3hXQokPi%2BcOI%2B5YWs0YXf%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311efbf14dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
app.1b25fad9.js
app.groove.cm/groovevideo/js/ Frame 5E6E
1 MB
262 KB
Script
General
Full URL
https://app.groove.cm/groovevideo/js/app.1b25fad9.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8420247bcd42facb01542f3b4560859531da5de681cb5c7a3cb665a572cfefd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-159cec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxeZtnfm5AAjrkx9g2DzxQI9aSpfBR08vRzFXKSDhBb%2B%2FHA0YCUwxh4at1qz8qPGGHKczg7Bj%2FpwnX54BCh21vo8h%2F6GGr544D6sIyL4WzNkFvirp3Bwm%2FR3%2FrFKf51Dj72ER2XkVBkGB0RV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311f0bf24dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
chunk-vendors.f108d678.js
app.groove.cm/groovevideo/js/ Frame 5E6E
7 MB
2 MB
Script
General
Full URL
https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c203d1249b1decc01d2cbc954e54adb658fc9a44ef0681502210d50d91832707

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-6c2338"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPQhUdw1eaSSnCwar9Erju7SDDB8tnXcfLi5AsIoRbshqb5j2mqw3%2FS3ntE2aidPuUftNxZCo9W3yZ57%2F%2FahtmMW%2FH7JkBrn2fN1GciPKAU%2B3VyRrxlZSrWOk4UY7X6ilppXrLSRd%2BZzlfGa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311f0bf74dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
widget.min.js
cdn.productstash.io/js/ Frame 5E6E
23 KB
6 KB
Script
General
Full URL
https://cdn.productstash.io/js/widget.min.js?v=0.8
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8796e1b1f79080cbb8112a0cf3d1d6cb6ff8dd4b096a323b1486d1702f41020d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
via
1.1 vegur
x-content-type-options
nosniff
cdn-edgestorageid
756
x-dns-prefetch-control
off
cdn-cachedat
09/06/2021 12:25:53
cdn-pullzone
173232
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-DE1-756
last-modified
Mon, 06 Sep 2021 09:41:06 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control
public, max-age=31536000
cdn-requestid
751dd05204ea77b3b40dde778582b4c6
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame 2A80
39 KB
10 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video-js.min.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
352286
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9046
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401f-9c5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8h9QGKRnMmiRq5XuvSw9MdVVpBCsFq9aHES0ipQB2SOgHaoNm7sgXUHrQ%2B1RgFEgM9hVjjeeD1n3zcLyRwM9XvO9m%2F3cxbI11%2FO0RT0%2BrWoDNnWW79CgtBzYJsVfAsjSEg0U3pZtFpG6mvwpi1GbyxLp"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311efec25c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
video.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame 2A80
470 KB
106 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video.min.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19bd09a46cd5735572bec1a138df1d0c1d408767e59c890581a417bdfcd29b25
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1228987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
107564
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401f-757c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTnky2KRLGL4yhHGXtNYBiraPDLlTsygSVGOEKufPLH6Ia2FLqA8VbXW0q79JKWj29Cgo8TWpYkaVn324QVv6Ot0DcrpvnNji6LBQWF6MeOIBYZQ8CA26%2B93HfzZBCSFhnfjat9OPLf%2BZowQFbdfiVHK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311f0ecb5c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
videojs-ie8.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/ Frame 2A80
19 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/videojs-ie8.min.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cdefb09aa8ed6fcfcb5ee50239a85d38f1a700653ce9f0420878508c07925ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5259735
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5911
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401e-4a99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h15Oh%2BajhHOHaAsBn%2BJz59DpVGpqgp4BCUKD8FZSQW5e8ohLhexlEx%2BNv9aGBlT%2BiNlxSXufCX6650cHHfmzFfGreDtgekArb4nrtzyJ6kHFcWs2xwSwPAtjCpLEeRW3cuQyFtUyRqpVDf%2FOqVqXSmzk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311f0ece5c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
css2
fonts.googleapis.com/ Frame 2A80
12 KB
791 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;0,900;1,400&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
135ddf3be68cbef0e9cceae5236cc19c7d000626bfb1eeb22f2848b16bc956d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 23:11:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 23:11:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 23:11:11 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 2A80
70 KB
5 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
352514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4216
timing-allow-origin
*
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0rNF6wiPKax24fs89ZFZKN3vrhP5BlPPWiqVQ7Cf22Xaown611RMPJdp7dcjiCX7z4b%2B1eVG3JXFDgkgar0HJ0in6fjFvtoz5l2zFN1z6RQjG8a29ajbj4lD9tANF6bCij7QqlV0dP3JAkdijBB6u0p"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311f0ed95c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
app.83fff398.css
app.groove.cm/groovevideo/css/ Frame 2A80
43 KB
8 KB
Stylesheet
General
Full URL
https://app.groove.cm/groovevideo/css/app.83fff398.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7470e23afe8b590dbe5a5350a2ebd6593b4d652f5b49399b94eae371bd9d8264

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-acdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K34tk8WbuTmKBSUzmICPo1%2FfT2NH0oEKric3VlFbFX%2FhDWlD2QI6NokqjYHxly1Pw1yjI6TxoH0KJ6Bs3ciBvkpwgTe8qcRbS%2FtUogtX9YNQoBIuwgzMRSR71q7fTaAIBYMItb8yA2iHX8CN"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311f0bfe4dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
chunk-vendors.ebe8269c.css
app.groove.cm/groovevideo/css/ Frame 2A80
2 MB
210 KB
Stylesheet
General
Full URL
https://app.groove.cm/groovevideo/css/chunk-vendors.ebe8269c.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db3d7cca43f18907ca60fbe5e15a2c8ef50942f78e8cff7db3c4ff296137d89a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-1e274a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVy4xTL3mdUpFIZfRxuY9lTeb%2F0BcIu26ZbD%2Fwaa1MtrXCQA6ElvN%2B%2FEcKI8bvkc87E47uXU0XPSl3M9RDI7cfUjzkmGNvtyU5HYI0RNsVIct2H02Ihk0BU0nYeWmHsxiLo%2F1ZvsSsHrNQYJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311f0c004dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
app.1b25fad9.js
app.groove.cm/groovevideo/js/ Frame 2A80
1 MB
262 KB
Script
General
Full URL
https://app.groove.cm/groovevideo/js/app.1b25fad9.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8420247bcd42facb01542f3b4560859531da5de681cb5c7a3cb665a572cfefd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-159cec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1ZZQBKgE7E14LYnKc%2FrMl2nm%2BErqvKOLXhEkTsScnz93a7j6RXVQqa6EpHTlUUVegVhi%2FZYFONVrHQy18hMUu9Pm2A3O5dLpjXIiEuqnf9dawCMiYWG%2FIKaRYq%2FCjbA1hwvP4bz%2BmXYFAAR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311f0c014dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
chunk-vendors.f108d678.js
app.groove.cm/groovevideo/js/ Frame 2A80
7 MB
2 MB
Script
General
Full URL
https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c203d1249b1decc01d2cbc954e54adb658fc9a44ef0681502210d50d91832707

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-6c2338"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkuwStJZaFSC2eElP5avpM%2FT20pMAHj3vLT6luvIZOuVBEV%2BwmL6zt%2BIRSf3ehv8LdmcPTTCL%2F6gebuhq9vAlWO9I1iuO488780V4vDe0gEBndRJV0ydTOkxY1GR9CHwtVBX2qe8U9dxDPfQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311f0c024dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
widget.min.js
cdn.productstash.io/js/ Frame 2A80
23 KB
6 KB
Script
General
Full URL
https://cdn.productstash.io/js/widget.min.js?v=0.8
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8796e1b1f79080cbb8112a0cf3d1d6cb6ff8dd4b096a323b1486d1702f41020d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
via
1.1 vegur
x-content-type-options
nosniff
cdn-edgestorageid
756
x-dns-prefetch-control
off
cdn-cachedat
09/06/2021 12:25:53
cdn-pullzone
173232
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-DE1-756
last-modified
Mon, 06 Sep 2021 09:41:06 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control
public, max-age=31536000
cdn-requestid
cb081c8acc735cf9a9c82910e369f334
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame 19F2
39 KB
10 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video-js.min.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
352286
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9046
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401f-9c5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8riQYSi9iqihrJXM2JlaGIg95mKq%2Bvvn8s97sMD8%2FScC21CTNyVAqteLUJKTGqkccJJPsCSX25Im4vgz57wsRWX%2BN730PhKqng4AYzYjI8cJ3wlO%2Fpdv1R5hhw69fHtcjvE3DBDgvt2DW8g8MabDnkI5"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311f0edc5c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
video.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame 19F2
470 KB
106 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video.min.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19bd09a46cd5735572bec1a138df1d0c1d408767e59c890581a417bdfcd29b25
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1228987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
107564
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401f-757c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDXNHd%2FDkcB4LtuS366azCpjwqpPJwZsR2%2Fk8wcXLwOcpKWsvUxqaUBZR8QLO%2BUidnNQ%2BlHFhJl6yzKSV%2BbHzQ%2F6l1thYWwJ48mhACXkLrL8USD8s1JGABORYOr7MTB6oovG1vnJcAch9OaEIRlRY7L0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311f0edd5c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
videojs-ie8.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/ Frame 19F2
19 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/videojs-ie8.min.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cdefb09aa8ed6fcfcb5ee50239a85d38f1a700653ce9f0420878508c07925ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5259735
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5911
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401e-4a99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0MVV8SJzwloQljivaoa%2FM7ldHrQUtdmDqjwUQ4OhraRbmQOptzh86uVCqmhA25sgosr9poKpNwN5ZoL4ubrJYNKJ5cIbNJg4HjpaCLLFIiz7IuIXZBnhY8qTuYOjew6T6d65cp8KJ8ejTUcZRlQjJLP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311f0ede5c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
css2
fonts.googleapis.com/ Frame 19F2
12 KB
791 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;0,900;1,400&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
135ddf3be68cbef0e9cceae5236cc19c7d000626bfb1eeb22f2848b16bc956d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 23:11:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 23:11:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 23:11:11 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 19F2
70 KB
5 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
352514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4216
timing-allow-origin
*
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D54WN7FEpRZhUDehTQp%2BTbC3Tlo%2Bmuzc%2F7mpBcw%2B53eVEDeoLtrLpwiljH0jUyL6wMSQMVQdmzpm%2BWI9477%2BHZ2YkIQsTcrDkA5ulT%2BdadHLp00gy0K7ra3OJGcz69kH5j99pXalyeizQXdbph%2B8obC9"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311f0ee05c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
app.83fff398.css
app.groove.cm/groovevideo/css/ Frame 19F2
43 KB
8 KB
Stylesheet
General
Full URL
https://app.groove.cm/groovevideo/css/app.83fff398.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7470e23afe8b590dbe5a5350a2ebd6593b4d652f5b49399b94eae371bd9d8264

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-acdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbglwY6dB8ToOv0rNHgf6IXzs6B0Y%2FA2lAByuR7G4WH9eUOwPDOuCcxD%2FkFZ4PmuhdBTEB1yZjOQrVDXTQe0R8AFy9i4%2FF49UJLq1I97oxHrJD57numjESwnMAyLIyBDl6KjmqvS%2Fi7uiAd7"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311f0c044dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
chunk-vendors.ebe8269c.css
app.groove.cm/groovevideo/css/ Frame 19F2
2 MB
210 KB
Stylesheet
General
Full URL
https://app.groove.cm/groovevideo/css/chunk-vendors.ebe8269c.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db3d7cca43f18907ca60fbe5e15a2c8ef50942f78e8cff7db3c4ff296137d89a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-1e274a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGt3soYQquv0Os3j8%2F3BGzNdrsqFoX3qX%2BzmtW6wPcL0nfuELZg2RIWa2lfrB2G%2BvGUap1EPBxVZ71HyFyFuBMMKEEK%2FpSpo5L%2Fr2gMk78Phr6Tk8ZeR2Ck%2FjY%2BrkZdXfhlSfkYwZJr09yj1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311f0c054dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
app.1b25fad9.js
app.groove.cm/groovevideo/js/ Frame 19F2
1 MB
262 KB
Script
General
Full URL
https://app.groove.cm/groovevideo/js/app.1b25fad9.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8420247bcd42facb01542f3b4560859531da5de681cb5c7a3cb665a572cfefd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-159cec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Di%2BhW2zVeWr2cA5K0IC%2BeN4QI6qFhl9Q1nxYxDuCfjswrbCX%2Bh53JMs4Z9bxj6RU6PTy0w9RiDCXCs2K8%2BL8o%2B5INitzsb%2FWt%2BfrW85PLUeAgsWy1v6QyVsHAK24L1rdwdF%2FNaLSTAxs69S0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311f0c064dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
chunk-vendors.f108d678.js
app.groove.cm/groovevideo/js/ Frame 19F2
7 MB
2 MB
Script
General
Full URL
https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c203d1249b1decc01d2cbc954e54adb658fc9a44ef0681502210d50d91832707

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-6c2338"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yi5FJLNev1FH%2FEErDliFBF6JfW3ipltP9kv%2FAj2dSJcvtoQYV01HpQVO4yMyuyztHoxgGkvh5gHEmgwIiliEzH%2Bw5izVe%2BXknAsiM1ZmQK9GLCItVMv2vKWTkvbF8ZuGKYjoCPQhqdYOrQrv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311f0c074dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
widget.min.js
cdn.productstash.io/js/ Frame 19F2
23 KB
6 KB
Script
General
Full URL
https://cdn.productstash.io/js/widget.min.js?v=0.8
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8796e1b1f79080cbb8112a0cf3d1d6cb6ff8dd4b096a323b1486d1702f41020d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
via
1.1 vegur
x-content-type-options
nosniff
cdn-edgestorageid
756
x-dns-prefetch-control
off
cdn-cachedat
09/06/2021 12:25:53
cdn-pullzone
173232
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-DE1-756
last-modified
Mon, 06 Sep 2021 09:41:06 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control
public, max-age=31536000
cdn-requestid
0baf12f6abf3c457274e6ab36eb1d389
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame A047
39 KB
10 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video-js.min.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
352286
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9046
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401f-9c5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7n9kGMWq3mSOTe5147ol0C%2BTtn9xXsGsfdhrKYrgLSadEM1mWpepN%2FbtrbgzLmOcuyIpC65wIxYyv8%2B3XfHHp6mz5Xojh6zr0HhWqg7xa51LOHLi4MJbNPHPH9N7xHykqlNkZtlbjTLl%2FPNznxJrX7S"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311f0ef05c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
video.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame A047
470 KB
106 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video.min.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19bd09a46cd5735572bec1a138df1d0c1d408767e59c890581a417bdfcd29b25
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1228987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
107564
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401f-757c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRJGj%2BSol0O22KeUo17Xz3BNlq7OgL1xUCyKIds6aSVADhP0YtxvTEDPhovH8SlM%2Bod6Lx9E3z38RWWfZDsYJYmqEt%2BWT8Q%2BnJXv494LLpMZAeFEO0Xsb7okzd0IIILnvdJYbGZVUdcqGyfYQ%2FAnPrW%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311f0ef35c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
videojs-ie8.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/ Frame A047
19 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/videojs-ie8.min.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cdefb09aa8ed6fcfcb5ee50239a85d38f1a700653ce9f0420878508c07925ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5259735
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5911
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401e-4a99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sD%2BQPTOtrZrjmCOAhUAu%2FNPlq0B3tK%2Fk8HaNY%2FDsqIpIXN%2FhJ1cFGFOjXxJlrzltvceqiKxHiQDAacgHOMsIdPnx1TPFemG9O0X8%2BtN9XfK2OUSl%2FX3jqwoL7HfYtBcagCDxxbHiDgrO4ulRYxwbSaPa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311f1ef55c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
css2
fonts.googleapis.com/ Frame A047
12 KB
791 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;0,900;1,400&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
135ddf3be68cbef0e9cceae5236cc19c7d000626bfb1eeb22f2848b16bc956d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 23:11:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 23:11:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 23:11:11 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame A047
70 KB
5 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
352514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4216
timing-allow-origin
*
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMqeu6EOgIXAeJt2lAz%2BqoesoEVLk1pQHnCOdM%2FIk7211WE3%2FaQGTXePRQ4%2BGZt%2F5ezPmBI%2BhKr%2BDqXA0en9oFagk9SVz6zfYqJ3im56WGB6Fb%2F6GXMIU7eTo3pradCz%2FmMrKAGztMcvik8UdlhJ28xi"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99311f1ef65c02-FRA
expires
Sat, 26 Nov 2022 23:11:11 GMT
app.83fff398.css
app.groove.cm/groovevideo/css/ Frame A047
43 KB
9 KB
Stylesheet
General
Full URL
https://app.groove.cm/groovevideo/css/app.83fff398.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7470e23afe8b590dbe5a5350a2ebd6593b4d652f5b49399b94eae371bd9d8264

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-acdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPMtJgbsc4PWdesSYHqb%2BI3uX0Qus4iOZ%2FCJMmwFVqSrueS0Y%2F8SLaMp4oFJH7lgVlGyYv8Wy%2FvVsY6%2FN5JMlE3X9%2BvxzxxQ3aTPvmc4O8gaIctwgIRnZShSx9Wdd8pQd%2BGz6kTkdIWHYwJq"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311f1c264dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
chunk-vendors.ebe8269c.css
app.groove.cm/groovevideo/css/ Frame A047
2 MB
210 KB
Stylesheet
General
Full URL
https://app.groove.cm/groovevideo/css/chunk-vendors.ebe8269c.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db3d7cca43f18907ca60fbe5e15a2c8ef50942f78e8cff7db3c4ff296137d89a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-1e274a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sCVIHbuYhBb%2BMcIIdrHOJP90GZCYt89SULXjMz32qs9w%2Fc1kp6R%2BP%2FgndkNOgz%2B51mLQF8WtlQwTvHE3m8bgYT8MWiLdW%2F9pv9C7bp422eTo339Og%2F4h%2FBaWpw4DtYqV%2Bd%2FuLJjRVKgy1BA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311f1c284dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
app.1b25fad9.js
app.groove.cm/groovevideo/js/ Frame A047
1 MB
262 KB
Script
General
Full URL
https://app.groove.cm/groovevideo/js/app.1b25fad9.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8420247bcd42facb01542f3b4560859531da5de681cb5c7a3cb665a572cfefd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-159cec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nb5Jw2u%2BBuxrKA1foqSSs8ti%2FiM29jmvpcCKD6LDAaKD%2FqfUuBpezYST7aaK%2B6xr8YLPiX4DpqwSyhxQMEN5Rx%2Brb%2FjBC%2F1E%2BqxoWsffY1bLufggDSec00YjiCXqhNFgiDTOEx%2FHdIi8pJy3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311f1c2a4dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
chunk-vendors.f108d678.js
app.groove.cm/groovevideo/js/ Frame A047
7 MB
2 MB
Script
General
Full URL
https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c203d1249b1decc01d2cbc954e54adb658fc9a44ef0681502210d50d91832707

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:27:10 GMT
server
cloudflare
age
562
etag
W/"61ae1dbe-6c2338"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkgAt0FV4Q8HrdOLFEPlC97XKndyhEAidhTdcXWlzzaf%2FWq3qG7B%2BktjlhHj3fKOPLhxRDZv7AanUiENla4nEixanvQpOG%2BHOUU%2FY%2F%2BbPI4IhR3kgrjXcjQ6vMsm9WhdQHfvP0ktqFwLz0Vo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b99311f1c2c4dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
widget.min.js
cdn.productstash.io/js/ Frame A047
23 KB
6 KB
Script
General
Full URL
https://cdn.productstash.io/js/widget.min.js?v=0.8
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8796e1b1f79080cbb8112a0cf3d1d6cb6ff8dd4b096a323b1486d1702f41020d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
via
1.1 vegur
x-content-type-options
nosniff
cdn-edgestorageid
756
x-dns-prefetch-control
off
cdn-cachedat
09/06/2021 12:25:53
cdn-pullzone
173232
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-DE1-756
last-modified
Mon, 06 Sep 2021 09:41:06 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control
public, max-age=31536000
cdn-requestid
572ea8843fcbba890849adfbcef2af29
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
id
googleads.g.doubleclick.net/pagead/ Frame 8D69
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/k2m2g3U0KIQ?rel=0&modestbranding=1&controls=1
Protocol
H3
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa654c1b25f1dae724626b9c50b6f709feb3144f63763cbccb830e176279fb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 06 Dec 2021 23:11:11 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 8D69
29 B
588 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:05:27 GMT
x-content-type-options
nosniff
age
344
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 06 Dec 2021 23:20:27 GMT
www-widgetapi.js
www.youtube.com/s/player/8040e515/www-widgetapi.vflset/
148 KB
48 KB
Script
General
Full URL
https://www.youtube.com/s/player/8040e515/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28a367ad31b0c6d2f4f3811be3a1b0f222edf79f01e4908a92dd0cac1ce781b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 18:24:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
17198
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49081
x-xss-protection
0
last-modified
Sun, 05 Dec 2021 00:07:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Dec 2022 18:24:33 GMT
51paimf5863zz4wq4efe56why
static-exp1.licdn.com/sc/h/ Frame E890
340 B
1 KB
Image
General
Full URL
https://static-exp1.licdn.com/sc/h/51paimf5863zz4wq4efe56why
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
c100ebbbb34b73f2c4672e3130019d5f3f7de3129332578f7094c9ff36dc69bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
Content-Type
image/svg+xml
NEL
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-CDN
AKAM
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
340
X-LI-UUID
iNgd4yZ8dxYQ+ZjzJysAAA==
Server
Play
Timing-Allow-Origin
*
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-eda6
X-CDN-CLIENT-IP-VERSION
IPV6
Report-To
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
X-Li-Fabric
prod-ltx1
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
X-LI-Static-Content
1
X-FS-UUID
2967b627b0687716e0af546c2c2b0000
Expires
Wed, 20 Apr 2022 00:14:56 GMT
3g68cnardz6vbv25s4xdglixo
static-exp1.licdn.com/sc/h/ Frame E890
415 B
1 KB
Image
General
Full URL
https://static-exp1.licdn.com/sc/h/3g68cnardz6vbv25s4xdglixo
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
1f61724b0bacc9702251ea70613bd8765bd880591dc18542d1ebc7491f7d4b2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
415
X-LI-UUID
1qwbzyd8dxZQLqiRmCsAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-edc2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
d6ac1bcf277c7716502ea891982b0000
Expires
Wed, 20 Apr 2022 06:11:41 GMT
469pk4qwqr71px3afmm9prany
static-exp1.licdn.com/sc/h/ Frame E890
355 B
1 KB
Image
General
Full URL
https://static-exp1.licdn.com/sc/h/469pk4qwqr71px3afmm9prany
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
3e115db586cb8af4f7295eff8bebaf5da24bf3568764c9b63ba8a047e09625d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
X-LI-Static-Content
1
NEL
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-CDN
AKAM
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
355
X-LI-UUID
LyDGzid8dxYQXRB8/SoAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-edc2
X-CDN-CLIENT-IP-VERSION
IPV6
Report-To
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
2f20c6ce277c7716105d107cfd2a0000
Expires
Wed, 20 Apr 2022 06:11:41 GMT
7frb88uumrn0jl7oiyofxthci
static-exp1.licdn.com/sc/h/ Frame E890
384 B
1 KB
Image
General
Full URL
https://static-exp1.licdn.com/sc/h/7frb88uumrn0jl7oiyofxthci
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
2ce52e71de9cc9b738b21da87e2bc54efd4d4838896209eff6f5fa527c235bf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
384
X-LI-UUID
JZhyDyh8dxaw9BqA7ioAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-lva1
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
2598720f287c7716b0f41a80ee2a0000
Expires
Wed, 20 Apr 2022 06:11:42 GMT
73lwy6uyd30a5j4qmibmkeu3u
static-exp1.licdn.com/sc/h/ Frame E890
433 B
1 KB
Image
General
Full URL
https://static-exp1.licdn.com/sc/h/73lwy6uyd30a5j4qmibmkeu3u
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
436ffab971d8583a8b6f381a5982ccb1e50a565417e677e2a30af42807fe604a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
433
X-LI-UUID
g3D0xu+kdxbwCeoVQSsAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-ech2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
8370f4c6efa47716f009ea15412b0000
Expires
Wed, 20 Apr 2022 18:39:03 GMT
6q2ztc8el1ffd1w46cwwgr95d
static-exp1.licdn.com/sc/h/ Frame E890
334 B
1 KB
Image
General
Full URL
https://static-exp1.licdn.com/sc/h/6q2ztc8el1ffd1w46cwwgr95d
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
0ec5dddd968957faac72de4f8937dbbe564403e379cd293852f2e9110117fd80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT, TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
334
X-LI-UUID
Z0A2Uih8dxYwFEIGjSsAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-edc2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
67403652287c7716301442068d2b0000
Expires
Wed, 20 Apr 2022 06:11:43 GMT
c0tu4fqjzwahww3f3kaxjvd1e
static-exp1.licdn.com/sc/h/ Frame E890
411 B
1 KB
Image
General
Full URL
https://static-exp1.licdn.com/sc/h/c0tu4fqjzwahww3f3kaxjvd1e
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
6b669821b43d99d2c6a8eac812b9c57377e4646719030a9f27355d5023acf719

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
411
X-LI-UUID
Y/YbXCh8dxaQXYkfECsAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-ech2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
63f61b5c287c7716905d891f102b0000
Expires
Wed, 20 Apr 2022 06:11:43 GMT
47d6m6cqlp1rwpmpk2rodukxv
static-exp1.licdn.com/sc/h/ Frame E890
502 B
1 KB
Image
General
Full URL
https://static-exp1.licdn.com/sc/h/47d6m6cqlp1rwpmpk2rodukxv
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
67f95083b1a9b454edfb246c56f8e5f5a090d2443506198f921829253971ffd3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
X-LI-Static-Content
1
NEL
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-CDN
AKAM
X-Li-Fabric
prod-ltx1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT, TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
502
X-LI-UUID
e1bltCh8dxaAxmINzSoAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-eda6
X-CDN-CLIENT-IP-VERSION
IPV6
Report-To
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
7b56e5b4287c771680c6620dcd2a0000
Expires
Wed, 20 Apr 2022 06:11:45 GMT
remote.js
www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/ Frame 8D69
94 KB
29 KB
Script
General
Full URL
https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c3adb86cfa340f1bc98bc36d09dd5d1aad7590641f4fcf893328d1e9da6b7f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/k2m2g3U0KIQ?rel=0&modestbranding=1&controls=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 01:31:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
164397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29853
x-xss-protection
0
last-modified
Sun, 05 Dec 2021 00:07:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 05 Dec 2022 01:31:14 GMT
X91DEWQIO8k93DoQiyzxLpOdvXUBhBD4UdpkLUEPiVw.js
www.google.com/js/th/ Frame 8D69
35 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/X91DEWQIO8k93DoQiyzxLpOdvXUBhBD4UdpkLUEPiVw.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fdd431164083bc93ddc3a108b2cf12e939dbd75018410f851da642d410f895c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
493325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13448
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 17:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Dec 2022 06:09:06 GMT
embed.js
www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/ Frame 8D69
24 KB
7 KB
Script
General
Full URL
https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3697e3d917558effa3f5954febde4851eaedce36c31ba854ef067187c875829e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/k2m2g3U0KIQ?rel=0&modestbranding=1&controls=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 01:31:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
164389
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
last-modified
Sun, 05 Dec 2021 00:07:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 05 Dec 2022 01:31:22 GMT
truncated
/ Frame 8D69
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
AKedOLTk0P9JlFNQszliNuUzbKmQ7_NcX9zrA0y6kwUx6ZU=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 8D69
3 KB
3 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AKedOLTk0P9JlFNQszliNuUzbKmQ7_NcX9zrA0y6kwUx6ZU=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/k2m2g3U0KIQ?rel=0&modestbranding=1&controls=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
64c4990ff050aa54a5b8d156e98888ee541111d8ee19902812643981c1ef520d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 22:14:24 GMT
x-content-type-options
nosniff
age
3407
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2775
x-xss-protection
0
server
fife
etag
"vb88f"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 18 Nov 2021 03:56:25 GMT
sddefault.webp
i.ytimg.com/vi_webp/k2m2g3U0KIQ/ Frame 8D69
15 KB
16 KB
Image
General
Full URL
https://i.ytimg.com/vi_webp/k2m2g3U0KIQ/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/k2m2g3U0KIQ?rel=0&modestbranding=1&controls=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ae979524c72d4dddb9eb671d8fd41c8e46b0df00111d65cc421ffd54e92f26c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
server
sffe
etag
"1602101718"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 07 Dec 2021 01:11:11 GMT
51paimf5863zz4wq4efe56why
static-exp1.licdn.com/sc/h/ Frame 117A
340 B
1 KB
Image
General
Full URL
https://static-exp1.licdn.com/sc/h/51paimf5863zz4wq4efe56why
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
c100ebbbb34b73f2c4672e3130019d5f3f7de3129332578f7094c9ff36dc69bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
Content-Type
image/svg+xml
NEL
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-CDN
AKAM
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
340
X-LI-UUID
iNgd4yZ8dxYQ+ZjzJysAAA==
Server
Play
Timing-Allow-Origin
*
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-eda6
X-CDN-CLIENT-IP-VERSION
IPV6
Report-To
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
X-Li-Fabric
prod-ltx1
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
X-LI-Static-Content
1
X-FS-UUID
2967b627b0687716e0af546c2c2b0000
Expires
Wed, 20 Apr 2022 00:14:56 GMT
3g68cnardz6vbv25s4xdglixo
static-exp1.licdn.com/sc/h/ Frame 117A
415 B
1 KB
Image
General
Full URL
https://static-exp1.licdn.com/sc/h/3g68cnardz6vbv25s4xdglixo
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
1f61724b0bacc9702251ea70613bd8765bd880591dc18542d1ebc7491f7d4b2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
415
X-LI-UUID
1qwbzyd8dxZQLqiRmCsAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-edc2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
d6ac1bcf277c7716502ea891982b0000
Expires
Wed, 20 Apr 2022 06:11:41 GMT
469pk4qwqr71px3afmm9prany
static-exp1.licdn.com/sc/h/ Frame 117A
355 B
1 KB
Image
General
Full URL
https://static-exp1.licdn.com/sc/h/469pk4qwqr71px3afmm9prany
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
3e115db586cb8af4f7295eff8bebaf5da24bf3568764c9b63ba8a047e09625d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
X-LI-Static-Content
1
NEL
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-CDN
AKAM
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
355
X-LI-UUID
LyDGzid8dxYQXRB8/SoAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-edc2
X-CDN-CLIENT-IP-VERSION
IPV6
Report-To
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
2f20c6ce277c7716105d107cfd2a0000
Expires
Wed, 20 Apr 2022 06:11:41 GMT
7frb88uumrn0jl7oiyofxthci
static-exp1.licdn.com/sc/h/ Frame 117A
384 B
1 KB
Image
General
Full URL
https://static-exp1.licdn.com/sc/h/7frb88uumrn0jl7oiyofxthci
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
2ce52e71de9cc9b738b21da87e2bc54efd4d4838896209eff6f5fa527c235bf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
384
X-LI-UUID
JZhyDyh8dxaw9BqA7ioAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-lva1
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
2598720f287c7716b0f41a80ee2a0000
Expires
Wed, 20 Apr 2022 06:11:42 GMT
73lwy6uyd30a5j4qmibmkeu3u
static-exp1.licdn.com/sc/h/ Frame 117A
433 B
1 KB
Image
General
Full URL
https://static-exp1.licdn.com/sc/h/73lwy6uyd30a5j4qmibmkeu3u
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
436ffab971d8583a8b6f381a5982ccb1e50a565417e677e2a30af42807fe604a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
433
X-LI-UUID
g3D0xu+kdxbwCeoVQSsAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-ech2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
8370f4c6efa47716f009ea15412b0000
Expires
Wed, 20 Apr 2022 18:39:03 GMT
6q2ztc8el1ffd1w46cwwgr95d
static-exp1.licdn.com/sc/h/ Frame 117A
334 B
1 KB
Image
General
Full URL
https://static-exp1.licdn.com/sc/h/6q2ztc8el1ffd1w46cwwgr95d
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
0ec5dddd968957faac72de4f8937dbbe564403e379cd293852f2e9110117fd80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT, TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
334
X-LI-UUID
Z0A2Uih8dxYwFEIGjSsAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-edc2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
67403652287c7716301442068d2b0000
Expires
Wed, 20 Apr 2022 06:11:43 GMT
c0tu4fqjzwahww3f3kaxjvd1e
static-exp1.licdn.com/sc/h/ Frame 117A
411 B
1 KB
Image
General
Full URL
https://static-exp1.licdn.com/sc/h/c0tu4fqjzwahww3f3kaxjvd1e
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
6b669821b43d99d2c6a8eac812b9c57377e4646719030a9f27355d5023acf719

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
411
X-LI-UUID
Y/YbXCh8dxaQXYkfECsAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-ech2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
63f61b5c287c7716905d891f102b0000
Expires
Wed, 20 Apr 2022 06:11:43 GMT
47d6m6cqlp1rwpmpk2rodukxv
static-exp1.licdn.com/sc/h/ Frame 117A
502 B
1 KB
Image
General
Full URL
https://static-exp1.licdn.com/sc/h/47d6m6cqlp1rwpmpk2rodukxv
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
67f95083b1a9b454edfb246c56f8e5f5a090d2443506198f921829253971ffd3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:11 GMT
X-LI-Static-Content
1
NEL
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-CDN
AKAM
X-Li-Fabric
prod-ltx1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT, TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
502
X-LI-UUID
e1bltCh8dxaAxmINzSoAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-eda6
X-CDN-CLIENT-IP-VERSION
IPV6
Report-To
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
7b56e5b4287c771680c6620dcd2a0000
Expires
Wed, 20 Apr 2022 06:11:45 GMT
4ad23c88-a971-49a3-97f0-16b954498cde
https://app.groove.cm/ Frame 3123
31 B
0
Other
General
Full URL
blob:https://app.groove.cm/4ad23c88-a971-49a3-97f0-16b954498cde
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
pptm.js
www.paypal.com/tagmanager/ Frame DB7D
12 KB
6 KB
Script
General
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=posting4profitnow.groovesell.com&source=checkoutjs&t=xo&v=4.0.331
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
442035f71c10d96bf7fa6efe89aca7705495cfc40909bb70ad22fc4a9c091781
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-qV6vWuXEuS+RroMkwy0sh85g2s2XgifGhIM4FSR+O6Mme/Rz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
196
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-qV6vWuXEuS+RroMkwy0sh85g2s2XgifGhIM4FSR+O6Mme/Rz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
0
paypal-debug-id
ae85c1655c30c
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
4321
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
date
Mon, 06 Dec 2021 23:11:11 GMT
strict-transport-security
max-age=63072000
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
etag
W/"2ef4-3xgck+FFolYd+Y4aULz7wuzevMY"
AcceptCore.js
js.authorize.net/v1/ Frame DB7D
9 KB
3 KB
Script
General
Full URL
https://js.authorize.net/v1/AcceptCore.js
Requested by
Host: js.authorize.net
URL: https://js.authorize.net/v1/Accept.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.18.9.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 10 Sep 2019 23:26:44 GMT
server
cloudflare
age
3458
etag
W/"092b352f68d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=432000
cf-ray
6b993121c98071e0-LHR
expires
Sat, 11 Dec 2021 23:11:11 GMT
AcceptCore.js
js.authorize.net/v1/ Frame DB7D
9 KB
3 KB
XHR
General
Full URL
https://js.authorize.net/v1/AcceptCore.js
Requested by
Host: js.authorize.net
URL: https://js.authorize.net/v1/Accept.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.18.9.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 10 Sep 2019 23:26:44 GMT
server
cloudflare
etag
W/"092b352f68d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=432000
cf-ray
6b99312228e55494-MAN
expires
Sat, 11 Dec 2021 23:11:11 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ Frame DB7D
59 KB
13 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=4c9b43643d
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4c9b43643d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGuvsUQE8lwUWyuqhWcznVk8Um3vCzV6U0jEbEJKx0nThIVvw0PVy4SPOgdlHAo1IksLOJsFNMv6zX1utQP0YPRK001hpC6%2Fbxfs4zWlu2%2FujzyFDHB3hb6iCv%2FOzDK1k5HDQlPtI7uDhwN8hulTQBitqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6b993121cc7f4edf-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
0BfEhtp2wPa9x3BCrQg4qpWtXJohHosgkbWuyQAiI3DPuNmygzfxWg==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ Frame DB7D
26 KB
5 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=4c9b43643d
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4c9b43643d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
via
1.1 6e8224d5f2990b031ca60a58f18ac909.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgAEyAer%2BM0BS7QyKwXbUunDc%2F7UyxDGD89him6Y%2BrGX76YyS%2Fm2XABjZQ7Bb30SMcreFnXTKQL4tj%2Fd1Sxl%2FekAVuXVZ8%2B4YYbGOfejn1qoSfDrbZR8AQi4PYqeoU4m%2FVcs5H2qVQxvNBdCcoRKskyLsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6b993121cc834edf-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
1BwVW13jMlIvII5bLhKwOycKJtWriqYJqBiW1ymAwNQLzgx3aqGQYw==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ Frame DB7D
3 KB
2 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=4c9b43643d
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4c9b43643d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
via
1.1 2a6277094357eb47f8dbeacb06ed96c3.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcjuIkrRkTXkXJFtJr1cC86BeH46EbRuY0URJtboGj3EiID40slAWcLrqaomjrUvjKb1EtTYV1pxMZvLQcWVNolq%2B4CUdmadTvu4qFM7klr0t3u91X2qk%2Fpu%2FiRrAxd2ChbydB8p%2Bf8EL84uN1%2Bl3r4qQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6b993121cc844edf-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
34XacYwjWTvVOW0r1oIw0vIiliEsPfUvw1-hvnEXB_0YlPYX7PqBYA==
gtm.js
www.googletagmanager.com/ Frame 19F2
197 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
232c74c685722aebd899fad3b7d35f72e2388d07bcbaeac2c6736d5ec914db74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69893
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Dec 2021 23:11:11 GMT
gtm.js
www.googletagmanager.com/ Frame 3123
197 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
232c74c685722aebd899fad3b7d35f72e2388d07bcbaeac2c6736d5ec914db74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69893
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Dec 2021 23:11:11 GMT
bf5dad49-945b-4408-8e76-5d528deb22e3
https://app.groove.cm/ Frame DE4C
31 B
0
Other
General
Full URL
blob:https://app.groove.cm/bf5dad49-945b-4408-8e76-5d528deb22e3
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
9eda809c-87e8-4a8f-b9b0-490b5f79ee57
https://app.groove.cm/ Frame 5E6E
31 B
0
Other
General
Full URL
blob:https://app.groove.cm/9eda809c-87e8-4a8f-b9b0-490b5f79ee57
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
gtm.js
www.googletagmanager.com/ Frame DE4C
197 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
65d18f4ff4f91588c6f982c7c3406c528ba9b1a5ff1cad205f85b3f6d2045401
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69893
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Dec 2021 23:11:11 GMT
gtm.js
www.googletagmanager.com/ Frame 5E6E
197 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
65d18f4ff4f91588c6f982c7c3406c528ba9b1a5ff1cad205f85b3f6d2045401
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69893
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Dec 2021 23:11:11 GMT
gtm.js
www.googletagmanager.com/ Frame 2A80
197 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
232c74c685722aebd899fad3b7d35f72e2388d07bcbaeac2c6736d5ec914db74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69893
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Dec 2021 23:11:11 GMT
38615add-9052-4757-8f5b-92453c37d2f8
https://app.groove.cm/ Frame 2A80
31 B
0
Other
General
Full URL
blob:https://app.groove.cm/38615add-9052-4757-8f5b-92453c37d2f8
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
2fcb0163-876b-4070-aa94-5df2745017ec
https://app.groove.cm/ Frame 19F2
31 B
0
Other
General
Full URL
blob:https://app.groove.cm/2fcb0163-876b-4070-aa94-5df2745017ec
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
10fde363-2499-4d6b-8861-793de38357e3
https://app.groove.cm/ Frame A047
31 B
0
Other
General
Full URL
blob:https://app.groove.cm/10fde363-2499-4d6b-8861-793de38357e3
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
gtm.js
www.googletagmanager.com/ Frame A047
197 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
232c74c685722aebd899fad3b7d35f72e2388d07bcbaeac2c6736d5ec914db74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69893
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Dec 2021 23:11:11 GMT
17.affcfc.js
posting4profitnow.groovesell.com/js/ Frame DB7D
9 KB
2 KB
Script
General
Full URL
https://posting4profitnow.groovesell.com/js/17.affcfc.js
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/admin/js_new/app.503b59.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ce4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b76ffa9ec8fc1d4d4c76cafcbc553b96f50bfb939d6b2114a78037dd170697e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:12 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 20 Nov 2021 21:53:25 GMT
server
cloudflare
etag
"25b2-5d13f6bccca7d-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6b9931239ebf0e16-MXP
content-length
1804
expires
Tue, 07 Dec 2021 03:11:12 GMT
0.bb513b.js
posting4profitnow.groovesell.com/js/ Frame DB7D
11 KB
3 KB
Script
General
Full URL
https://posting4profitnow.groovesell.com/js/0.bb513b.js
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/admin/js_new/app.503b59.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ce4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a78b43ec005d899f44d443fc2cc382d7bdd3ea4d2647aeee8884054ed5a0e8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:12 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 20 Nov 2021 21:53:25 GMT
server
cloudflare
etag
"2a81-5d13f6bccbadd-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6b9931241fb10e16-MXP
content-length
3079
expires
Tue, 07 Dec 2021 03:11:12 GMT
1.eb51af.js
posting4profitnow.groovesell.com/js/ Frame DB7D
47 KB
11 KB
Script
General
Full URL
https://posting4profitnow.groovesell.com/js/1.eb51af.js
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/admin/js_new/app.503b59.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ce4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46352a414ffc31b3d48eb8261f9ab8163ed296bca542ca077263ec37fdde92d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:12 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 20 Nov 2021 21:53:25 GMT
server
cloudflare
etag
"bceb-5d13f6bccca7d-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6b9931241fb70e16-MXP
content-length
11526
expires
Tue, 07 Dec 2021 03:11:12 GMT
2.5478c8.js
posting4profitnow.groovesell.com/js/ Frame DB7D
2 MB
526 KB
Script
General
Full URL
https://posting4profitnow.groovesell.com/js/2.5478c8.js
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/admin/js_new/app.503b59.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ce4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48b63a86dbf057c0dfe41a58fb4df58c6a5739b61fdc3f3dc99fa8558aca2428

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:12 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 20 Nov 2021 21:53:25 GMT
server
cloudflare
etag
"18af81-5d13f6bccca7d-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
6b9931241fb80e16-MXP
expires
Tue, 07 Dec 2021 03:11:12 GMT
3.b9a3f6.js
posting4profitnow.groovesell.com/js/ Frame DB7D
261 KB
63 KB
Script
General
Full URL
https://posting4profitnow.groovesell.com/js/3.b9a3f6.js
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/admin/js_new/app.503b59.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ce4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0423d4ef57f29acb7a710aa87d0652e1272ec8ae1d2105d0f87dcd744e263847

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:12 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 20 Nov 2021 21:53:25 GMT
server
cloudflare
etag
"4148c-5d13f6bccca7d-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
6b9931241fb90e16-MXP
expires
Tue, 07 Dec 2021 03:11:12 GMT
5.752635.js
posting4profitnow.groovesell.com/js/ Frame DB7D
717 KB
50 KB
Script
General
Full URL
https://posting4profitnow.groovesell.com/js/5.752635.js
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/admin/js_new/app.503b59.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ce4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81d4b4f24fb3f8b129fb7af486e3f70658e8a86dc82c9e1c190e07045085dd0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:12 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 20 Nov 2021 21:53:25 GMT
server
cloudflare
etag
"b35af-5d13f6bccca7d-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6b9931241fba0e16-MXP
content-length
50832
expires
Tue, 07 Dec 2021 03:11:12 GMT
css2
fonts.googleapis.com/ Frame DB7D
709 KB
136 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09beb243bc525f7408a734441a247a66b49e2dfec0c93c408a481d032f28da7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 23:11:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 23:11:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 23:11:12 GMT
7bb5bf2njdprrp4wv4eqz4i4h
static-exp1.licdn.com/sc/h/ Frame E890
654 B
1 KB
XHR
General
Full URL
https://static-exp1.licdn.com/sc/h/7bb5bf2njdprrp4wv4eqz4i4h
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
68685d1fa84322a42413024bc6792ae3d97f4daf63a881fea3502895c6d0a416

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:12 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT
Connection
keep-alive
Content-Length
654
X-LI-UUID
gmIf8h84hhbQwmqKkCsAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-edc2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
82621ff21f388616d0c26a8a902b0000
Expires
Tue, 07 Jun 2022 06:13:45 GMT
9o71zaq93i9n81gqlmjh748p7
static-exp1.licdn.com/sc/h/ Frame E890
255 B
912 B
XHR
General
Full URL
https://static-exp1.licdn.com/sc/h/9o71zaq93i9n81gqlmjh748p7
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
531f301668ee7111b426e6153575cd0b3ad3f6f5a608040f37a7f85df0b1fb4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:12 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-lor1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
255
X-LI-UUID
4ia5ogLphBagzlce8SoAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-ech2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
e226b9a202e98416a0ce571ef12a0000
Expires
Thu, 02 Jun 2022 23:52:43 GMT
gs508lg3t2o81tq7pmcgn6m2
static-exp1.licdn.com/sc/h/ Frame E890
274 B
931 B
XHR
General
Full URL
https://static-exp1.licdn.com/sc/h/gs508lg3t2o81tq7pmcgn6m2
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
5843ed3527bc1e0e105b4e4b15fbbff78c6d44efa024e2ae4a08a0e8c82e5d4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:12 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
274
X-LI-UUID
OzCsdCF3dxZAZyPpTSsAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-ech2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
3b30ac7421777716406723e94d2b0000
Expires
Wed, 20 Apr 2022 04:39:36 GMT
64x33s3lxd27lb5jrntc2qt3s
static-exp1.licdn.com/sc/h/ Frame E890
746 B
1 KB
XHR
General
Full URL
https://static-exp1.licdn.com/sc/h/64x33s3lxd27lb5jrntc2qt3s
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
298375a6aad6c061fdc30efc6a888fa72e74ba70a783ed54cffd361bb85a8d9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:12 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-ltx1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
746
X-LI-UUID
3y2Rgyd8dxaw7gzVmSsAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-eda6
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
df2d9183277c7716b0ee0cd5992b0000
Expires
Wed, 20 Apr 2022 06:11:40 GMT
8roa0qc3bgaq28u5fya4bh9we
static-exp1.licdn.com/sc/h/ Frame E890
2 KB
2 KB
XHR
General
Full URL
https://static-exp1.licdn.com/sc/h/8roa0qc3bgaq28u5fya4bh9we
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
b278a9cc7ce454987aeef433435b4729971f9ca2812e9ba8879bb3ab39353dc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:12 GMT
Content-Encoding
gzip
NEL
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-CDN
AKAM
X-LI-Static-Content
1
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
851
X-LI-UUID
Kyfya9CUhRawKkhJjysAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-edc2
X-CDN-CLIENT-IP-VERSION
IPV6
Vary
Accept-Encoding
Report-To
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
5664df5f9c5c851690337d27b92a0000
Expires
Sat, 04 Jun 2022 11:11:07 GMT
dcsfv212z1ozhe7tgrxjrs55a
static-exp1.licdn.com/sc/h/ Frame E890
1 KB
1 KB
XHR
General
Full URL
https://static-exp1.licdn.com/sc/h/dcsfv212z1ozhe7tgrxjrs55a
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
dcbdbc61b2c7efef6a4ed1a24bfcb9353f8afaa4ac70394f9b407e3b3bcab00d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:12 GMT
Content-Encoding
gzip
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-LI-Static-Content
1
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
623
X-LI-UUID
xsKlfyd8dxbA2uAbxioAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-edc2
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
c6c2a57f277c7716c0dae01bc62a0000
Expires
Wed, 20 Apr 2022 06:11:40 GMT
9n9raq7fmdu241tpsxwodsmcd
static-exp1.licdn.com/sc/h/ Frame E890
331 B
988 B
XHR
General
Full URL
https://static-exp1.licdn.com/sc/h/9n9raq7fmdu241tpsxwodsmcd
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
b902f36d6cc67f5274d0b3af4d1e1db34a6c71a3de93ff25d8da2d4040005171

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:12 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-ltx1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
331
X-LI-UUID
CeJpqAHJdxawT7R9lysAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-edc2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
09e269a801c97716b04fb47d972b0000
Expires
Thu, 21 Apr 2022 05:40:00 GMT
czxdv1luyttew5ap8demgttec
static-exp1.licdn.com/sc/h/ Frame E890
643 B
1 KB
XHR
General
Full URL
https://static-exp1.licdn.com/sc/h/czxdv1luyttew5ap8demgttec
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
1ce9221782513d3845a3a5b77d37ab8ec9d39ee1e7fb585f638530d9e1406e0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:12 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
643
X-LI-UUID
LUi6BV2oehZA8qDyAysAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-edc2-nkernB
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
2d48ba055da87a1640f2a0f2032b0000
Expires
Sat, 30 Apr 2022 14:15:33 GMT
bj8f1eq2yi5lbgwr7ghgo5jss
static-exp1.licdn.com/sc/h/ Frame E890
640 KB
175 KB
Script
General
Full URL
https://static-exp1.licdn.com/sc/h/bj8f1eq2yi5lbgwr7ghgo5jss
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
43a2da152319c12198c459a9909de60b9ccf8eae977e6023da25565ce133f45e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:12 GMT
Content-Encoding
gzip
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-LI-Static-Content
1
Transfer-Encoding
chunked
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT
Connection
keep-alive, Transfer-Encoding
X-Li-Fabric
prod-ltx1
X-LI-UUID
9EYfvtNQixbQUUvgZysAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-eda6
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
f4461fbed3508b16d0514be0672b0000
Expires
Thu, 23 Jun 2022 20:42:40 GMT
1636043388923
media-exp1.licdn.com/dms/image/C5605AQEjUNe6BNr81A/videocover-high/0/ Frame E890
43 KB
44 KB
Image
General
Full URL
https://media-exp1.licdn.com/dms/image/C5605AQEjUNe6BNr81A/videocover-high/0/1636043388923?e=1638921600&v=beta&t=vUsAa1FnzEvWuwmCOcw2hZWpNe9JpJpSxXZuo0fiUYA
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
8f6e01983ff5ec719afd2a44a3fbcad69ec8c8182bf6cd3d4213389732991095

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
183
Date
Mon, 06 Dec 2021 23:11:12 GMT
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM-STLS
X-LI-Proto
http/1.1
X-EdgeConnect-MidMile-RTT
1
Transfer-Encoding
chunked
X-CDN-Proto
HTTP1
Connection
keep-alive, Transfer-Encoding
X-LI-UUID
AAXSgl9yiYwaqn1od+68Fw==
Server
Play
X-Li-Pop
prod-lor1-x
X-EdgeConnect-Cache-Status
3
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
Cache-Control
max-age=604800
Timing-Allow-Origin
*
X-Set-Cookie
1
X-Li-Fabric
prod-lor1
7bb5bf2njdprrp4wv4eqz4i4h
static-exp1.licdn.com/sc/h/ Frame 117A
654 B
1 KB
XHR
General
Full URL
https://static-exp1.licdn.com/sc/h/7bb5bf2njdprrp4wv4eqz4i4h
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
68685d1fa84322a42413024bc6792ae3d97f4daf63a881fea3502895c6d0a416

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:12 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT
Connection
keep-alive
Content-Length
654
X-LI-UUID
gmIf8h84hhbQwmqKkCsAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-edc2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
82621ff21f388616d0c26a8a902b0000
Expires
Tue, 07 Jun 2022 06:13:45 GMT
9o71zaq93i9n81gqlmjh748p7
static-exp1.licdn.com/sc/h/ Frame 117A
255 B
912 B
XHR
General
Full URL
https://static-exp1.licdn.com/sc/h/9o71zaq93i9n81gqlmjh748p7
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
531f301668ee7111b426e6153575cd0b3ad3f6f5a608040f37a7f85df0b1fb4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:12 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-lor1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
255
X-LI-UUID
4ia5ogLphBagzlce8SoAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-ech2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
e226b9a202e98416a0ce571ef12a0000
Expires
Thu, 02 Jun 2022 23:52:43 GMT
gs508lg3t2o81tq7pmcgn6m2
static-exp1.licdn.com/sc/h/ Frame 117A
274 B
931 B
XHR
General
Full URL
https://static-exp1.licdn.com/sc/h/gs508lg3t2o81tq7pmcgn6m2
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
5843ed3527bc1e0e105b4e4b15fbbff78c6d44efa024e2ae4a08a0e8c82e5d4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:12 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
274
X-LI-UUID
OzCsdCF3dxZAZyPpTSsAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-ech2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
3b30ac7421777716406723e94d2b0000
Expires
Wed, 20 Apr 2022 04:39:36 GMT
64x33s3lxd27lb5jrntc2qt3s
static-exp1.licdn.com/sc/h/ Frame 117A
746 B
1 KB
XHR
General
Full URL
https://static-exp1.licdn.com/sc/h/64x33s3lxd27lb5jrntc2qt3s
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
298375a6aad6c061fdc30efc6a888fa72e74ba70a783ed54cffd361bb85a8d9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:12 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-ltx1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
746
X-LI-UUID
3y2Rgyd8dxaw7gzVmSsAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-eda6
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
df2d9183277c7716b0ee0cd5992b0000
Expires
Wed, 20 Apr 2022 06:11:40 GMT
8roa0qc3bgaq28u5fya4bh9we
static-exp1.licdn.com/sc/h/ Frame 117A
2 KB
2 KB
XHR
General
Full URL
https://static-exp1.licdn.com/sc/h/8roa0qc3bgaq28u5fya4bh9we
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
b278a9cc7ce454987aeef433435b4729971f9ca2812e9ba8879bb3ab39353dc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:12 GMT
Content-Encoding
gzip
NEL
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-CDN
AKAM
X-LI-Static-Content
1
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
851
X-LI-UUID
Kyfya9CUhRawKkhJjysAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-edc2
X-CDN-CLIENT-IP-VERSION
IPV6
Vary
Accept-Encoding
Report-To
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
5664df5f9c5c851690337d27b92a0000
Expires
Sat, 04 Jun 2022 11:11:07 GMT
dcsfv212z1ozhe7tgrxjrs55a
static-exp1.licdn.com/sc/h/ Frame 117A
1 KB
1 KB
XHR
General
Full URL
https://static-exp1.licdn.com/sc/h/dcsfv212z1ozhe7tgrxjrs55a
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
dcbdbc61b2c7efef6a4ed1a24bfcb9353f8afaa4ac70394f9b407e3b3bcab00d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:12 GMT
Content-Encoding
gzip
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-LI-Static-Content
1
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
623
X-LI-UUID
xsKlfyd8dxbA2uAbxioAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-edc2
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
c6c2a57f277c7716c0dae01bc62a0000
Expires
Wed, 20 Apr 2022 06:11:40 GMT
9n9raq7fmdu241tpsxwodsmcd
static-exp1.licdn.com/sc/h/ Frame 117A
331 B
988 B
XHR
General
Full URL
https://static-exp1.licdn.com/sc/h/9n9raq7fmdu241tpsxwodsmcd
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
b902f36d6cc67f5274d0b3af4d1e1db34a6c71a3de93ff25d8da2d4040005171

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:12 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-ltx1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
331
X-LI-UUID
CeJpqAHJdxawT7R9lysAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-edc2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
09e269a801c97716b04fb47d972b0000
Expires
Thu, 21 Apr 2022 05:40:00 GMT
czxdv1luyttew5ap8demgttec
static-exp1.licdn.com/sc/h/ Frame 117A
643 B
1 KB
XHR
General
Full URL
https://static-exp1.licdn.com/sc/h/czxdv1luyttew5ap8demgttec
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
1ce9221782513d3845a3a5b77d37ab8ec9d39ee1e7fb585f638530d9e1406e0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:12 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-lva1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
643
X-LI-UUID
LUi6BV2oehZA8qDyAysAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-edc2-nkernB
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
2d48ba055da87a1640f2a0f2032b0000
Expires
Sat, 30 Apr 2022 14:15:33 GMT
bj8f1eq2yi5lbgwr7ghgo5jss
static-exp1.licdn.com/sc/h/ Frame 117A
640 KB
175 KB
Script
General
Full URL
https://static-exp1.licdn.com/sc/h/bj8f1eq2yi5lbgwr7ghgo5jss
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
43a2da152319c12198c459a9909de60b9ccf8eae977e6023da25565ce133f45e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:12 GMT
Content-Encoding
gzip
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-LI-Static-Content
1
Transfer-Encoding
chunked
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT
Connection
keep-alive, Transfer-Encoding
X-Li-Fabric
prod-ltx1
X-LI-UUID
9EYfvtNQixbQUUvgZysAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-eda6
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
f4461fbed3508b16d0514be0672b0000
Expires
Thu, 23 Jun 2022 20:42:40 GMT
1632260645994
media-exp1.licdn.com/dms/image/C5605AQEoAOCJBKOLxw/videocover-high/0/ Frame 117A
36 KB
37 KB
Image
General
Full URL
https://media-exp1.licdn.com/dms/image/C5605AQEoAOCJBKOLxw/videocover-high/0/1632260645994?e=1638921600&v=beta&t=kJMVt7v1xKMjSe45bm-jnpwmHrnWISZr8AcVbB19r90
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
5945be7c51c12e0a1066a37a45cb91e8a3f31341826c9e95369ccbcd115d94fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:12 GMT
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM-STLS
X-CDN-Proto
HTTP1
Connection
keep-alive
Content-Length
36879
X-LI-UUID
AAXSgl9yOuDyjW/Edn6FfA==
Server
Play
X-Li-Pop
prod-ltx1-x
Cache-Control
max-age=604800
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
X-LI-Proto
http/1.1
Timing-Allow-Origin
*
X-Set-Cookie
1
X-Li-Fabric
prod-ltx1
track
www.linkedin.com/li/ Frame E890
0
229 B
Ping
General
Full URL
https://www.linkedin.com/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6862063190298259456?compact=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXSgl93YxW/8nedTqVJvg==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 3883EED736FD4FD9BCB8377CC203B8EF Ref B: FRAEDGE1214 Ref C: 2021-12-06T23:11:12Z
date
Mon, 06 Dec 2021 23:11:12 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.linkedin.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
x-li-proto
http/2
x-li-fabric
prod-ltx1
expires
Thu, 01 Jan 1970 00:00:00 GMT
track
www.linkedin.com/li/ Frame 117A
0
1 KB
Ping
General
Full URL
https://www.linkedin.com/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6846197346825588736?compact=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXSgl93ZVuCC/Kq3Kel2g==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 81127EED0C1249F7B7C627911D3E3BEA Ref B: FRAEDGE1214 Ref C: 2021-12-06T23:11:12Z
date
Mon, 06 Dec 2021 23:11:12 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.linkedin.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
x-li-proto
http/2
x-li-fabric
prod-ltx1
expires
Thu, 01 Jan 1970 00:00:00 GMT
ts
t.paypal.com/ Frame DB7D
42 B
772 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Posting4ProfitNow%20%C2%B7%20Posting4ProfitNow&dh=1200&dw=1600&bh=0&bw=0&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1638832272848&g=0&completeurl=https%3A%2F%2Fposting4profitnow.groovesell.com%2Fcheckout-widget%2Fb24c91ff4a294541a19f193028759f8a%3Faskun%3D0%26askpw%3D0%26sb%3D0%26skip_payment_info%3D0%26st%3D0%26oai%3D0%26otp%3D%26sh%3D%26hcem%3D%26hcfn%3D%26hcln%3D%26gdsp%3D%26gdsf%3D%26gssp%3D&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/checkout-widget/b24c91ff4a294541a19f193028759f8a?askun=0&askpw=0&sb=0&skip_payment_info=0&st=0&oai=0&otp=&sh=&hcem=&hcfn=&hcln=&gdsp=&gdsf=&gssp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
via
1.1 varnish, 1.1 varnish
x-timer
S1638832273.906980,VS0,VE149
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
172a1bfbb1933
expires
Mon, 06 Dec 2021 23:11:12 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-cache-hits
0, 0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-lhr7349-LHR, cache-lon4251-LON
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame DB7D
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2156332
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAKqJX9Z%2Fp%2BzDO5ZOEjsXWEeOxkX2cFcx%2BQZaSvb2SwS2QF%2BKc9IA0S6Arj7SKit%2FrMrwEZdRzaJ7Z5ujp9ZGW9PVg9J0NkDJbmr1ldOMXQzzLLKxcOGd78Bn89XjYWjE1YCUeJSl%2ByHn%2Bs80%2B1vubML"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b993129ebae5c02-FRA
expires
Sat, 26 Nov 2022 23:11:12 GMT
checkout-links
v1.gdapis.com/api/groovesell/ Frame DB7D
7 KB
3 KB
XHR
General
Full URL
https://v1.gdapis.com/api/groovesell/checkout-links?filter[permalink]=b24c91ff4a294541a19f193028759f8a
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/admin/js_new/app.503b59.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
a964dfd18d7e78a1c45e9f4b60e4090c5f33c6633694872d629547ca3b1d2b7b

Request headers

Accept
application/json, text/plain, */*
Referer
https://posting4profitnow.groovesell.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.24
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
597
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXeIrATjuNc8P3uHakmpYW9xRCBKitNzJui1afKlWJhZkgtiM6zLlmBzTBLWBityJecJXAlSK40SA35YLHHCdKB4FU0kw0jr4%2BHJWJH74SRCPIAm8OhNNu3yO2QxD4HKEjtRmzU%2FJtlWQ9eD"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6b99312a0baa691c-FRA
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 8D69
4 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Dec 2021 23:11:13 GMT
generate_204
www.youtube.com/ Frame 8D69
0
9 B
Image
General
Full URL
https://www.youtube.com/generate_204?lE9doQ
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/k2m2g3U0KIQ?rel=0&modestbranding=1&controls=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
js
www.googletagmanager.com/gtag/ Frame 19F2
163 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VQKC5VQTH1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d63cab8dd9c99c89c84113d2139db1fc13b4dd0f8b0e62eb15ea3e64a37904e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61829
x-xss-protection
0
expires
Mon, 06 Dec 2021 23:11:13 GMT
analytics.js
www.google-analytics.com/ Frame 19F2
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5770
date
Mon, 06 Dec 2021 21:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 06 Dec 2021 23:35:03 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 19F2
37 KB
14 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14328
x-xss-protection
0
server
cafe
etag
12503521247758841375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 23:11:13 GMT
ytc.js
s.yimg.com/wi/ Frame 19F2
15 KB
6 KB
Script
General
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

ats-carp-promotion
1
date
Mon, 06 Dec 2021 23:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5652
x-amz-id-2
MfTaRvVIvTrF/4eAtF359iTea+vw7VSHETvLsj3syO4JvAfujNQtxmbAFQhGks3BupLiOHn9Seg=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sat, 10 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Thu, 04 Nov 2021 15:26:13 GMT
server
ATS
etag
"146f99405588b7446958a732612c901d-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
5PMXD6EDQXJMTSYH
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
pCmRUUjnQE9zqMEfVdrNnyYpaPAyW8Do
accept-ranges
bytes
content-type
application/javascript
bat.js
bat.bing.com/ Frame 19F2
36 KB
10 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:12 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6CC3287FB8AF4DB6BE72E4063CDFA4CB Ref B: FRAEDGE1408 Ref C: 2021-12-06T23:11:13Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10468
ld.js
static.criteo.net/js/ld/ Frame 19F2
41 KB
14 KB
Script
General
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1fddf4d5fec5f577b977db5c16c6582c1768324262382650fce903a37d73ab6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
gzip
last-modified
Tue, 05 Oct 2021 08:29:00 GMT
server
nginx
etag
W/"615c0ccc-a373"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 07 Dec 2021 23:11:13 GMT
universal-script
175592.tracking.hyros.com/v1/lst/ Frame 19F2
18 KB
18 KB
Script
General
Full URL
https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash
04d16a4678b667182d1705aa061109e59f2effaf886b1cb6564b80b4a5b7b861

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
access-control-allow-credentials
true
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
content-type
text/plain;charset=utf-8
js
www.googletagmanager.com/gtag/ Frame 3123
163 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VQKC5VQTH1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d63cab8dd9c99c89c84113d2139db1fc13b4dd0f8b0e62eb15ea3e64a37904e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61829
x-xss-protection
0
expires
Mon, 06 Dec 2021 23:11:13 GMT
analytics.js
www.google-analytics.com/ Frame 3123
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5770
date
Mon, 06 Dec 2021 21:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 06 Dec 2021 23:35:03 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 3123
37 KB
14 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14328
x-xss-protection
0
server
cafe
etag
12503521247758841375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 23:11:13 GMT
ytc.js
s.yimg.com/wi/ Frame 3123
15 KB
6 KB
Script
General
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

ats-carp-promotion
1
date
Mon, 06 Dec 2021 23:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5652
x-amz-id-2
MfTaRvVIvTrF/4eAtF359iTea+vw7VSHETvLsj3syO4JvAfujNQtxmbAFQhGks3BupLiOHn9Seg=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sat, 10 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Thu, 04 Nov 2021 15:26:13 GMT
server
ATS
etag
"146f99405588b7446958a732612c901d-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
5PMXD6EDQXJMTSYH
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
pCmRUUjnQE9zqMEfVdrNnyYpaPAyW8Do
accept-ranges
bytes
content-type
application/javascript
bat.js
bat.bing.com/ Frame 3123
36 KB
10 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:12 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B1CCD26C079E4DBFA70F399E6AA277B6 Ref B: FRAEDGE1408 Ref C: 2021-12-06T23:11:13Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10482
ld.js
static.criteo.net/js/ld/ Frame 3123
41 KB
14 KB
Script
General
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1fddf4d5fec5f577b977db5c16c6582c1768324262382650fce903a37d73ab6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
gzip
last-modified
Tue, 05 Oct 2021 08:29:00 GMT
server
nginx
etag
W/"615c0ccc-a373"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 07 Dec 2021 23:11:13 GMT
universal-script
175592.tracking.hyros.com/v1/lst/ Frame 3123
18 KB
18 KB
Script
General
Full URL
https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash
04d16a4678b667182d1705aa061109e59f2effaf886b1cb6564b80b4a5b7b861

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
access-control-allow-credentials
true
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
content-type
text/plain;charset=utf-8
js
www.googletagmanager.com/gtag/ Frame DE4C
163 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VQKC5VQTH1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19688e9d9d52d558cac1f2b17bcfca69905c0bfb678531bbfb208912110eb5df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61825
x-xss-protection
0
expires
Mon, 06 Dec 2021 23:11:13 GMT
analytics.js
www.google-analytics.com/ Frame DE4C
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5770
date
Mon, 06 Dec 2021 21:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 06 Dec 2021 23:35:03 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame DE4C
37 KB
14 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14328
x-xss-protection
0
server
cafe
etag
12503521247758841375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 23:11:13 GMT
ytc.js
s.yimg.com/wi/ Frame DE4C
15 KB
6 KB
Script
General
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

ats-carp-promotion
1
date
Mon, 06 Dec 2021 23:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5652
x-amz-id-2
MfTaRvVIvTrF/4eAtF359iTea+vw7VSHETvLsj3syO4JvAfujNQtxmbAFQhGks3BupLiOHn9Seg=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sat, 10 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Thu, 04 Nov 2021 15:26:13 GMT
server
ATS
etag
"146f99405588b7446958a732612c901d-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
5PMXD6EDQXJMTSYH
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
pCmRUUjnQE9zqMEfVdrNnyYpaPAyW8Do
accept-ranges
bytes
content-type
application/javascript
bat.js
bat.bing.com/ Frame DE4C
36 KB
10 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:12 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 78B67FA769674964813165FB9D835E17 Ref B: FRAEDGE1408 Ref C: 2021-12-06T23:11:13Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10482
ld.js
static.criteo.net/js/ld/ Frame DE4C
41 KB
14 KB
Script
General
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1fddf4d5fec5f577b977db5c16c6582c1768324262382650fce903a37d73ab6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
gzip
last-modified
Tue, 05 Oct 2021 08:29:00 GMT
server
nginx
etag
W/"615c0ccc-a373"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 07 Dec 2021 23:11:13 GMT
universal-script
175592.tracking.hyros.com/v1/lst/ Frame DE4C
18 KB
18 KB
Script
General
Full URL
https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash
04d16a4678b667182d1705aa061109e59f2effaf886b1cb6564b80b4a5b7b861

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
access-control-allow-credentials
true
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
content-type
text/plain;charset=utf-8
js
www.googletagmanager.com/gtag/ Frame 2A80
163 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VQKC5VQTH1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
638ba25a2d7569d19baf5e3a26b5f3427f450a5547957fdfbe75f2976a041d1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61827
x-xss-protection
0
expires
Mon, 06 Dec 2021 23:11:13 GMT
analytics.js
www.google-analytics.com/ Frame 2A80
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5770
date
Mon, 06 Dec 2021 21:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 06 Dec 2021 23:35:03 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 2A80
37 KB
14 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14328
x-xss-protection
0
server
cafe
etag
12503521247758841375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 23:11:13 GMT
ytc.js
s.yimg.com/wi/ Frame 2A80
15 KB
6 KB
Script
General
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

ats-carp-promotion
1
date
Mon, 06 Dec 2021 23:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5652
x-amz-id-2
MfTaRvVIvTrF/4eAtF359iTea+vw7VSHETvLsj3syO4JvAfujNQtxmbAFQhGks3BupLiOHn9Seg=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sat, 10 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Thu, 04 Nov 2021 15:26:13 GMT
server
ATS
etag
"146f99405588b7446958a732612c901d-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
5PMXD6EDQXJMTSYH
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
pCmRUUjnQE9zqMEfVdrNnyYpaPAyW8Do
accept-ranges
bytes
content-type
application/javascript
bat.js
bat.bing.com/ Frame 2A80
36 KB
11 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:12 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D51878AF1FA845D0ADF9BF2F37AC3E4C Ref B: FRAEDGE1408 Ref C: 2021-12-06T23:11:13Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10468
ld.js
static.criteo.net/js/ld/ Frame 2A80
41 KB
14 KB
Script
General
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1fddf4d5fec5f577b977db5c16c6582c1768324262382650fce903a37d73ab6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
gzip
last-modified
Tue, 05 Oct 2021 08:29:00 GMT
server
nginx
etag
W/"615c0ccc-a373"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 07 Dec 2021 23:11:13 GMT
universal-script
175592.tracking.hyros.com/v1/lst/ Frame 2A80
18 KB
18 KB
Script
General
Full URL
https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash
04d16a4678b667182d1705aa061109e59f2effaf886b1cb6564b80b4a5b7b861

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
access-control-allow-credentials
true
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
content-type
text/plain;charset=utf-8
js
www.googletagmanager.com/gtag/ Frame 5E6E
163 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VQKC5VQTH1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
638ba25a2d7569d19baf5e3a26b5f3427f450a5547957fdfbe75f2976a041d1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61827
x-xss-protection
0
expires
Mon, 06 Dec 2021 23:11:13 GMT
analytics.js
www.google-analytics.com/ Frame 5E6E
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5770
date
Mon, 06 Dec 2021 21:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 06 Dec 2021 23:35:03 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 5E6E
37 KB
14 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14328
x-xss-protection
0
server
cafe
etag
12503521247758841375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 23:11:13 GMT
ytc.js
s.yimg.com/wi/ Frame 5E6E
15 KB
6 KB
Script
General
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

ats-carp-promotion
1
date
Mon, 06 Dec 2021 23:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5652
x-amz-id-2
MfTaRvVIvTrF/4eAtF359iTea+vw7VSHETvLsj3syO4JvAfujNQtxmbAFQhGks3BupLiOHn9Seg=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sat, 10 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Thu, 04 Nov 2021 15:26:13 GMT
server
ATS
etag
"146f99405588b7446958a732612c901d-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
5PMXD6EDQXJMTSYH
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
pCmRUUjnQE9zqMEfVdrNnyYpaPAyW8Do
accept-ranges
bytes
content-type
application/javascript
bat.js
bat.bing.com/ Frame 5E6E
36 KB
10 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:12 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A63153FC060D4AE4A11FF71BC05B8C43 Ref B: FRAEDGE1408 Ref C: 2021-12-06T23:11:13Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10468
ld.js
static.criteo.net/js/ld/ Frame 5E6E
41 KB
14 KB
Script
General
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1fddf4d5fec5f577b977db5c16c6582c1768324262382650fce903a37d73ab6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
gzip
last-modified
Tue, 05 Oct 2021 08:29:00 GMT
server
nginx
etag
W/"615c0ccc-a373"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 07 Dec 2021 23:11:13 GMT
universal-script
175592.tracking.hyros.com/v1/lst/ Frame 5E6E
18 KB
18 KB
Script
General
Full URL
https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash
04d16a4678b667182d1705aa061109e59f2effaf886b1cb6564b80b4a5b7b861

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
access-control-allow-credentials
true
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
content-type
text/plain;charset=utf-8
track
www.linkedin.com/li/ Frame E890
0
127 B
Ping
General
Full URL
https://www.linkedin.com/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6862063190298259456?compact=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXSgl98lh0LmuiCXbK4/w==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 66EFDCAF92EB47FCA66F87E07C5403AA Ref B: FRAEDGE1214 Ref C: 2021-12-06T23:11:13Z
date
Mon, 06 Dec 2021 23:11:12 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.linkedin.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
x-li-fabric
prod-ltx1
expires
Thu, 01 Jan 1970 00:00:00 GMT
track
www.linkedin.com/li/ Frame 117A
0
1006 B
Ping
General
Full URL
https://www.linkedin.com/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6846197346825588736?compact=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXSgl98mk3ilMnpglvKvA==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 24E2E6CE78F0402FA30C4684C824366C Ref B: FRAEDGE1214 Ref C: 2021-12-06T23:11:13Z
date
Mon, 06 Dec 2021 23:11:12 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.linkedin.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
x-li-fabric
prod-ltx1
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ Frame E890
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/gif
6itbq3a9job40a3zgf91kry8z
static-exp1.licdn.com/sc/h/ Frame E890
374 B
1001 B
Image
General
Full URL
https://static-exp1.licdn.com/sc/h/6itbq3a9job40a3zgf91kry8z
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
2c41038e03265a32ad8514c3f33613e118c518ce073d8664c949320db812ed52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:13 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-ltx1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
374
X-LI-UUID
I+zw4FQsnBaAQQ+rBCsAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-eda6
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
23ecf0e0542c9c1680410fab042b0000
Expires
Wed, 17 Aug 2022 18:45:08 GMT
1636043388923
media-exp1.licdn.com/dms/image/C5605AQEjUNe6BNr81A/videocover-high/0/ Frame E890
43 KB
43 KB
Image
General
Full URL
https://media-exp1.licdn.com/dms/image/C5605AQEjUNe6BNr81A/videocover-high/0/1636043388923?e=1638921600&v=beta&t=vUsAa1FnzEvWuwmCOcw2hZWpNe9JpJpSxXZuo0fiUYA
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/bj8f1eq2yi5lbgwr7ghgo5jss
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
8f6e01983ff5ec719afd2a44a3fbcad69ec8c8182bf6cd3d4213389732991095

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
183
Date
Mon, 06 Dec 2021 23:11:13 GMT
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM-STLS
X-EdgeConnect-MidMile-RTT
1
X-CDN-Proto
HTTP1
Connection
keep-alive
Content-Length
43869
X-LI-UUID
AAXSgl9yiYwaqn1od+68Fw==
Server
Play
X-Li-Pop
prod-lor1-x
Cache-Control
max-age=604800
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
X-LI-Proto
http/1.1
Timing-Allow-Origin
*
X-Li-Fabric
prod-lor1
truncated
/ Frame 117A
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/gif
6itbq3a9job40a3zgf91kry8z
static-exp1.licdn.com/sc/h/ Frame 117A
374 B
1001 B
Image
General
Full URL
https://static-exp1.licdn.com/sc/h/6itbq3a9job40a3zgf91kry8z
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
2c41038e03265a32ad8514c3f33613e118c518ce073d8664c949320db812ed52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-exp1.licdn.com/sc/h/dijwsa7oqzy8jbn2zwplyoy39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 06 Dec 2021 23:11:13 GMT
X-LI-Static-Content
1
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-Li-Fabric
prod-ltx1
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
374
X-LI-UUID
I+zw4FQsnBaAQQ+rBCsAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-eda6
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-FS-UUID
23ecf0e0542c9c1680410fab042b0000
Expires
Wed, 17 Aug 2022 18:45:08 GMT
1632260645994
media-exp1.licdn.com/dms/image/C5605AQEoAOCJBKOLxw/videocover-high/0/ Frame 117A
36 KB
37 KB
Image
General
Full URL
https://media-exp1.licdn.com/dms/image/C5605AQEoAOCJBKOLxw/videocover-high/0/1632260645994?e=1638921600&v=beta&t=kJMVt7v1xKMjSe45bm-jnpwmHrnWISZr8AcVbB19r90
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/bj8f1eq2yi5lbgwr7ghgo5jss
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
5945be7c51c12e0a1066a37a45cb91e8a3f31341826c9e95369ccbcd115d94fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:13 GMT
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM-STLS
X-CDN-Proto
HTTP1
Connection
keep-alive
Content-Length
36879
X-LI-UUID
AAXSgl9yOuDyjW/Edn6FfA==
Server
Play
X-Li-Pop
prod-ltx1-x
Cache-Control
max-age=604800
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
X-LI-Proto
http/1.1
Timing-Allow-Origin
*
X-Li-Fabric
prod-ltx1
js
www.googletagmanager.com/gtag/ Frame A047
163 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VQKC5VQTH1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19688e9d9d52d558cac1f2b17bcfca69905c0bfb678531bbfb208912110eb5df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61825
x-xss-protection
0
expires
Mon, 06 Dec 2021 23:11:13 GMT
analytics.js
www.google-analytics.com/ Frame A047
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5770
date
Mon, 06 Dec 2021 21:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 06 Dec 2021 23:35:03 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame A047
37 KB
14 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14328
x-xss-protection
0
server
cafe
etag
12503521247758841375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 23:11:13 GMT
ytc.js
s.yimg.com/wi/ Frame A047
15 KB
6 KB
Script
General
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

ats-carp-promotion
1
date
Mon, 06 Dec 2021 23:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5652
x-amz-id-2
MfTaRvVIvTrF/4eAtF359iTea+vw7VSHETvLsj3syO4JvAfujNQtxmbAFQhGks3BupLiOHn9Seg=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sat, 10 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Thu, 04 Nov 2021 15:26:13 GMT
server
ATS
etag
"146f99405588b7446958a732612c901d-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
5PMXD6EDQXJMTSYH
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
pCmRUUjnQE9zqMEfVdrNnyYpaPAyW8Do
accept-ranges
bytes
content-type
application/javascript
bat.js
bat.bing.com/ Frame A047
36 KB
10 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:12 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2B7D6832161C454E9ED6CCA4D0362495 Ref B: FRAEDGE1408 Ref C: 2021-12-06T23:11:13Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10468
ld.js
static.criteo.net/js/ld/ Frame A047
41 KB
14 KB
Script
General
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1fddf4d5fec5f577b977db5c16c6582c1768324262382650fce903a37d73ab6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
gzip
last-modified
Tue, 05 Oct 2021 08:29:00 GMT
server
nginx
etag
W/"615c0ccc-a373"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 07 Dec 2021 23:11:13 GMT
universal-script
175592.tracking.hyros.com/v1/lst/ Frame A047
18 KB
18 KB
Script
General
Full URL
https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash
04d16a4678b667182d1705aa061109e59f2effaf886b1cb6564b80b4a5b7b861

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
access-control-allow-credentials
true
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
content-type
text/plain;charset=utf-8
cast_sender.js
www.gstatic.com/eureka/clank/96/ Frame 8D69
52 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/96/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 19:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15236
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 15:10:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Tue, 07 Dec 2021 19:04:12 GMT
1636043399731
dms.licdn.com/playlist/C5605AQEjUNe6BNr81A/mp4-640p-30fp-crf28/0/ Frame E890
192 KB
0
Media
General
Full URL
https://dms.licdn.com/playlist/C5605AQEjUNe6BNr81A/mp4-640p-30fp-crf28/0/1636043399731?e=1638921600&v=beta&t=guM8LuTFwXnGA3majfQhaZenYE853I0_cYSIq-b6T_8
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash

Request headers

Referer
https://www.linkedin.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

X-EdgeConnect-Origin-MEX-Latency
243
Date
Mon, 06 Dec 2021 23:11:14 GMT
X-CDN
AKAM
X-EdgeConnect-MidMile-RTT
0
X-Li-Fabric
prod-lor1
Content-Range
bytes 0-4956008/4956009
Connection
keep-alive
Content-Length
4956009
X-LI-UUID
AAXSgl9/g9rs1ppYdM2pDA==
Server
Play
X-Li-Pop
prod-lor1-x
Cache-Control
max-age=604800
X-AKA-INTTL
604800
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
X-LI-Proto
http/1.1
Timing-Allow-Origin
*
X-AKA-AGE
1
1632260654828
dms.licdn.com/playlist/C5605AQEoAOCJBKOLxw/mp4-640p-30fp-crf28/0/ Frame 117A
192 KB
0
Media
General
Full URL
https://dms.licdn.com/playlist/C5605AQEoAOCJBKOLxw/mp4-640p-30fp-crf28/0/1632260654828?e=1638921600&v=beta&t=RNIxrjmp2j7UC4e7X1S2OK7qRR0SCFOQjTGvLUl6zWs
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash

Request headers

Referer
https://www.linkedin.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

X-EdgeConnect-Origin-MEX-Latency
197
Date
Mon, 06 Dec 2021 23:11:13 GMT
X-CDN
AKAM
X-EdgeConnect-MidMile-RTT
0
X-Li-Fabric
prod-lor1
Content-Range
bytes 0-2032863/2032864
Connection
keep-alive
Content-Length
2032864
X-LI-UUID
AAXSgl9/dv556TV1627c7g==
Server
Play
X-Li-Pop
prod-lor1-x
Cache-Control
max-age=604800
X-AKA-INTTL
604800
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
X-LI-Proto
http/1.1
Timing-Allow-Origin
*
X-AKA-AGE
0
10139345.json
s.yimg.com/wi/config/ Frame 19F2
2 B
447 B
XHR
General
Full URL
https://s.yimg.com/wi/config/10139345.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 22:55:57 GMT
x-content-type-options
nosniff
age
916
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
2X2D2GE83B9CT5PJ
x-amz-id-2
akHv9seTedOnsmZ85i7TtmclysE6I+LfrejUQ3nNy1TSONzuGG15vj5v29h1zz/ruI5TWfbceSw=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
2
10139345.json
s.yimg.com/wi/config/ Frame 3123
2 B
37 B
XHR
General
Full URL
https://s.yimg.com/wi/config/10139345.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 22:55:57 GMT
x-content-type-options
nosniff
age
916
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
2X2D2GE83B9CT5PJ
x-amz-id-2
akHv9seTedOnsmZ85i7TtmclysE6I+LfrejUQ3nNy1TSONzuGG15vj5v29h1zz/ruI5TWfbceSw=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
2
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/ Frame 3123
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/?random=1638832273234&cv=9&fst=1638832273234&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79650%2Fdytj8Zl0tXGVRJ1e2VfN&ref=https%3A%2F%2Fposting4profitnow.com%2F&tiba=GrooveFunnels&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc522beed4b205cbd6cfea53a308f2d1b1d5377973ea09b7e14e32832b9f0b9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1048
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
17533112.js
bat.bing.com/p/action/ Frame 19F2
0
93 B
Script
General
Full URL
https://bat.bing.com/p/action/17533112.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 23:11:12 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 787C9C3B4CCA477A93085A03D8D6E9C8 Ref B: FRAEDGE1408 Ref C: 2021-12-06T23:11:13Z
x-cache
CONFIG_NOCACHE
17533112.js
bat.bing.com/p/action/ Frame 3123
0
93 B
Script
General
Full URL
https://bat.bing.com/p/action/17533112.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 23:11:12 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 073717DC19A348978EE85F0960A6EEA9 Ref B: FRAEDGE1408 Ref C: 2021-12-06T23:11:13Z
x-cache
CONFIG_NOCACHE
a
www.googletagmanager.com/ Frame 2A80
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-VQKC5VQTH1&cv=1&v=3&t=t&pid=221006700&rv=c10&es=1&e=gtm.init_consent&eid=1&ut=C&tc=16&z=0
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ Frame 2A80
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-VQKC5VQTH1&cv=1&v=3&t=t&pid=221006700&rv=c10&es=1&e=gtm.init&eid=2&ut=C&tc=16&tr=1setproductsettings.1ogteventsettings.1ogtgooglesignals&ti=2setproductsettings.2ogteventsettings.2ogtgooglesignals&z=0
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 6F1C
11 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=posting4profitnow.com&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2428
date
Mon, 06 Dec 2021 23:11:13 GMT
content-length
4685
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/ Frame 19F2
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/?random=1638832273318&cv=9&fst=1638832273318&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79652%2FTot2pgPvI8YiKGUNLHCb&ref=https%3A%2F%2Fposting4profitnow.com%2F&tiba=GrooveFunnels&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff45e2da2449c5191385f6412bcd621590a8503050887866354d077a48443adc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1048
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
10139345.json
s.yimg.com/wi/config/ Frame DE4C
2 B
37 B
XHR
General
Full URL
https://s.yimg.com/wi/config/10139345.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 22:55:57 GMT
x-content-type-options
nosniff
age
916
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
2X2D2GE83B9CT5PJ
x-amz-id-2
akHv9seTedOnsmZ85i7TtmclysE6I+LfrejUQ3nNy1TSONzuGG15vj5v29h1zz/ruI5TWfbceSw=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
2
17533112.js
bat.bing.com/p/action/ Frame DE4C
0
92 B
Script
General
Full URL
https://bat.bing.com/p/action/17533112.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 23:11:13 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 095BD6008DFA49D38F0197F2F4E3221A Ref B: FRAEDGE1408 Ref C: 2021-12-06T23:11:13Z
x-cache
CONFIG_NOCACHE
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/ Frame DE4C
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/?random=1638832273320&cv=9&fst=1638832273320&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79645%2F1pRJ3JmNn0gEPIi1nIoY&ref=https%3A%2F%2Fposting4profitnow.com%2F&tiba=GrooveFunnels&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2858677c804dd9b1aa29bd4074c32cd05b69efb52e1d3237bbf6823ab81ca7ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1048
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame DEBA
11 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=posting4profitnow.com&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1708
date
Mon, 06 Dec 2021 23:11:13 GMT
content-length
4685
10139345.json
s.yimg.com/wi/config/ Frame 2A80
2 B
37 B
XHR
General
Full URL
https://s.yimg.com/wi/config/10139345.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 22:55:57 GMT
x-content-type-options
nosniff
age
916
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
2X2D2GE83B9CT5PJ
x-amz-id-2
akHv9seTedOnsmZ85i7TtmclysE6I+LfrejUQ3nNy1TSONzuGG15vj5v29h1zz/ruI5TWfbceSw=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
2
17533112.js
bat.bing.com/p/action/ Frame 2A80
0
116 B
Script
General
Full URL
https://bat.bing.com/p/action/17533112.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 23:11:13 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E96FE8E4B02349CE9AB29152A9509EF4 Ref B: FRAEDGE1408 Ref C: 2021-12-06T23:11:13Z
x-cache
CONFIG_NOCACHE
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/ Frame 2A80
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/?random=1638832273409&cv=9&fst=1638832273409&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79654%2FjGx72GODkUqq1ZyTrN49&ref=https%3A%2F%2Fposting4profitnow.com%2F&tiba=GrooveFunnels&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
980a26bd7cee6bd580c152a21b014817b94f702a0355cb6b7bd9acd137b8a25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1048
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp.pl
sp.analytics.yahoo.com/ Frame 19F2
43 B
327 B
Image
General
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2006%20Dec%202021%2023%3A11%3A13%20GMT&n=0&b=GrooveFunnels&.yp=10139345&f=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79652%2FTot2pgPvI8YiKGUNLHCb&e=https%3A%2F%2Fposting4profitnow.com%2F&enc=UTF-8&yv=1.10.2&isIframe=1&tagmgr=gtm
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Mon, 06 Dec 2021 23:11:13 GMT
m-outer-f7902241893e7a497417843cb15dc858.html
js.stripe.com/v3/ Frame 394C
240 B
539 B
Document
General
Full URL
https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/

Response headers

last-modified
Wed, 27 Oct 2021 22:19:31 GMT
etag
"f7902241893e7a497417843cb15dc858"
content-type
text/html; charset=utf-8
content-security-policy
default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
server
Fastly
content-encoding
br
accept-ranges
bytes
date
Mon, 06 Dec 2021 23:11:13 GMT
via
1.1 varnish
age
14
x-request-id
c53c3316-9003-43ec-ad56-efe8d6abdbb8
x-served-by
cache-hhn4069-HHN
x-cache
HIT
x-cache-hits
11
vary
Accept-Encoding
timing-allow-origin
*
cache-control
max-age=60
content-length
141
10139345.json
s.yimg.com/wi/config/ Frame 5E6E
2 B
37 B
XHR
General
Full URL
https://s.yimg.com/wi/config/10139345.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 22:55:57 GMT
x-content-type-options
nosniff
age
916
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
2X2D2GE83B9CT5PJ
x-amz-id-2
akHv9seTedOnsmZ85i7TtmclysE6I+LfrejUQ3nNy1TSONzuGG15vj5v29h1zz/ruI5TWfbceSw=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
2
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/ Frame 5E6E
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/?random=1638832273425&cv=9&fst=1638832273425&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79651%2FjZ9IfBVyFOKNxl9jU54M&ref=https%3A%2F%2Fposting4profitnow.com%2F&tiba=GrooveFunnels&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac9c76359aed5260993e3f6626dff2cbcea1e8110fb442b1c6f6a752ae975f5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1051
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
17533112.js
bat.bing.com/p/action/ Frame 5E6E
0
93 B
Script
General
Full URL
https://bat.bing.com/p/action/17533112.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 23:11:13 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C98552C6C8454497B314B0773C6F2245 Ref B: FRAEDGE1408 Ref C: 2021-12-06T23:11:13Z
x-cache
CONFIG_NOCACHE
a
www.googletagmanager.com/ Frame 2A80
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-VQKC5VQTH1&cv=1&v=3&t=t&pid=221006700&rv=c10&es=1&e=gtm.js&eid=3&u=AAAAC&ut=C&tc=16&tr=1gct.1lcl.1lcl.1ehl&ti=1gct.1lcl.1lcl.1ehl&z=0
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ Frame 2A80
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-VQKC5VQTH1&cv=1&v=3&t=t&pid=221006700&rv=c10&e=gtm.init&eid=2&u=AAAAC&ut=C&tc=16&tr=5setproductsettings.5ogteventsettings.5ogtgooglesignals&ti=2setproductsettings.2ogteventsettings.2ogtgooglesignals&z=0
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
www.linkedin.com/li/ Frame E890
0
1 KB
Ping
General
Full URL
https://www.linkedin.com/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6862063190298259456?compact=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXSgl+CbbPmwcTkWzZV5g==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 71A1B5F0FE3342818602AD4FA4AC0A2F Ref B: FRAEDGE1214 Ref C: 2021-12-06T23:11:13Z
date
Mon, 06 Dec 2021 23:11:13 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.linkedin.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
x-li-proto
http/2
x-li-fabric
prod-ltx1
expires
Thu, 01 Jan 1970 00:00:00 GMT
sp.pl
sp.analytics.yahoo.com/ Frame 3123
43 B
714 B
Image
General
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2006%20Dec%202021%2023%3A11%3A13%20GMT&n=0&b=GrooveFunnels&.yp=10139345&f=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79650%2Fdytj8Zl0tXGVRJ1e2VfN&e=https%3A%2F%2Fposting4profitnow.com%2F&enc=UTF-8&yv=1.10.2&isIframe=1&tagmgr=gtm
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Mon, 06 Dec 2021 23:11:13 GMT
sp.pl
sp.analytics.yahoo.com/ Frame DE4C
43 B
326 B
Image
General
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2006%20Dec%202021%2023%3A11%3A13%20GMT&n=0&b=GrooveFunnels&.yp=10139345&f=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79645%2F1pRJ3JmNn0gEPIi1nIoY&e=https%3A%2F%2Fposting4profitnow.com%2F&enc=UTF-8&yv=1.10.2&isIframe=1&tagmgr=gtm
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Mon, 06 Dec 2021 23:11:13 GMT
sp.pl
sp.analytics.yahoo.com/ Frame 2A80
43 B
327 B
Image
General
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2006%20Dec%202021%2023%3A11%3A13%20GMT&n=0&b=GrooveFunnels&.yp=10139345&f=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79654%2FjGx72GODkUqq1ZyTrN49&e=https%3A%2F%2Fposting4profitnow.com%2F&enc=UTF-8&yv=1.10.2&isIframe=1&tagmgr=gtm
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Mon, 06 Dec 2021 23:11:13 GMT
track
www.linkedin.com/li/ Frame 117A
0
227 B
Ping
General
Full URL
https://www.linkedin.com/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6846197346825588736?compact=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXSgl+CcSaZUi/ZRG9T0g==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 2AED95EC0A414E75B024638EC217F7A1 Ref B: FRAEDGE1214 Ref C: 2021-12-06T23:11:13Z
date
Mon, 06 Dec 2021 23:11:13 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.linkedin.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
x-li-proto
http/2
x-li-fabric
prod-ltx1
expires
Thu, 01 Jan 1970 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 92E8
11 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=posting4profitnow.com&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
4745
date
Mon, 06 Dec 2021 23:11:13 GMT
content-length
4685
syncframe
gum.criteo.com/ Frame F8CF
11 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=posting4profitnow.com&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
4316
date
Mon, 06 Dec 2021 23:11:13 GMT
content-length
4685
csp-report
q.stripe.com/ Frame 394C
0
347 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
x-envoy-upstream-service-time
1
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length
0
10139345.json
s.yimg.com/wi/config/ Frame A047
2 B
37 B
XHR
General
Full URL
https://s.yimg.com/wi/config/10139345.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 22:55:57 GMT
x-content-type-options
nosniff
age
916
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
2X2D2GE83B9CT5PJ
x-amz-id-2
akHv9seTedOnsmZ85i7TtmclysE6I+LfrejUQ3nNy1TSONzuGG15vj5v29h1zz/ruI5TWfbceSw=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
2
sp.pl
sp.analytics.yahoo.com/ Frame 5E6E
43 B
327 B
Image
General
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2006%20Dec%202021%2023%3A11%3A13%20GMT&n=0&b=GrooveFunnels&.yp=10139345&f=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79651%2FjZ9IfBVyFOKNxl9jU54M&e=https%3A%2F%2Fposting4profitnow.com%2F&enc=UTF-8&yv=1.10.2&isIframe=1&tagmgr=gtm
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Mon, 06 Dec 2021 23:11:13 GMT
syncframe
gum.criteo.com/ Frame 22A8
11 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=posting4profitnow.com&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3945
date
Mon, 06 Dec 2021 23:11:13 GMT
content-length
4685
17533112.js
bat.bing.com/p/action/ Frame A047
0
93 B
Script
General
Full URL
https://bat.bing.com/p/action/17533112.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 23:11:13 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5E98CCB9E27E4FBAA65872FB7EE75A12 Ref B: FRAEDGE1408 Ref C: 2021-12-06T23:11:13Z
x-cache
CONFIG_NOCACHE
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/ Frame A047
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/?random=1638832273489&cv=9&fst=1638832273489&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79647%2F6RU0RcHbRRAQUOkM9eE8&ref=https%3A%2F%2Fposting4profitnow.com%2F&tiba=GrooveFunnels&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b0a6ade825ec2aef7d070918358e485c0c8690e15c8bd542f660664c362a616
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1047
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame F26B
11 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=posting4profitnow.com&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3594
date
Mon, 06 Dec 2021 23:11:13 GMT
content-length
4685
sp.pl
sp.analytics.yahoo.com/ Frame A047
43 B
79 B
Image
General
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2006%20Dec%202021%2023%3A11%3A13%20GMT&n=0&b=GrooveFunnels&.yp=10139345&f=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79647%2F6RU0RcHbRRAQUOkM9eE8&e=https%3A%2F%2Fposting4profitnow.com%2F&enc=UTF-8&yv=1.10.2&isIframe=1&tagmgr=gtm
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Mon, 06 Dec 2021 23:11:13 GMT
m-outer-639174098ea8fe7fede6fa654790e8ec.js
js.stripe.com/v3/fingerprinted/js/ Frame 394C
1 KB
954 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
118
x-cache
HIT
content-length
645
etag
"5213886b88cd72e6d0aebc89868e5d13"
x-request-id
b589338c-7edc-4a14-bb57-c56e3fd80337
x-served-by
cache-hhn4069-HHN
access-control-allow-origin
*
last-modified
Mon, 25 Oct 2021 19:35:20 GMT
server
Fastly
date
Mon, 06 Dec 2021 23:11:13 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
102
/
www.google.com/pagead/1p-user-list/646915355/ Frame 3123
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/646915355/?random=1638832273234&cv=9&fst=1638831600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79650%2Fdytj8Zl0tXGVRJ1e2VfN&ref=https%3A%2F%2Fposting4profitnow.com%2F&tiba=GrooveFunnels&async=1&fmt=3&is_vtc=1&random=3577986828&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/646915355/ Frame 3123
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/646915355/?random=1638832273234&cv=9&fst=1638831600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79650%2Fdytj8Zl0tXGVRJ1e2VfN&ref=https%3A%2F%2Fposting4profitnow.com%2F&tiba=GrooveFunnels&async=1&fmt=3&is_vtc=1&random=3577986828&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gusid
175592.tracking.hyros.com/v1/lst/ Frame 3123
0
498 B
XHR
General
Full URL
https://175592.tracking.hyros.com/v1/lst/gusid?
Requested by
Host: 175592.tracking.hyros.com
URL: https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
Product-ID
175592

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
session-id
HB-ET_589feffb62720ba252b67ccb65d912335475d911495e8b7ef7f4bcf1a2ccdbf4
etag
HB-ET_589feffb62720ba252b67ccb65d912335475d911495e8b7ef7f4bcf1a2ccdbf4
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://app.groove.cm
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
0
gusid
175592.tracking.hyros.com/v1/lst/ Frame
0
0
Preflight
General
Full URL
https://175592.tracking.hyros.com/v1/lst/gusid?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
product-id
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-type
application/vnd.sun.wadl+xml;charset=utf-8
content-length
1439
access-control-allow-origin
https://app.groove.cm
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers
product-id
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-credentials
true
allow
HEAD,GET,OPTIONS
last-modified
Mon, 06 Dec 2021 23:11:13 UTC
sid
mug.criteo.com/ Frame DEBA
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=posting4profitnow.com&lsw=1
  • https://mug.criteo.com/sid?cpp=jyHkG3xjL0NTZ3VvNFByMVZqWGczVFpFSE05dEltcFhLS282a0ltVkdVTlpMT0JROStCN01ZUm5JeTVua09WL3ZSb0ZiMzBGOVExRThvdUxGT2h4T1Y2VXVaYUd1ZEFIZkRNOHowQm1HcmNTcFhFY0ZISHJ1cldCVTdnVn...
457 B
644 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=jyHkG3xjL0NTZ3VvNFByMVZqWGczVFpFSE05dEltcFhLS282a0ltVkdVTlpMT0JROStCN01ZUm5JeTVua09WL3ZSb0ZiMzBGOVExRThvdUxGT2h4T1Y2VXVaYUd1ZEFIZkRNOHowQm1HcmNTcFhFY0ZISHJ1cldCVTdnVnFoR01xRCt6ZE1vekY4TjdRd2JQVHZHY2ZCZ05GN0x0OFdxWGJjckpOOWJWZWEvRHZPVW1lTWFTalFOYVp4RFJTRXplMHJuVW9kakZhNFlxS21OeE9MVkw4OU8xVXcxOCtmUlEvdWJmOUo3dm5RTDE0Z2hFVTY4VWdGYWo2SHVmck4vNFR0Ym5rcHE4b3U4VDdXRnprbG9GSmF5M2d5MlpnYkJKMVRCemFRZ3hkeStsYjZoWT18&cppv=2
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e29f8ea47a8fa583bad13819fe4954cd827edb852742fe533f3352fabe083956
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 06 Dec 2021 23:11:13 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3221
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 06 Dec 2021 23:11:13 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=jyHkG3xjL0NTZ3VvNFByMVZqWGczVFpFSE05dEltcFhLS282a0ltVkdVTlpMT0JROStCN01ZUm5JeTVua09WL3ZSb0ZiMzBGOVExRThvdUxGT2h4T1Y2VXVaYUd1ZEFIZkRNOHowQm1HcmNTcFhFY0ZISHJ1cldCVTdnVnFoR01xRCt6ZE1vekY4TjdRd2JQVHZHY2ZCZ05GN0x0OFdxWGJjckpOOWJWZWEvRHZPVW1lTWFTalFOYVp4RFJTRXplMHJuVW9kakZhNFlxS21OeE9MVkw4OU8xVXcxOCtmUlEvdWJmOUo3dm5RTDE0Z2hFVTY4VWdGYWo2SHVmck4vNFR0Ym5rcHE4b3U4VDdXRnprbG9GSmF5M2d5MlpnYkJKMVRCemFRZ3hkeStsYjZoWT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3260
content-length
567
expires
0
sid
mug.criteo.com/ Frame 6F1C
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=posting4profitnow.com&lsw=1
  • https://mug.criteo.com/sid?cpp=qqfu1nxsQlBXVWdjT0xGeFRPbkZUZ2pPSXlIQkMzcjNhZzRndzZ0cFBYUkMraVMvbTZ6YzZTTGp5S0Y4M09lMjRVSmRBaDRkT05DbmtHaEoweU90Si9Lb3JUYmpnNHVpT3p5NklVVW5nZXpqSTlJQmpETzFKR0F0cko3NF...
452 B
638 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=qqfu1nxsQlBXVWdjT0xGeFRPbkZUZ2pPSXlIQkMzcjNhZzRndzZ0cFBYUkMraVMvbTZ6YzZTTGp5S0Y4M09lMjRVSmRBaDRkT05DbmtHaEoweU90Si9Lb3JUYmpnNHVpT3p5NklVVW5nZXpqSTlJQmpETzFKR0F0cko3NFl6T3paTXQvVnFYS0dNa3ZnZHJPTXltUytmZklac3liOTE1QXl4L2FVMCtKWGRBWGxJUkM0V1VDTTNhNkJVSnl2bGtlK1ZtMkUwWHhkakhaRWpVOTZtOU1sb0xqeFg5anFKWEd2OGJncXoxV05pSDU3OTZLclhqQWVURnM3Z1habzJDRTVKSmN4aWhWNGowWEFoeHdUTmh4aGFCWHJjMXlhZDVFc0JWa3FzR3NxL3E4WkxBVT18&cppv=2
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5588e70845a78f7e4eb2520630ba8c7640cc4c08140bd3cdd4361558d7a0f7d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 06 Dec 2021 23:11:13 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3824
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 06 Dec 2021 23:11:12 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=qqfu1nxsQlBXVWdjT0xGeFRPbkZUZ2pPSXlIQkMzcjNhZzRndzZ0cFBYUkMraVMvbTZ6YzZTTGp5S0Y4M09lMjRVSmRBaDRkT05DbmtHaEoweU90Si9Lb3JUYmpnNHVpT3p5NklVVW5nZXpqSTlJQmpETzFKR0F0cko3NFl6T3paTXQvVnFYS0dNa3ZnZHJPTXltUytmZklac3liOTE1QXl4L2FVMCtKWGRBWGxJUkM0V1VDTTNhNkJVSnl2bGtlK1ZtMkUwWHhkakhaRWpVOTZtOU1sb0xqeFg5anFKWEd2OGJncXoxV05pSDU3OTZLclhqQWVURnM3Z1habzJDRTVKSmN4aWhWNGowWEFoeHdUTmh4aGFCWHJjMXlhZDVFc0JWa3FzR3NxL3E4WkxBVT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2260
content-length
567
expires
0
gusid
175592.tracking.hyros.com/v1/lst/ Frame 5E6E
0
498 B
XHR
General
Full URL
https://175592.tracking.hyros.com/v1/lst/gusid?
Requested by
Host: 175592.tracking.hyros.com
URL: https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
Product-ID
175592

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
session-id
HB-ET_589feffb62720ba252b67ccb65d912335475d911495e8b7ef7f4bcf1a2ccdbf4
etag
HB-ET_589feffb62720ba252b67ccb65d912335475d911495e8b7ef7f4bcf1a2ccdbf4
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://app.groove.cm
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
0
gusid
175592.tracking.hyros.com/v1/lst/ Frame
0
0
Preflight
General
Full URL
https://175592.tracking.hyros.com/v1/lst/gusid?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
product-id
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-type
application/vnd.sun.wadl+xml;charset=utf-8
content-length
1439
access-control-allow-origin
https://app.groove.cm
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers
product-id
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-credentials
true
allow
HEAD,GET,OPTIONS
last-modified
Mon, 06 Dec 2021 23:11:13 UTC
/
www.google.com/pagead/1p-user-list/646915355/ Frame 19F2
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/646915355/?random=1638832273318&cv=9&fst=1638831600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79652%2FTot2pgPvI8YiKGUNLHCb&ref=https%3A%2F%2Fposting4profitnow.com%2F&tiba=GrooveFunnels&async=1&fmt=3&is_vtc=1&random=1856509468&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/646915355/ Frame 19F2
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/646915355/?random=1638832273318&cv=9&fst=1638831600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79652%2FTot2pgPvI8YiKGUNLHCb&ref=https%3A%2F%2Fposting4profitnow.com%2F&tiba=GrooveFunnels&async=1&fmt=3&is_vtc=1&random=1856509468&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/646915355/ Frame DE4C
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/646915355/?random=1638832273320&cv=9&fst=1638831600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79645%2F1pRJ3JmNn0gEPIi1nIoY&ref=https%3A%2F%2Fposting4profitnow.com%2F&tiba=GrooveFunnels&async=1&fmt=3&is_vtc=1&random=2298341172&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/646915355/ Frame DE4C
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/646915355/?random=1638832273320&cv=9&fst=1638831600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79645%2F1pRJ3JmNn0gEPIi1nIoY&ref=https%3A%2F%2Fposting4profitnow.com%2F&tiba=GrooveFunnels&async=1&fmt=3&is_vtc=1&random=2298341172&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/646915355/ Frame 2A80
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/646915355/?random=1638832273409&cv=9&fst=1638831600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79654%2FjGx72GODkUqq1ZyTrN49&ref=https%3A%2F%2Fposting4profitnow.com%2F&tiba=GrooveFunnels&async=1&fmt=3&is_vtc=1&random=4209319307&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/646915355/ Frame 2A80
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/646915355/?random=1638832273409&cv=9&fst=1638831600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79654%2FjGx72GODkUqq1ZyTrN49&ref=https%3A%2F%2Fposting4profitnow.com%2F&tiba=GrooveFunnels&async=1&fmt=3&is_vtc=1&random=4209319307&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/646915355/ Frame 5E6E
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/646915355/?random=1638832273425&cv=9&fst=1638831600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79651%2FjZ9IfBVyFOKNxl9jU54M&ref=https%3A%2F%2Fposting4profitnow.com%2F&tiba=GrooveFunnels&async=1&fmt=3&is_vtc=1&random=3615559774&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/646915355/ Frame 5E6E
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/646915355/?random=1638832273425&cv=9&fst=1638831600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79651%2FjZ9IfBVyFOKNxl9jU54M&ref=https%3A%2F%2Fposting4profitnow.com%2F&tiba=GrooveFunnels&async=1&fmt=3&is_vtc=1&random=3615559774&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 92E8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=posting4profitnow.com&lsw=1
  • https://mug.criteo.com/sid?cpp=GfF8aXxXVHM5YkFkTjZ0OWd6Q0ZGOVEyKzF4eHR1Tm15YnowVnpnMVNNeGpRVnhyZE56TW5HTzZVSllVSExtSGNSMWRHRVprdFVVR0hHZmJleWI3VU52b0Z3SWI4NjFtQ24wRzIxeGROTmZTNk0wUURncit3eHpuNUU2Nj...
457 B
642 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=GfF8aXxXVHM5YkFkTjZ0OWd6Q0ZGOVEyKzF4eHR1Tm15YnowVnpnMVNNeGpRVnhyZE56TW5HTzZVSllVSExtSGNSMWRHRVprdFVVR0hHZmJleWI3VU52b0Z3SWI4NjFtQ24wRzIxeGROTmZTNk0wUURncit3eHpuNUU2NjlYUFl6K1p0WWV0cHpka2N0dGdYQnlTMkY2SENuY21sYTd1S2lIN3JrWGtkSGU5YTBXZ1RKUjRWd3Yybm5OMkhneFNMODBwc0FmNGtqZ2tKb2ZnNnk4MmZzWTRvbzJ0eWxKdHg0b244NTFYRjNPeEYwSnA4ZzA1c016TXNxMW1JTnRtS2xmWVpqQkVnRUtqenQvYVRocEZpSGJIejFycFBJeG9LSTg4R3ZPeDZVVkxhcTlmQT18&cppv=2
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
3f0761c93cc380765235624ae5cf89909f4cc7d1811b9d4e8cf82f928ec1d324
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 06 Dec 2021 23:11:12 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
6058
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 06 Dec 2021 23:11:13 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=GfF8aXxXVHM5YkFkTjZ0OWd6Q0ZGOVEyKzF4eHR1Tm15YnowVnpnMVNNeGpRVnhyZE56TW5HTzZVSllVSExtSGNSMWRHRVprdFVVR0hHZmJleWI3VU52b0Z3SWI4NjFtQ24wRzIxeGROTmZTNk0wUURncit3eHpuNUU2NjlYUFl6K1p0WWV0cHpka2N0dGdYQnlTMkY2SENuY21sYTd1S2lIN3JrWGtkSGU5YTBXZ1RKUjRWd3Yybm5OMkhneFNMODBwc0FmNGtqZ2tKb2ZnNnk4MmZzWTRvbzJ0eWxKdHg0b244NTFYRjNPeEYwSnA4ZzA1c016TXNxMW1JTnRtS2xmWVpqQkVnRUtqenQvYVRocEZpSGJIejFycFBJeG9LSTg4R3ZPeDZVVkxhcTlmQT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2040
content-length
567
expires
0
sid
mug.criteo.com/ Frame F8CF
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=posting4profitnow.com&lsw=1
  • https://mug.criteo.com/sid?cpp=r5W4vXw5NGo1UGRHYVZ6RjVhcW0rRDlTMzJyWFRWUzhHUGl0L3RhdXVQY3BrREV5M3gxZURwWVMvU2hWdVgvKzhiTmxxclpQQ21xODJ0SE5OVnp1TzVIUS9aZlpNcmFQdWw5emFtb1pOLzF6NmxqenJybHBzdDB2SVBMMl...
441 B
637 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=r5W4vXw5NGo1UGRHYVZ6RjVhcW0rRDlTMzJyWFRWUzhHUGl0L3RhdXVQY3BrREV5M3gxZURwWVMvU2hWdVgvKzhiTmxxclpQQ21xODJ0SE5OVnp1TzVIUS9aZlpNcmFQdWw5emFtb1pOLzF6NmxqenJybHBzdDB2SVBMMlpoR2JlZ085dnBOUUF5bm5adW11L2R2ci80S1g5YkdrZW5kVTNCWEZwNUhjdUlSTXlGOTB2eFltT3VCc28vK21CcFlVWlZoNk5FYzY0OTlKYmVoRVdOVHN4R3RKTDh2UzJGcHhxYk1Iblh2a1E2K0xRb1E3bGNYeVduUHNhWnQ3ZmpGdGVPaDZwWHN5WmZQYmMxbHJLenA5YlBScWs5TnVSN1lYTzBTQjdGRGVXM0w0SlBpTT18&cppv=2
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
c43c9a9fc605deeb17d53e33ed9b1fbb2aa9fd845d55d91bf6641a7778be7e35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 06 Dec 2021 23:11:12 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2816
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 06 Dec 2021 23:11:13 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=r5W4vXw5NGo1UGRHYVZ6RjVhcW0rRDlTMzJyWFRWUzhHUGl0L3RhdXVQY3BrREV5M3gxZURwWVMvU2hWdVgvKzhiTmxxclpQQ21xODJ0SE5OVnp1TzVIUS9aZlpNcmFQdWw5emFtb1pOLzF6NmxqenJybHBzdDB2SVBMMlpoR2JlZ085dnBOUUF5bm5adW11L2R2ci80S1g5YkdrZW5kVTNCWEZwNUhjdUlSTXlGOTB2eFltT3VCc28vK21CcFlVWlZoNk5FYzY0OTlKYmVoRVdOVHN4R3RKTDh2UzJGcHhxYk1Iblh2a1E2K0xRb1E3bGNYeVduUHNhWnQ3ZmpGdGVPaDZwWHN5WmZQYmMxbHJLenA5YlBScWs5TnVSN1lYTzBTQjdGRGVXM0w0SlBpTT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3241
content-length
567
expires
0
inner.html
m.stripe.network/ Frame 1A39
932 B
1 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
max-age=300, public
content-security-policy
connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://m.stripe.com; default-src 'none'; font-src 'self'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
Fastly
content-encoding
gzip
accept-ranges
bytes
date
Mon, 06 Dec 2021 23:11:13 GMT
via
1.1 varnish
age
25
x-request-id
55e02e45-e343-466f-a2b7-0317756a6300
x-served-by
cache-hhn4069-HHN
x-cache
HIT
x-cache-hits
25
x-timer
S1638832274.555914,VS0,VE0
vary
Accept-Encoding, Origin
content-length
528
/
www.google.com/pagead/1p-user-list/646915355/ Frame A047
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/646915355/?random=1638832273489&cv=9&fst=1638831600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79647%2F6RU0RcHbRRAQUOkM9eE8&ref=https%3A%2F%2Fposting4profitnow.com%2F&tiba=GrooveFunnels&async=1&fmt=3&is_vtc=1&random=28807918&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/646915355/ Frame A047
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/646915355/?random=1638832273489&cv=9&fst=1638831600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79647%2F6RU0RcHbRRAQUOkM9eE8&ref=https%3A%2F%2Fposting4profitnow.com%2F&tiba=GrooveFunnels&async=1&fmt=3&is_vtc=1&random=28807918&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 22A8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=posting4profitnow.com&lsw=1
  • https://mug.criteo.com/sid?cpp=u-BYTXxza3NhSVFPbXNWc2x3M2JiRGdXZzdMRFNmbit4RHpCU3dDbG5ZRzhGbDBReWhxRFVkRkZQNEpvcWl4WlJyaExVMktweVB1dHg2bTZxaiswNlBWRzVNM3R4WmpNTmRrZDFlbzh3Z3RVa0tzSWFOYWdILzdtT0JqU0...
457 B
640 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=u-BYTXxza3NhSVFPbXNWc2x3M2JiRGdXZzdMRFNmbit4RHpCU3dDbG5ZRzhGbDBReWhxRFVkRkZQNEpvcWl4WlJyaExVMktweVB1dHg2bTZxaiswNlBWRzVNM3R4WmpNTmRrZDFlbzh3Z3RVa0tzSWFOYWdILzdtT0JqU0NGNmZKTnRhRHFMaTA3TVFsTUxsNHFsSWlScDE2c1piNDV6STJMWE15bHU0NytvVUdRZU9sZWRsZjVRUFZDS1dGdGdoUTdObFNCWmhBMUlFZ1Rlb1g3T3dzSE1GLzBJK0JQeTRtVEhYbndYV3JLVWw0VXBzMFVNUVFsT2pWQkdFRUVobkRRd1J1dlJ5THA5V0NnaHhGay90NzlmNnBmazFOQ3FrbmVMUVdvTUphNm5ncGRSYz18&cppv=2
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
dabcf5ba4a4e23f5fd3d8ab8f8f837589b482031c55133e98b9d15cc570130cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 06 Dec 2021 23:11:13 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3415
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 06 Dec 2021 23:11:13 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=u-BYTXxza3NhSVFPbXNWc2x3M2JiRGdXZzdMRFNmbit4RHpCU3dDbG5ZRzhGbDBReWhxRFVkRkZQNEpvcWl4WlJyaExVMktweVB1dHg2bTZxaiswNlBWRzVNM3R4WmpNTmRrZDFlbzh3Z3RVa0tzSWFOYWdILzdtT0JqU0NGNmZKTnRhRHFMaTA3TVFsTUxsNHFsSWlScDE2c1piNDV6STJMWE15bHU0NytvVUdRZU9sZWRsZjVRUFZDS1dGdGdoUTdObFNCWmhBMUlFZ1Rlb1g3T3dzSE1GLzBJK0JQeTRtVEhYbndYV3JLVWw0VXBzMFVNUVFsT2pWQkdFRUVobkRRd1J1dlJ5THA5V0NnaHhGay90NzlmNnBmazFOQ3FrbmVMUVdvTUphNm5ncGRSYz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1882
content-length
567
expires
0
sid
mug.criteo.com/ Frame F26B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=posting4profitnow.com&lsw=1
  • https://mug.criteo.com/sid?cpp=KD75inwwV0VXQ2ZMb3dIVE9yQS8vUVphRzcxNHBXNHVQNVdNcGRqbDRUTDZFVDZGUlVQWTdDOU1xSkNEdEl0YmU4ZEhESUdqOXg0Z0tBSExMV2FtYm9QQWlqL3NaamY4aExDeDVqb2hNZVRYSnRCaGlZZm5qRFI1QkdoS0...
457 B
638 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=KD75inwwV0VXQ2ZMb3dIVE9yQS8vUVphRzcxNHBXNHVQNVdNcGRqbDRUTDZFVDZGUlVQWTdDOU1xSkNEdEl0YmU4ZEhESUdqOXg0Z0tBSExMV2FtYm9QQWlqL3NaamY4aExDeDVqb2hNZVRYSnRCaGlZZm5qRFI1QkdoS0Z1VitYUFl2RElRT2lhbC9lNnR2WTF0d3pZc25FUXNITWwxenpaakp0STY2RGcvN0dvR2hFK1c2Z2t4NjdCZ2l6cjFtaFpiMnZGL2twdVoyUmIyUTg5Sy9BUWs5b3lUY2Rvb3dUU2JMd3ZoRmkrb3QxVlVkU3czSGRNUWdBN1Qxd1ZMbnJTSWJya3VrczVTaHRYWGFRRjdWM21wSjdDZnFMYnFRZ3NhSGgwVEZLQUw3SDBDMD18&cppv=2
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
d32c1f2bb336b8133c77136240970713f8a160de0a1a61babf6e7c7d8a251439
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 06 Dec 2021 23:11:13 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3133
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 06 Dec 2021 23:11:12 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=KD75inwwV0VXQ2ZMb3dIVE9yQS8vUVphRzcxNHBXNHVQNVdNcGRqbDRUTDZFVDZGUlVQWTdDOU1xSkNEdEl0YmU4ZEhESUdqOXg0Z0tBSExMV2FtYm9QQWlqL3NaamY4aExDeDVqb2hNZVRYSnRCaGlZZm5qRFI1QkdoS0Z1VitYUFl2RElRT2lhbC9lNnR2WTF0d3pZc25FUXNITWwxenpaakp0STY2RGcvN0dvR2hFK1c2Z2t4NjdCZ2l6cjFtaFpiMnZGL2twdVoyUmIyUTg5Sy9BUWs5b3lUY2Rvb3dUU2JMd3ZoRmkrb3QxVlVkU3czSGRNUWdBN1Qxd1ZMbnJTSWJya3VrczVTaHRYWGFRRjdWM21wSjdDZnFMYnFRZ3NhSGgwVEZLQUw3SDBDMD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1811
content-length
567
expires
0
gusid
175592.tracking.hyros.com/v1/lst/ Frame 2A80
0
498 B
XHR
General
Full URL
https://175592.tracking.hyros.com/v1/lst/gusid?
Requested by
Host: 175592.tracking.hyros.com
URL: https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
Product-ID
175592

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
session-id
HB-ET_589feffb62720ba252b67ccb65d912335475d911495e8b7ef7f4bcf1a2ccdbf4
etag
HB-ET_589feffb62720ba252b67ccb65d912335475d911495e8b7ef7f4bcf1a2ccdbf4
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://app.groove.cm
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
0
gusid
175592.tracking.hyros.com/v1/lst/ Frame
0
0
Preflight
General
Full URL
https://175592.tracking.hyros.com/v1/lst/gusid?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
product-id
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-type
application/vnd.sun.wadl+xml;charset=utf-8
content-length
1439
access-control-allow-origin
https://app.groove.cm
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers
product-id
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-credentials
true
allow
HEAD,GET,OPTIONS
last-modified
Mon, 06 Dec 2021 23:11:13 UTC
css2
fonts.googleapis.com/ Frame 3123
714 KB
136 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/css/chunk-vendors.ebe8269c.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f05db6aee4045654ed90e8a6f87e7d703f326ede4af5e72737a30463b572b76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 23:11:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 23:11:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 23:11:13 GMT
csp-report
q.stripe.com/ Frame 1A39
0
120 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
x-envoy-upstream-service-time
3
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
csp-report
q.stripe.com/ Frame 1A39
0
120 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
x-envoy-upstream-service-time
2
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
css2
fonts.googleapis.com/ Frame DE4C
714 KB
136 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/css/chunk-vendors.ebe8269c.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f05db6aee4045654ed90e8a6f87e7d703f326ede4af5e72737a30463b572b76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 23:11:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 23:11:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 23:11:13 GMT
css2
fonts.googleapis.com/ Frame 5E6E
714 KB
136 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/css/chunk-vendors.ebe8269c.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f05db6aee4045654ed90e8a6f87e7d703f326ede4af5e72737a30463b572b76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 23:11:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 23:11:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 23:11:13 GMT
css2
fonts.googleapis.com/ Frame 2A80
714 KB
136 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/css/chunk-vendors.ebe8269c.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f05db6aee4045654ed90e8a6f87e7d703f326ede4af5e72737a30463b572b76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 23:11:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 23:11:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 23:11:13 GMT
css2
fonts.googleapis.com/ Frame 19F2
714 KB
136 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/css/chunk-vendors.ebe8269c.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f05db6aee4045654ed90e8a6f87e7d703f326ede4af5e72737a30463b572b76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 23:11:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 23:11:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 23:11:13 GMT
css2
fonts.googleapis.com/ Frame A047
714 KB
136 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/css/chunk-vendors.ebe8269c.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f05db6aee4045654ed90e8a6f87e7d703f326ede4af5e72737a30463b572b76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 23:11:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 23:11:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 23:11:13 GMT
51411
v1.gdapis.com/api/groovesell/resolve-affiliate-cookie/ Frame DB7D
524 B
1006 B
XHR
General
Full URL
https://v1.gdapis.com/api/groovesell/resolve-affiliate-cookie/51411
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/admin/js_new/app.503b59.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
df33806df3d2a449ea32154f3da5985ca8e7df1c2341bafed46347577faadc8e

Request headers

Accept
application/json, text/plain, */*
Referer
https://posting4profitnow.groovesell.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.24
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
596
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3quNCug7%2BrYFkOH%2BXlI%2Bmm7x628vSgoNFIjrJDswIaChkjKCeywcBoHfFOUuCyr1dVpIZ%2FOlESMwjAW7q0Wyizh94QbeE2qlRpISqrVZD1FvirEZ%2F86CcWsD3vfCQDHMUrblUSo%2B%2FRCYdmo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6b99312fdea1691c-FRA
51411
v1.gdapis.com/api/groovesell/resolve-affiliate-cookie/ Frame
0
0
Preflight
General
Full URL
https://v1.gdapis.com/api/groovesell/resolve-affiliate-cookie/51411
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://posting4profitnow.groovesell.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.24
cache-control
no-cache, private
access-control-allow-methods
POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers
Content-Type, X-Auth-Token, Origin, Authorization, *
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3Y%2BTU42Qplyfy7ewOCApQBsaWPQ0zGdB0jarNLzqvqsHF9UlohWiK65%2F%2FzwdQCTIYpb9opqJkwhwAJnNJc7aDuNSq%2BMmqsTU5cBfKN%2BloMFtNJx9Y2cO%2FyD%2FujAc0aLpi3cf08bErUPTRll"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b99312efcdc691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
gusid
175592.tracking.hyros.com/v1/lst/ Frame A047
0
498 B
XHR
General
Full URL
https://175592.tracking.hyros.com/v1/lst/gusid?
Requested by
Host: 175592.tracking.hyros.com
URL: https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
Product-ID
175592

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
session-id
HB-ET_589feffb62720ba252b67ccb65d912335475d911495e8b7ef7f4bcf1a2ccdbf4
etag
HB-ET_589feffb62720ba252b67ccb65d912335475d911495e8b7ef7f4bcf1a2ccdbf4
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://app.groove.cm
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
0
gusid
175592.tracking.hyros.com/v1/lst/ Frame
0
0
Preflight
General
Full URL
https://175592.tracking.hyros.com/v1/lst/gusid?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
product-id
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-type
application/vnd.sun.wadl+xml;charset=utf-8
content-length
1439
access-control-allow-origin
https://app.groove.cm
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers
product-id
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-credentials
true
allow
HEAD,GET,OPTIONS
last-modified
Mon, 06 Dec 2021 23:11:13 UTC
gusid
175592.tracking.hyros.com/v1/lst/ Frame 19F2
0
498 B
XHR
General
Full URL
https://175592.tracking.hyros.com/v1/lst/gusid?
Requested by
Host: 175592.tracking.hyros.com
URL: https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
Product-ID
175592

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
session-id
HB-ET_589feffb62720ba252b67ccb65d912335475d911495e8b7ef7f4bcf1a2ccdbf4
etag
HB-ET_589feffb62720ba252b67ccb65d912335475d911495e8b7ef7f4bcf1a2ccdbf4
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://app.groove.cm
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
0
gusid
175592.tracking.hyros.com/v1/lst/ Frame
0
0
Preflight
General
Full URL
https://175592.tracking.hyros.com/v1/lst/gusid?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
product-id
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-type
application/vnd.sun.wadl+xml;charset=utf-8
content-length
1439
access-control-allow-origin
https://app.groove.cm
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers
product-id
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-credentials
true
allow
HEAD,GET,OPTIONS
last-modified
Mon, 06 Dec 2021 23:11:13 UTC
out-4.5.41.js
m.stripe.network/ Frame 1A39
85 KB
16 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.41.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
122
x-cache
HIT
content-length
15786
x-request-id
0f7fcae1-e1d2-4f56-bb69-ff4450437fd2
x-served-by
cache-hhn4069-HHN
server
Fastly
x-timer
S1638832274.762216,VS0,VE0
date
Mon, 06 Dec 2021 23:11:13 GMT
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
3
gusid
175592.tracking.hyros.com/v1/lst/ Frame DE4C
0
498 B
XHR
General
Full URL
https://175592.tracking.hyros.com/v1/lst/gusid?
Requested by
Host: 175592.tracking.hyros.com
URL: https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
Product-ID
175592

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
session-id
HB-ET_589feffb62720ba252b67ccb65d912335475d911495e8b7ef7f4bcf1a2ccdbf4
etag
HB-ET_589feffb62720ba252b67ccb65d912335475d911495e8b7ef7f4bcf1a2ccdbf4
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://app.groove.cm
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
0
gusid
175592.tracking.hyros.com/v1/lst/ Frame
0
0
Preflight
General
Full URL
https://175592.tracking.hyros.com/v1/lst/gusid?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
product-id
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 06 Dec 2021 23:11:13 GMT
content-type
application/vnd.sun.wadl+xml;charset=utf-8
content-length
1439
access-control-allow-origin
https://app.groove.cm
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers
product-id
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-credentials
true
allow
HEAD,GET,OPTIONS
last-modified
Mon, 06 Dec 2021 23:11:13 UTC
event
widget.us.criteo.com/ Frame 2A80
Redirect Chain
  • https://sslwidget.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=vA0S-V93YTd4UWVpNElTTTR...
  • https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=vA0S-V93YTd4UWVpNElTTTR...
7 KB
8 KB
Script
General
Full URL
https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=vA0S-V93YTd4UWVpNElTTTRkVDYweTVtTWh2SnlIbHE3NDdhYVA3djJUZ2s1dmVMYVhiTGRROXN4MTBsbmJuclFHRXZZWjNlQVUzY2hSRTh5MGlBZFcwSGg5WXJDWGclMkI2NjhMV1Vab3pFUWo0S2taa1dwNFNFQU9ibHh1TlI4SkNCcEdnREdjVGt4TzRuajFQTGFtejlJN3U1JTJGUmFpZ0c3VnpyUW4zRm1JMEplVTdrJTNE&tld=app.groove.cm&dtycbr=85129
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6e87f9fea22bfe6bd6f115fbd6c37eee7d0741ca1b61a7079ec0b87e2ef18e85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
content-type
application/x-javascript
server
Kestrel
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
12244515
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
server
Kestrel
location
https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=vA0S-V93YTd4UWVpNElTTTRkVDYweTVtTWh2SnlIbHE3NDdhYVA3djJUZ2s1dmVMYVhiTGRROXN4MTBsbmJuclFHRXZZWjNlQVUzY2hSRTh5MGlBZFcwSGg5WXJDWGclMkI2NjhMV1Vab3pFUWo0S2taa1dwNFNFQU9ibHh1TlI4SkNCcEdnREdjVGt4TzRuajFQTGFtejlJN3U1JTJGUmFpZ0c3VnpyUW4zRm1JMEplVTdrJTNE&tld=app.groove.cm&dtycbr=85129
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2302580
timing-allow-origin
*
content-length
0
expires
0
event
widget.us.criteo.com/ Frame 19F2
Redirect Chain
  • https://sslwidget.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=ghQCsF9naDQ3RFVyYzNERUZ...
  • https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=ghQCsF9naDQ3RFVyYzNERUZ...
7 KB
8 KB
Script
General
Full URL
https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=ghQCsF9naDQ3RFVyYzNERUZ6TlBla1dKZGliRmxnOGpsd0d6akJaSWlvVlZ3aVBnVzRTWkc4OWhWeDViTTY2WXYlMkZTbjVDc0FuSTNaRUhhNGg1bDUlMkZhNXdJMHNFQ2JXaSUyRjM0Zk5Td0haN3NYMVZTJTJGOUxaJTJGJTJGWEpxTHNvSXdhT01GTWRBSUVndWFJUDl0NzFBcXRlMWVNMXg5ejJjR0IybENIbXd1d05hRHRpS2hLJTJCTSUzRA&tld=app.groove.cm&dtycbr=9944
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
97ff2c8409d7e79057a474aea4113aa26d49bd8a805a257ca3e71366f1ae4589

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:14 GMT
content-type
application/x-javascript
server
Kestrel
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
13151770
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
server
Kestrel
location
https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=ghQCsF9naDQ3RFVyYzNERUZ6TlBla1dKZGliRmxnOGpsd0d6akJaSWlvVlZ3aVBnVzRTWkc4OWhWeDViTTY2WXYlMkZTbjVDc0FuSTNaRUhhNGg1bDUlMkZhNXdJMHNFQ2JXaSUyRjM0Zk5Td0haN3NYMVZTJTJGOUxaJTJGJTJGWEpxTHNvSXdhT01GTWRBSUVndWFJUDl0NzFBcXRlMWVNMXg5ejJjR0IybENIbXd1d05hRHRpS2hLJTJCTSUzRA&tld=app.groove.cm&dtycbr=9944
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1593716
timing-allow-origin
*
content-length
0
expires
0
event
widget.us.criteo.com/ Frame A047
Redirect Chain
  • https://sslwidget.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=jddwVV9WcVVMVm9HaHdsMHB...
  • https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=jddwVV9WcVVMVm9HaHdsMHB...
7 KB
8 KB
Script
General
Full URL
https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=jddwVV9WcVVMVm9HaHdsMHBwVFNmRzJacThvcEpERXNldUYzeEZtV1ppSyUyRm9qSW9QZEYlMkJNVnNIcmRtJTJGN0VOVTFLTjVTRWVLRVp2MGpyTU5GeEpiSTZjSXEwU2FVREdyYWMzTnFzR2hwU3VsdUc0MDJwUkJpN3hIMUklMkJqMFZRYVVxVVFYTWdZaDBNMFRBMEQ1czN0Q3JlZERGanBsV2RFY3FsYzZKTW55RGw4NEtUSSUzRA&tld=app.groove.cm&dtycbr=45736
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
41a71c9780ed50d3ff378bd2bbd586fd4abf53dc96b46c62dd17c1123dd11b0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:14 GMT
content-type
application/x-javascript
server
Kestrel
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
12595035
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
server
Kestrel
location
https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=jddwVV9WcVVMVm9HaHdsMHBwVFNmRzJacThvcEpERXNldUYzeEZtV1ppSyUyRm9qSW9QZEYlMkJNVnNIcmRtJTJGN0VOVTFLTjVTRWVLRVp2MGpyTU5GeEpiSTZjSXEwU2FVREdyYWMzTnFzR2hwU3VsdUc0MDJwUkJpN3hIMUklMkJqMFZRYVVxVVFYTWdZaDBNMFRBMEQ1czN0Q3JlZERGanBsV2RFY3FsYzZKTW55RGw4NEtUSSUzRA&tld=app.groove.cm&dtycbr=45736
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2046868
timing-allow-origin
*
content-length
0
expires
0
event
widget.us.criteo.com/ Frame 5E6E
Redirect Chain
  • https://sslwidget.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=ffvOpl9hJTJCWDVvVzF6YXl...
  • https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=ffvOpl9hJTJCWDVvVzF6YXl...
7 KB
8 KB
Script
General
Full URL
https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=ffvOpl9hJTJCWDVvVzF6YXlkVmM4M0JXSllsQUsxVmVWJTJCUnNpREViRWo2dUJpcGpwZ3VOaGNNOWoxZlQwS3l6TWRkczhjeko0anlyZGREMVNMNWkzekhjN0JjYTB1TmxxejVlWCUyQnhqTW94VHFyRUhKRGJ6TXlsJTJCd0tpVmh2NGZFM0JNd3ZUcXZBWEJnZW4ycjc4ckZGVVVPQXMlMkZWWjBvdjRwcHJjVXFPeXR2ZGZwRWdvJTNE&tld=app.groove.cm&dtycbr=15067
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
37bfda3c0c864b494a99c32cd4ad3c6743120bb9b619685c553ceda63ae06a8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
content-type
application/x-javascript
server
Kestrel
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
12345546
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:12 GMT
server
Kestrel
location
https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=ffvOpl9hJTJCWDVvVzF6YXlkVmM4M0JXSllsQUsxVmVWJTJCUnNpREViRWo2dUJpcGpwZ3VOaGNNOWoxZlQwS3l6TWRkczhjeko0anlyZGREMVNMNWkzekhjN0JjYTB1TmxxejVlWCUyQnhqTW94VHFyRUhKRGJ6TXlsJTJCd0tpVmh2NGZFM0JNd3ZUcXZBWEJnZW4ycjc4ckZGVVVPQXMlMkZWWjBvdjRwcHJjVXFPeXR2ZGZwRWdvJTNE&tld=app.groove.cm&dtycbr=15067
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1650096
timing-allow-origin
*
content-length
0
expires
0
event
widget.us.criteo.com/ Frame 3123
Redirect Chain
  • https://sslwidget.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=FmZDVV9ZdkRVejY4OFNHYyU...
  • https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=FmZDVV9ZdkRVejY4OFNHYyU...
7 KB
8 KB
Script
General
Full URL
https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=FmZDVV9ZdkRVejY4OFNHYyUyQkdkWm5mb1ZETldxRk8lMkYwNDFFZkdDZUZyN25vY2lERkp4N3NmVENnYU1VOFpGVWpVc3NrSVBhaDhod2Z6V1olMkZpS0FYTnNqaWx0ZkhUQWlaSyUyRms4QVFYRm9EYU1JUHdhc24zenU3TmNvck1idlV2b0kxc3RMU2M2SlRXUVFIS0RnbktMZ3d1WEU4RzJiamVDeW5PMXBHaDNUTHJzdkxUVSUzRA&tld=app.groove.cm&dtycbr=60617
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d1ebd6170ff87a060b59dd88028270514fae65352599f3e27c287130d49ff9ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:14 GMT
content-type
application/x-javascript
server
Kestrel
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
12099139
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:12 GMT
server
Kestrel
location
https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=FmZDVV9ZdkRVejY4OFNHYyUyQkdkWm5mb1ZETldxRk8lMkYwNDFFZkdDZUZyN25vY2lERkp4N3NmVENnYU1VOFpGVWpVc3NrSVBhaDhod2Z6V1olMkZpS0FYTnNqaWx0ZkhUQWlaSyUyRms4QVFYRm9EYU1JUHdhc24zenU3TmNvck1idlV2b0kxc3RMU2M2SlRXUVFIS0RnbktMZ3d1WEU4RzJiamVDeW5PMXBHaDNUTHJzdkxUVSUzRA&tld=app.groove.cm&dtycbr=60617
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2319900
timing-allow-origin
*
content-length
0
expires
0
event
widget.us.criteo.com/ Frame DE4C
Redirect Chain
  • https://sslwidget.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=wjY6ml9zJTJGNldHUnYzN1k...
  • https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=wjY6ml9zJTJGNldHUnYzN1k...
7 KB
8 KB
Script
General
Full URL
https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=wjY6ml9zJTJGNldHUnYzN1k3c0FVTjNpaTBaJTJCUWJBR2ZKQjdMbk1QN2wzSUpnRzNUeXl3QWJLTVU4aTZvRkdrOXdQdkE1OUd2d0pKb3c1SGtVWVA2WEhpbXRXSmxSTVhKNjZETlFsSE8lMkI3ZmttZExWZ0I5ciUyRnJLdzJ4cFFlOXJXNDlMb1NGcSUyQnFNNWRFWXlIRUtEdlJ3N1pHN2M5dXBhbUVKOUw2Q2lwSU51Y0clMkJEMWclM0Q&tld=app.groove.cm&dtycbr=56008
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2fe8f6af40e88b5e53e6fa8a94b4d9ef22c670c6700e8380a9dcfe6bb7291a62

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:14 GMT
content-type
application/x-javascript
server
Kestrel
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
24614310
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:13 GMT
server
Kestrel
location
https://widget.us.criteo.com/event?a=81296&v=5.8.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fposting4profitnow.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=wjY6ml9zJTJGNldHUnYzN1k3c0FVTjNpaTBaJTJCUWJBR2ZKQjdMbk1QN2wzSUpnRzNUeXl3QWJLTVU4aTZvRkdrOXdQdkE1OUd2d0pKb3c1SGtVWVA2WEhpbXRXSmxSTVhKNjZETlFsSE8lMkI3ZmttZExWZ0I5ciUyRnJLdzJ4cFFlOXJXNDlMb1NGcSUyQnFNNWRFWXlIRUtEdlJ3N1pHN2M5dXBhbUVKOUw2Q2lwSU51Y0clMkJEMWclM0Q&tld=app.groove.cm&dtycbr=56008
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1299164
timing-allow-origin
*
content-length
0
expires
0
ping
api.loopedin.io/v1/users/ Frame
0
0
Preflight
General
Full URL
https://api.loopedin.io/v1/users/ping
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Cowboy
Connection
keep-alive
Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Dns-Prefetch-Control
off
Expect-Ct
max-age=0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
no-referrer
X-Xss-Protection
0
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Headers
Content-Type,Authorization
Content-Length
0
Date
Mon, 06 Dec 2021 23:11:14 GMT
Via
1.1 vegur
iframe_api
www.youtube.com/ Frame 3123
980 B
513 B
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfb416f542c3ed137ea4e44f1bf97101652d271887060f5d971bdfedd20aadda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires
Mon, 06 Dec 2021 23:11:14 GMT
matomo.js
matomo.groovetech.io/ Frame 3123
100 KB
32 KB
Script
General
Full URL
https://matomo.groovetech.io/matomo.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 Laval, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 /
Resource Hash
68fed142b211b51c4d2e9b610dd4d09bc4812739b5beaa63535d88e38e90a946

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
content-encoding
gzip
last-modified
Tue, 21 Jul 2020 21:11:02 GMT
server
nginx/1.19.2
etag
"19167-5aafa0f820d0f-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
32444
9a5a036c-0074-4e7a-a553-f7b43115d16d
https://app.groove.cm/ Frame 3123
97 B
0
Script
General
Full URL
blob:https://app.groove.cm/9a5a036c-0074-4e7a-a553-f7b43115d16d
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebd665d12fafd384e3a9d3ec3f6bef1d2004feaf93723a9968bca9700d0d6f3f

Request headers

Referer
Origin
https://app.groove.cm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
97
Content-Type
text/javascript
ping
api.loopedin.io/v1/users/ Frame 3123
3 B
1 KB
Fetch
General
Full URL
https://api.loopedin.io/v1/users/ping
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Dns-Prefetch-Control
off
Date
Mon, 06 Dec 2021 23:11:14 GMT
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
3
X-Xss-Protection
0
Referrer-Policy
no-referrer
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Etag
W/"3-n5rwKVhboBTgfNORDKl2z1YWBhY"
Expect-Ct
max-age=0
X-Ratelimit-Remaining
48
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset
1638832300
X-Ratelimit-Limit
50
Content-Type
application/json; charset=utf-8
app-config
api.loopedin.io/ Frame 3123
525 B
2 KB
XHR
General
Full URL
https://api.loopedin.io/app-config?product_id=f634edf5-70e7-429d-8c94-c26dfaeaee26&timestamp=0&public=true&user=public&domain=app.groove.cm
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
9d9f8ace2331bb85ead119f0ca083ec82d50eb73beab3e738f88ad1c74525f06
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Dns-Prefetch-Control
off
Date
Mon, 06 Dec 2021 23:11:14 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept-Encoding
Content-Length
525
X-Xss-Protection
0
Referrer-Policy
no-referrer
Server
Cowboy
Etag
W/"20d-Bb5sbz+O0uvmXY8v0MEWnhaPivw"
Expect-Ct
max-age=0
X-Ratelimit-Remaining
49
Access-Control-Allow-Methods
GET
X-Download-Options
noopen
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset
1638832300
X-Ratelimit-Limit
50
Content-Type
application/json; charset=utf-8
notification.png
cdn.productstash.io/images/ Frame 3123
1 KB
2 KB
Image
General
Full URL
https://cdn.productstash.io/images/notification.png
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
87608a8dea58460e4b38f3445a737f999eb6a62dee361be55e06625d505c4e5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
via
1.1 vegur
x-content-type-options
nosniff
cdn-edgestorageid
756
x-dns-prefetch-control
off
cdn-cachedat
08/11/2021 08:30:54
cdn-pullzone
173232
content-length
1156
x-xss-protection
1; mode=block
server
BunnyCDN-DE1-756
last-modified
Mon, 09 Aug 2021 16:46:09 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/png
cdn-cache
HIT
cdn-uid
48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control
public, max-age=31536000
cdn-requestid
4c2f2ec7587d8b56437c81495eb6cb69
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
0
bat.bing.com/action/ Frame 3123
0
173 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=17533112&Ver=2&mid=d92d9e34-a849-4141-b819-e45591f85754&sid=cf1f5ce056e911ec87297f437de44c71&vid=cf1f922056e911ec90e855a8a280b5b7&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=GrooveFunnels&p=https%3A%2F%2Fposting4profitnow.com%2F&r=&lt=3880&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=645231
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4A751B44D0DE4B499383A61FA5CE5D9A Ref B: FRAEDGE1408 Ref C: 2021-12-06T23:11:14Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v20/ Frame DB7D
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v20/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb8dfe31c1772278d6e6c6237aa0bdf1d686bf1464cc3c40ed925c6193ec62f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://posting4profitnow.groovesell.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 21:26:02 GMT
x-content-type-options
nosniff
age
524712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14004
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 20:46:45 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 21:26:02 GMT
track
www.linkedin.com/li/ Frame 117A
0
1 KB
Ping
General
Full URL
https://www.linkedin.com/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6846197346825588736?compact=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXSgl+RKRyxO84dhFmYcg==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: CB198C886B1344968990B61131458544 Ref B: FRAEDGE1214 Ref C: 2021-12-06T23:11:14Z
date
Mon, 06 Dec 2021 23:11:14 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.linkedin.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
x-li-fabric
prod-ltx1
expires
Thu, 01 Jan 1970 00:00:00 GMT
ping
api.loopedin.io/v1/users/ Frame
0
0
Preflight
General
Full URL
https://api.loopedin.io/v1/users/ping
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Cowboy
Connection
keep-alive
Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Dns-Prefetch-Control
off
Expect-Ct
max-age=0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
no-referrer
X-Xss-Protection
0
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Headers
Content-Type,Authorization
Content-Length
0
Date
Mon, 06 Dec 2021 23:11:14 GMT
Via
1.1 vegur
iframe_api
www.youtube.com/ Frame DE4C
980 B
513 B
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfb416f542c3ed137ea4e44f1bf97101652d271887060f5d971bdfedd20aadda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires
Mon, 06 Dec 2021 23:11:14 GMT
matomo.js
matomo.groovetech.io/ Frame DE4C
100 KB
32 KB
Script
General
Full URL
https://matomo.groovetech.io/matomo.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 Laval, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 /
Resource Hash
68fed142b211b51c4d2e9b610dd4d09bc4812739b5beaa63535d88e38e90a946

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
content-encoding
gzip
last-modified
Tue, 21 Jul 2020 21:11:02 GMT
server
nginx/1.19.2
etag
"19167-5aafa0f820d0f-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
32444
501f46a0-e482-475b-93a8-6676d50bf003
https://app.groove.cm/ Frame DE4C
98 B
0
Script
General
Full URL
blob:https://app.groove.cm/501f46a0-e482-475b-93a8-6676d50bf003
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75f178f77629054e2a812e7a490749e9cbdbb6e7389fe823703fce196f43b11e

Request headers

Referer
Origin
https://app.groove.cm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
98
Content-Type
text/javascript
notification.png
cdn.productstash.io/images/ Frame DE4C
1 KB
2 KB
Image
General
Full URL
https://cdn.productstash.io/images/notification.png
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
87608a8dea58460e4b38f3445a737f999eb6a62dee361be55e06625d505c4e5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
via
1.1 vegur
x-content-type-options
nosniff
cdn-edgestorageid
756
x-dns-prefetch-control
off
cdn-cachedat
08/11/2021 08:30:54
cdn-pullzone
173232
content-length
1156
x-xss-protection
1; mode=block
server
BunnyCDN-DE1-756
last-modified
Mon, 09 Aug 2021 16:46:09 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/png
cdn-cache
HIT
cdn-uid
48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control
public, max-age=31536000
cdn-requestid
cf6be217967f5437386927167640beb6
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
ping
api.loopedin.io/v1/users/ Frame DE4C
3 B
1 KB
Fetch
General
Full URL
https://api.loopedin.io/v1/users/ping
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Dns-Prefetch-Control
off
Date
Mon, 06 Dec 2021 23:11:14 GMT
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
3
X-Xss-Protection
0
Referrer-Policy
no-referrer
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Etag
W/"3-n5rwKVhboBTgfNORDKl2z1YWBhY"
Expect-Ct
max-age=0
X-Ratelimit-Remaining
46
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset
1638832300
X-Ratelimit-Limit
50
Content-Type
application/json; charset=utf-8
app-config
api.loopedin.io/ Frame DE4C
525 B
2 KB
XHR
General
Full URL
https://api.loopedin.io/app-config?product_id=f634edf5-70e7-429d-8c94-c26dfaeaee26&timestamp=0&public=true&user=public&domain=app.groove.cm
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
9d9f8ace2331bb85ead119f0ca083ec82d50eb73beab3e738f88ad1c74525f06
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Dns-Prefetch-Control
off
Date
Mon, 06 Dec 2021 23:11:14 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept-Encoding
Content-Length
525
X-Xss-Protection
0
Referrer-Policy
no-referrer
Server
Cowboy
Etag
W/"20d-Bb5sbz+O0uvmXY8v0MEWnhaPivw"
Expect-Ct
max-age=0
X-Ratelimit-Remaining
47
Access-Control-Allow-Methods
GET
X-Download-Options
noopen
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset
1638832300
X-Ratelimit-Limit
50
Content-Type
application/json; charset=utf-8
6
m.stripe.com/ Frame 1A39
156 B
523 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.194.245 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-194-245.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
585973c00dd84bc11b7e79d718d1e1f26a5a41db9766f175f812cd24e2860897
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
ping
api.loopedin.io/v1/users/ Frame
0
0
Preflight
General
Full URL
https://api.loopedin.io/v1/users/ping
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Cowboy
Connection
keep-alive
Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Dns-Prefetch-Control
off
Expect-Ct
max-age=0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
no-referrer
X-Xss-Protection
0
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Headers
Content-Type,Authorization
Content-Length
0
Date
Mon, 06 Dec 2021 23:11:14 GMT
Via
1.1 vegur
iframe_api
www.youtube.com/ Frame 5E6E
980 B
513 B
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfb416f542c3ed137ea4e44f1bf97101652d271887060f5d971bdfedd20aadda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires
Mon, 06 Dec 2021 23:11:14 GMT
matomo.js
matomo.groovetech.io/ Frame 5E6E
100 KB
32 KB
Script
General
Full URL
https://matomo.groovetech.io/matomo.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 Laval, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 /
Resource Hash
68fed142b211b51c4d2e9b610dd4d09bc4812739b5beaa63535d88e38e90a946

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
content-encoding
gzip
last-modified
Tue, 21 Jul 2020 21:11:02 GMT
server
nginx/1.19.2
etag
"19167-5aafa0f820d0f-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
32444
4c1e362f-88d9-4ff5-bca7-139c5948c4f7
https://app.groove.cm/ Frame 5E6E
98 B
0
Script
General
Full URL
blob:https://app.groove.cm/4c1e362f-88d9-4ff5-bca7-139c5948c4f7
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56991a2d7d45bd8a267d4ff5f16de8983c51901c50caccfaa4b1e9ee2da45fdd

Request headers

Referer
Origin
https://app.groove.cm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
98
Content-Type
text/javascript
notification.png
cdn.productstash.io/images/ Frame 5E6E
1 KB
2 KB
Image
General
Full URL
https://cdn.productstash.io/images/notification.png
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
87608a8dea58460e4b38f3445a737f999eb6a62dee361be55e06625d505c4e5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
via
1.1 vegur
x-content-type-options
nosniff
cdn-edgestorageid
756
x-dns-prefetch-control
off
cdn-cachedat
08/11/2021 08:30:54
cdn-pullzone
173232
content-length
1156
x-xss-protection
1; mode=block
server
BunnyCDN-DE1-756
last-modified
Mon, 09 Aug 2021 16:46:09 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/png
cdn-cache
HIT
cdn-uid
48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control
public, max-age=31536000
cdn-requestid
af652ecdc993e1ce20361241d837c43a
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
ping
api.loopedin.io/v1/users/ Frame 5E6E
3 B
1 KB
Fetch
General
Full URL
https://api.loopedin.io/v1/users/ping
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Dns-Prefetch-Control
off
Date
Mon, 06 Dec 2021 23:11:14 GMT
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
3
X-Xss-Protection
0
Referrer-Policy
no-referrer
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Etag
W/"3-n5rwKVhboBTgfNORDKl2z1YWBhY"
Expect-Ct
max-age=0
X-Ratelimit-Remaining
44
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset
1638832300
X-Ratelimit-Limit
50
Content-Type
application/json; charset=utf-8
app-config
api.loopedin.io/ Frame 5E6E
525 B
2 KB
XHR
General
Full URL
https://api.loopedin.io/app-config?product_id=f634edf5-70e7-429d-8c94-c26dfaeaee26&timestamp=0&public=true&user=public&domain=app.groove.cm
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
9d9f8ace2331bb85ead119f0ca083ec82d50eb73beab3e738f88ad1c74525f06
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Dns-Prefetch-Control
off
Date
Mon, 06 Dec 2021 23:11:14 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept-Encoding
Content-Length
525
X-Xss-Protection
0
Referrer-Policy
no-referrer
Server
Cowboy
Etag
W/"20d-Bb5sbz+O0uvmXY8v0MEWnhaPivw"
Expect-Ct
max-age=0
X-Ratelimit-Remaining
45
Access-Control-Allow-Methods
GET
X-Download-Options
noopen
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset
1638832300
X-Ratelimit-Limit
50
Content-Type
application/json; charset=utf-8
pc
175592.tracking.hyros.com/v1/lst/ Frame 2A80
117 B
366 B
XHR
General
Full URL
https://175592.tracking.hyros.com/v1/lst/pc?prev_url=https%3A%2F%2Fposting4profitnow.com%2F&ref_url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79654%2FjGx72GODkUqq1ZyTrN49&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36
Requested by
Host: 175592.tracking.hyros.com
URL: https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash
352b29ef9e282df7984ac8fc8f6de02c8568a1f54f7476670c6703044f558d36

Request headers

Session-ID
HB-ET_589feffb62720ba252b67ccb65d912335475d911495e8b7ef7f4bcf1a2ccdbf4
Product-ID
175592
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
Access-Control-Allow-Headers
*

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
content-type
application/json;charset=utf-8
access-control-allow-origin
https://app.groove.cm
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
117
pc
175592.tracking.hyros.com/v1/lst/ Frame
0
0
Preflight
General
Full URL
https://175592.tracking.hyros.com/v1/lst/pc?prev_url=https%3A%2F%2Fposting4profitnow.com%2F&ref_url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79654%2FjGx72GODkUqq1ZyTrN49&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
content-type
application/vnd.sun.wadl+xml;charset=utf-8
content-length
3103
access-control-allow-origin
https://app.groove.cm
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers
access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-credentials
true
allow
HEAD,GET,OPTIONS
last-modified
Mon, 06 Dec 2021 23:11:14 UTC
pc
175592.tracking.hyros.com/v1/lst/ Frame 5E6E
117 B
366 B
XHR
General
Full URL
https://175592.tracking.hyros.com/v1/lst/pc?prev_url=https%3A%2F%2Fposting4profitnow.com%2F&ref_url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79651%2FjZ9IfBVyFOKNxl9jU54M&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36
Requested by
Host: 175592.tracking.hyros.com
URL: https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash
18ad35e38621a05c5ccfbc72f34228b56ede8f702f2637e4319993af18930998

Request headers

Session-ID
HB-ET_589feffb62720ba252b67ccb65d912335475d911495e8b7ef7f4bcf1a2ccdbf4
Product-ID
175592
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
Access-Control-Allow-Headers
*

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
content-type
application/json;charset=utf-8
access-control-allow-origin
https://app.groove.cm
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
117
pc
175592.tracking.hyros.com/v1/lst/ Frame
0
0
Preflight
General
Full URL
https://175592.tracking.hyros.com/v1/lst/pc?prev_url=https%3A%2F%2Fposting4profitnow.com%2F&ref_url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79651%2FjZ9IfBVyFOKNxl9jU54M&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
content-type
application/vnd.sun.wadl+xml;charset=utf-8
content-length
3103
access-control-allow-origin
https://app.groove.cm
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers
access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-credentials
true
allow
HEAD,GET,OPTIONS
last-modified
Mon, 06 Dec 2021 23:11:14 UTC
pc
175592.tracking.hyros.com/v1/lst/ Frame DE4C
117 B
366 B
XHR
General
Full URL
https://175592.tracking.hyros.com/v1/lst/pc?prev_url=https%3A%2F%2Fposting4profitnow.com%2F&ref_url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79645%2F1pRJ3JmNn0gEPIi1nIoY&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36
Requested by
Host: 175592.tracking.hyros.com
URL: https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash
6072a3994e1df5ddbf6eba5621930805c95cc0f3a27d9ffa62d440f81c3c3bb9

Request headers

Session-ID
HB-ET_589feffb62720ba252b67ccb65d912335475d911495e8b7ef7f4bcf1a2ccdbf4
Product-ID
175592
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
Access-Control-Allow-Headers
*

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
content-type
application/json;charset=utf-8
access-control-allow-origin
https://app.groove.cm
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
117
pc
175592.tracking.hyros.com/v1/lst/ Frame
0
0
Preflight
General
Full URL
https://175592.tracking.hyros.com/v1/lst/pc?prev_url=https%3A%2F%2Fposting4profitnow.com%2F&ref_url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79645%2F1pRJ3JmNn0gEPIi1nIoY&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
content-type
application/vnd.sun.wadl+xml;charset=utf-8
content-length
3103
access-control-allow-origin
https://app.groove.cm
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers
access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-credentials
true
allow
HEAD,GET,OPTIONS
last-modified
Mon, 06 Dec 2021 23:11:14 UTC
pc
175592.tracking.hyros.com/v1/lst/ Frame 3123
117 B
366 B
XHR
General
Full URL
https://175592.tracking.hyros.com/v1/lst/pc?prev_url=https%3A%2F%2Fposting4profitnow.com%2F&ref_url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79650%2Fdytj8Zl0tXGVRJ1e2VfN&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36
Requested by
Host: 175592.tracking.hyros.com
URL: https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash
447f7cbdbdaf9a9e2aa1b6f4c92bd2db6885bc4a4eab23ad0ea69d6f426c5cb7

Request headers

Session-ID
HB-ET_589feffb62720ba252b67ccb65d912335475d911495e8b7ef7f4bcf1a2ccdbf4
Product-ID
175592
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
Access-Control-Allow-Headers
*

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
content-type
application/json;charset=utf-8
access-control-allow-origin
https://app.groove.cm
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
117
pc
175592.tracking.hyros.com/v1/lst/ Frame 19F2
117 B
366 B
XHR
General
Full URL
https://175592.tracking.hyros.com/v1/lst/pc?prev_url=https%3A%2F%2Fposting4profitnow.com%2F&ref_url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79652%2FTot2pgPvI8YiKGUNLHCb&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36
Requested by
Host: 175592.tracking.hyros.com
URL: https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash
73d658daa32915eaf0771ba48e7d619da21030ce7108e5f1e25932f685ebf3ec

Request headers

Session-ID
HB-ET_589feffb62720ba252b67ccb65d912335475d911495e8b7ef7f4bcf1a2ccdbf4
Product-ID
175592
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
Access-Control-Allow-Headers
*

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
content-type
application/json;charset=utf-8
access-control-allow-origin
https://app.groove.cm
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
117
pc
175592.tracking.hyros.com/v1/lst/ Frame
0
0
Preflight
General
Full URL
https://175592.tracking.hyros.com/v1/lst/pc?prev_url=https%3A%2F%2Fposting4profitnow.com%2F&ref_url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79650%2Fdytj8Zl0tXGVRJ1e2VfN&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
content-type
application/vnd.sun.wadl+xml;charset=utf-8
content-length
3103
access-control-allow-origin
https://app.groove.cm
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers
access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-credentials
true
allow
HEAD,GET,OPTIONS
last-modified
Mon, 06 Dec 2021 23:11:14 UTC
pc
175592.tracking.hyros.com/v1/lst/ Frame
0
0
Preflight
General
Full URL
https://175592.tracking.hyros.com/v1/lst/pc?prev_url=https%3A%2F%2Fposting4profitnow.com%2F&ref_url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79652%2FTot2pgPvI8YiKGUNLHCb&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
content-type
application/vnd.sun.wadl+xml;charset=utf-8
content-length
3103
access-control-allow-origin
https://app.groove.cm
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers
access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-credentials
true
allow
HEAD,GET,OPTIONS
last-modified
Mon, 06 Dec 2021 23:11:14 UTC
pc
175592.tracking.hyros.com/v1/lst/ Frame
0
0
Preflight
General
Full URL
https://175592.tracking.hyros.com/v1/lst/pc?prev_url=https%3A%2F%2Fposting4profitnow.com%2F&ref_url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79647%2F6RU0RcHbRRAQUOkM9eE8&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
content-type
application/vnd.sun.wadl+xml;charset=utf-8
content-length
3103
access-control-allow-origin
https://app.groove.cm
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers
access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-credentials
true
allow
HEAD,GET,OPTIONS
last-modified
Mon, 06 Dec 2021 23:11:14 UTC
pc
175592.tracking.hyros.com/v1/lst/ Frame A047
117 B
366 B
XHR
General
Full URL
https://175592.tracking.hyros.com/v1/lst/pc?prev_url=https%3A%2F%2Fposting4profitnow.com%2F&ref_url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79647%2F6RU0RcHbRRAQUOkM9eE8&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36
Requested by
Host: 175592.tracking.hyros.com
URL: https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.96.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-96-75.compute-1.amazonaws.com
Software
/
Resource Hash
43af1fa52c4f677a1d92cd0602e06b67de6f62cc8d63cb1e7336906cff63fd81

Request headers

Session-ID
HB-ET_589feffb62720ba252b67ccb65d912335475d911495e8b7ef7f4bcf1a2ccdbf4
Product-ID
175592
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
Access-Control-Allow-Headers
*

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
content-type
application/json;charset=utf-8
access-control-allow-origin
https://app.groove.cm
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
117
a
www.googletagmanager.com/ Frame 2A80
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-VQKC5VQTH1&cv=1&v=3&t=t&pid=221006700&rv=c10&e=gtm.js&eid=3&u=AAAAC&ut=C&tc=16&tr=5gct.5lcl.5lcl.5ehl&ti=1gct.1lcl.1lcl.1ehl&z=0
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:14 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
api.loopedin.io/v1/users/ Frame
0
0
Preflight
General
Full URL
https://api.loopedin.io/v1/users/ping
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Cowboy
Connection
keep-alive
Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Dns-Prefetch-Control
off
Expect-Ct
max-age=0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
no-referrer
X-Xss-Protection
0
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Headers
Content-Type,Authorization
Content-Length
0
Date
Mon, 06 Dec 2021 23:11:14 GMT
Via
1.1 vegur
iframe_api
www.youtube.com/ Frame 2A80
980 B
513 B
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfb416f542c3ed137ea4e44f1bf97101652d271887060f5d971bdfedd20aadda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires
Mon, 06 Dec 2021 23:11:14 GMT
matomo.js
matomo.groovetech.io/ Frame 2A80
100 KB
32 KB
Script
General
Full URL
https://matomo.groovetech.io/matomo.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 Laval, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 /
Resource Hash
68fed142b211b51c4d2e9b610dd4d09bc4812739b5beaa63535d88e38e90a946

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
content-encoding
gzip
last-modified
Tue, 21 Jul 2020 21:11:02 GMT
server
nginx/1.19.2
etag
"19167-5aafa0f820d0f-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
32444
46dedae8-a512-4e47-be24-97751d694644
https://app.groove.cm/ Frame 2A80
98 B
0
Script
General
Full URL
blob:https://app.groove.cm/46dedae8-a512-4e47-be24-97751d694644
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
997bec119f3b06459fdcc30db3be356ab3363410af61ba01c12bac6d055c7804

Request headers

Referer
Origin
https://app.groove.cm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
98
Content-Type
text/javascript
notification.png
cdn.productstash.io/images/ Frame 2A80
1 KB
2 KB
Image
General
Full URL
https://cdn.productstash.io/images/notification.png
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
87608a8dea58460e4b38f3445a737f999eb6a62dee361be55e06625d505c4e5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
via
1.1 vegur
x-content-type-options
nosniff
cdn-edgestorageid
756
x-dns-prefetch-control
off
cdn-cachedat
08/11/2021 08:30:54
cdn-pullzone
173232
content-length
1156
x-xss-protection
1; mode=block
server
BunnyCDN-DE1-756
last-modified
Mon, 09 Aug 2021 16:46:09 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/png
cdn-cache
HIT
cdn-uid
48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control
public, max-age=31536000
cdn-requestid
a061c992cd4d73c37524ae8f5d93a149
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
ping
api.loopedin.io/v1/users/ Frame 2A80
3 B
1 KB
Fetch
General
Full URL
https://api.loopedin.io/v1/users/ping
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Dns-Prefetch-Control
off
Date
Mon, 06 Dec 2021 23:11:14 GMT
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
3
X-Xss-Protection
0
Referrer-Policy
no-referrer
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Etag
W/"3-n5rwKVhboBTgfNORDKl2z1YWBhY"
Expect-Ct
max-age=0
X-Ratelimit-Remaining
42
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset
1638832300
X-Ratelimit-Limit
50
Content-Type
application/json; charset=utf-8
app-config
api.loopedin.io/ Frame 2A80
525 B
2 KB
XHR
General
Full URL
https://api.loopedin.io/app-config?product_id=f634edf5-70e7-429d-8c94-c26dfaeaee26&timestamp=0&public=true&user=public&domain=app.groove.cm
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
9d9f8ace2331bb85ead119f0ca083ec82d50eb73beab3e738f88ad1c74525f06
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Dns-Prefetch-Control
off
Date
Mon, 06 Dec 2021 23:11:14 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept-Encoding
Content-Length
525
X-Xss-Protection
0
Referrer-Policy
no-referrer
Server
Cowboy
Etag
W/"20d-Bb5sbz+O0uvmXY8v0MEWnhaPivw"
Expect-Ct
max-age=0
X-Ratelimit-Remaining
43
Access-Control-Allow-Methods
GET
X-Download-Options
noopen
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset
1638832300
X-Ratelimit-Limit
50
Content-Type
application/json; charset=utf-8
js
www.paypal.com/sdk/ Frame DB7D
299 KB
91 KB
Script
General
Full URL
https://www.paypal.com/sdk/js?client-id=AcJ2Wq5bO3MhX4oAX6e-bZT_OkDv0Hap47V_3oVOt0BNhtfZ_ez90HznmD-b1RDZLWVEYbdbofM3k58s&vault=true
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/js/5.752635.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5bf26f137ec7b4c5ac45b9436148fe0017201732659c163841bbcb7fcaf04853
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-on3IjSCkVKU8UiwGVs1jBMTgLzsWIu7U2i5OXttLhNX5yBYv' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-on3IjSCkVKU8UiwGVs1jBMTgLzsWIu7U2i5OXttLhNX5yBYv' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
384, 384
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-on3IjSCkVKU8UiwGVs1jBMTgLzsWIu7U2i5OXttLhNX5yBYv' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-on3IjSCkVKU8UiwGVs1jBMTgLzsWIu7U2i5OXttLhNX5yBYv' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
0, 0
p3p
true
paypal-debug-id
ac303974c61c0
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
91553
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
date
Mon, 06 Dec 2021 23:11:14 GMT
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=10800
etag
W/"165a1-OJhU8ZrDUlwpi/Vs8FYPygCLOMg"
1638745895_Overview-min.png
assets.grooveapps.com/images/5ef02765e1ce590013d90067/ Frame DB7D
777 KB
779 KB
Image
General
Full URL
https://assets.grooveapps.com/images/5ef02765e1ce590013d90067/1638745895_Overview-min.png
Requested by
Host: posting4profitnow.groovesell.com
URL: https://posting4profitnow.groovesell.com/admin/js_new/app.503b59.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d98f374ed7e23d2e1b7a8c0d8d8f1ba3ca616cf1a34bbfc6b9cbdf7edfc8a7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
cf-cache-status
HIT
age
5
cf-polished
origFmt=png, origSize=982948
x-guploader-uploadid
ADPycdsVmbYxN8FoyeP06H6QfPhSgBcClxMbY-JUCclU0hXzHo52cG7GF_xSNKxqZ0SKGKCflzTsm66JKyAkE6-Q9w4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1638745895_Overview-min.webp"
content-type
image/webp
content-length
795986
expires
Tue, 07 Dec 2021 03:11:14 GMT
last-modified
Sun, 05 Dec 2021 23:11:35 GMT
server
cloudflare
etag
"a09351b202363b0fb40ca953beb1da18"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=PmdRkQ==, md5=oJNRsgI2Ow+0DKlTvrHaGA==
x-goog-generation
1638745895688809
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
982948
accept-ranges
bytes
cf-ray
6b9931368d614339-FRA
cf-bgj
imgq:85,h2pri
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame DB7D
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://posting4profitnow.groovesell.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 07:59:11 GMT
x-content-type-options
nosniff
age
573123
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 07:59:11 GMT
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ Frame DB7D
76 KB
77 KB
Font
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer
https://posting4profitnow.groovesell.com/
Origin
https://posting4profitnow.groovesell.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:14 GMT
via
1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
78168
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"a9fd1225fb2cd32320e2b931dca01089"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQa0JN%2BIiSLwHYnp9unRuArtujfJI3LUN0i%2BgKKGWuBjyw135PY%2BuYlF4O%2F3kG4J0ocoThFcUcQsk5%2FiPMENL3QSD1bqopyVdfzgpO9afOCIiQuF4wPgTSwmgi8dsXMCQRBcOpXDgIv%2Fq3DaLKXs2hNO9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6b9931368bda4edf-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
m80yODgiM2FnZKpmdH2MvK9EgW0L2zNiW_cDhOXhZaRJm_2dyN7X4Q==
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame DB7D
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://posting4profitnow.groovesell.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 13:18:02 GMT
x-content-type-options
nosniff
age
294792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 03 Dec 2022 13:18:02 GMT
0
bat.bing.com/action/ Frame 2A80
0
94 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=17533112&Ver=2&mid=4b916dac-5e36-45b4-bee5-a7144208d7ce&sid=cf1f5ce056e911ec87297f437de44c71&vid=cf1f922056e911ec90e855a8a280b5b7&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=GrooveFunnels&p=https%3A%2F%2Fposting4profitnow.com%2F&r=&lt=4509&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=119067
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 78472F1449044900856392ABB7D115A2 Ref B: FRAEDGE1408 Ref C: 2021-12-06T23:11:14Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ Frame DE4C
0
95 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=17533112&Ver=2&mid=4da21593-ace5-435f-b2a8-3fed9b04bebc&sid=cf1f5ce056e911ec87297f437de44c71&vid=cf1f922056e911ec90e855a8a280b5b7&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=GrooveFunnels&p=https%3A%2F%2Fposting4profitnow.com%2F&r=&lt=4079&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=277819
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F348ACFDC8B94158B687333A1B84FAFE Ref B: FRAEDGE1408 Ref C: 2021-12-06T23:11:14Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ Frame 5E6E
0
95 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=17533112&Ver=2&mid=18236a53-bdb3-42fb-89fe-1f54c5d4820f&sid=cf1f5ce056e911ec87297f437de44c71&vid=cf1f922056e911ec90e855a8a280b5b7&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=GrooveFunnels&p=https%3A%2F%2Fposting4profitnow.com%2F&r=&lt=4244&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=924586
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0676C19DA4E145B887674E81EA990B87 Ref B: FRAEDGE1408 Ref C: 2021-12-06T23:11:14Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 8D69
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/k2m2g3U0KIQ?rel=0&modestbranding=1&controls=1
X-YouTube-Client-Version
1.20211201.01.02
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgt2UGk3bWlPUFJIayiOsbqNBg%3D%3D
X-YouTube-Ad-Signals
dt=1638832271287&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C584%2C329&vis=1&wgl=true&ca_type=image

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Mon, 06 Dec 2021 23:11:15 GMT
ping
api.loopedin.io/v1/users/ Frame
0
0
Preflight
General
Full URL
https://api.loopedin.io/v1/users/ping
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Cowboy
Connection
keep-alive
Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Dns-Prefetch-Control
off
Expect-Ct
max-age=0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
no-referrer
X-Xss-Protection
0
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Headers
Content-Type,Authorization
Content-Length
0
Date
Mon, 06 Dec 2021 23:11:15 GMT
Via
1.1 vegur
iframe_api
www.youtube.com/ Frame 19F2
980 B
515 B
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfb416f542c3ed137ea4e44f1bf97101652d271887060f5d971bdfedd20aadda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires
Mon, 06 Dec 2021 23:11:15 GMT
matomo.js
matomo.groovetech.io/ Frame 19F2
100 KB
32 KB
Script
General
Full URL
https://matomo.groovetech.io/matomo.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 Laval, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 /
Resource Hash
68fed142b211b51c4d2e9b610dd4d09bc4812739b5beaa63535d88e38e90a946

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
content-encoding
gzip
last-modified
Tue, 21 Jul 2020 21:11:02 GMT
server
nginx/1.19.2
etag
"19167-5aafa0f820d0f-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
32444
2066084d-3614-4da5-80c7-e864422ac381
https://app.groove.cm/ Frame 19F2
98 B
0
Script
General
Full URL
blob:https://app.groove.cm/2066084d-3614-4da5-80c7-e864422ac381
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35b78d910acf249b52bc249132f01ddb13a48ac44a5fb7d33ce1ee2ba669d55a

Request headers

Referer
Origin
https://app.groove.cm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
98
Content-Type
text/javascript
notification.png
cdn.productstash.io/images/ Frame 19F2
1 KB
2 KB
Image
General
Full URL
https://cdn.productstash.io/images/notification.png
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
87608a8dea58460e4b38f3445a737f999eb6a62dee361be55e06625d505c4e5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
via
1.1 vegur
x-content-type-options
nosniff
cdn-edgestorageid
756
x-dns-prefetch-control
off
cdn-cachedat
08/11/2021 08:30:54
cdn-pullzone
173232
content-length
1156
x-xss-protection
1; mode=block
server
BunnyCDN-DE1-756
last-modified
Mon, 09 Aug 2021 16:46:09 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/png
cdn-cache
HIT
cdn-uid
48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control
public, max-age=31536000
cdn-requestid
782e9fac08f72a7b2c958bda9e549deb
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
ping
api.loopedin.io/v1/users/ Frame 19F2
3 B
1 KB
Fetch
General
Full URL
https://api.loopedin.io/v1/users/ping
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Dns-Prefetch-Control
off
Date
Mon, 06 Dec 2021 23:11:15 GMT
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
3
X-Xss-Protection
0
Referrer-Policy
no-referrer
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Etag
W/"3-n5rwKVhboBTgfNORDKl2z1YWBhY"
Expect-Ct
max-age=0
X-Ratelimit-Remaining
40
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset
1638832300
X-Ratelimit-Limit
50
Content-Type
application/json; charset=utf-8
app-config
api.loopedin.io/ Frame 19F2
525 B
2 KB
XHR
General
Full URL
https://api.loopedin.io/app-config?product_id=f634edf5-70e7-429d-8c94-c26dfaeaee26&timestamp=0&public=true&user=public&domain=app.groove.cm
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
9d9f8ace2331bb85ead119f0ca083ec82d50eb73beab3e738f88ad1c74525f06
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Dns-Prefetch-Control
off
Date
Mon, 06 Dec 2021 23:11:15 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept-Encoding
Content-Length
525
X-Xss-Protection
0
Referrer-Policy
no-referrer
Server
Cowboy
Etag
W/"20d-Bb5sbz+O0uvmXY8v0MEWnhaPivw"
Expect-Ct
max-age=0
X-Ratelimit-Remaining
41
Access-Control-Allow-Methods
GET
X-Download-Options
noopen
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset
1638832300
X-Ratelimit-Limit
50
Content-Type
application/json; charset=utf-8
config.js
app.groove.cm/config/ Frame 3123
324 B
475 B
Script
General
Full URL
https://app.groove.cm/config/config.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d7560c8b33f798d429fa0e84d88e11aff034ec7ab72a758d3ed52fc9b285a18

Request headers

Referer
Origin
https://app.groove.cm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:47:41 GMT
server
cloudflare
age
564
etag
W/"61ae228d-144"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2DzvntAwbMJy4erk5IkTPhDoGqn7Ua27Lqvr5LZnDumOxsowNHs%2Fat6JGs8ykoacS10Y8n0fklaAe7RDkocDVuUFwgmcg8Yq8YPxc%2Fq4ln7b7rwNSBXblPm%2BkjktCCNwVK%2FIb41YhzuGK4d"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b9931385bba4dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
0
bat.bing.com/action/ Frame 19F2
0
94 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=17533112&Ver=2&mid=78411a77-27a6-4915-9e36-749dddaf5f5d&sid=cf1f5ce056e911ec87297f437de44c71&vid=cf1f922056e911ec90e855a8a280b5b7&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=GrooveFunnels&p=https%3A%2F%2Fposting4profitnow.com%2F&r=&lt=4735&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=316743
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8637E719470D484482F02D1F71AB17D6 Ref B: FRAEDGE1408 Ref C: 2021-12-06T23:11:15Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
config.js
app.groove.cm/config/ Frame DE4C
324 B
534 B
Script
General
Full URL
https://app.groove.cm/config/config.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d7560c8b33f798d429fa0e84d88e11aff034ec7ab72a758d3ed52fc9b285a18

Request headers

Referer
Origin
https://app.groove.cm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:47:41 GMT
server
cloudflare
age
564
etag
W/"61ae228d-144"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nq5PuG3T3sI43p%2BJkOYHIogeG4jqZddid%2BajUtjKQYUKVJ%2BciEcV5LnZMUSAHgU1NtrEOqIxnV1yYkeJOLrztrXhDzFDLRBWbig9uCKgHYVL55K1tNRpc%2BxyxsvklSqo1ZQbg72f9wd4M%2B%2BJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b9931385bca4dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
config.js
app.groove.cm/config/ Frame 5E6E
324 B
662 B
Script
General
Full URL
https://app.groove.cm/config/config.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d7560c8b33f798d429fa0e84d88e11aff034ec7ab72a758d3ed52fc9b285a18

Request headers

Referer
Origin
https://app.groove.cm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:47:41 GMT
server
cloudflare
age
564
etag
W/"61ae228d-144"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sux0vVwL6m3uJirfHA3YJljdW1OsvLllYdw3pbwocslXVFcvB8LoK0lKcTIYCFjr80Qn7D3kJur5NJxSolowbhd52pF2EqfzvxTKvHmmObMKRtYX8UMBtMP01uZwy5zQsWDGt6uc7XTFw%2Fui"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b9931385bcc4dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
config.js
app.groove.cm/config/ Frame 2A80
324 B
463 B
Script
General
Full URL
https://app.groove.cm/config/config.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d7560c8b33f798d429fa0e84d88e11aff034ec7ab72a758d3ed52fc9b285a18

Request headers

Referer
Origin
https://app.groove.cm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:47:41 GMT
server
cloudflare
age
564
etag
W/"61ae228d-144"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3XBC3NCRAPJWDcE8CUIDRulFMbzwSjVPBIgnT5upeJTV2DE7G5wCoBpjxudp9Bq%2BHmyabk5f8QTy3JG7vV0a1YDlDgP%2BkttGDmoUjD%2BxQRmKmR%2BJBz2D8h2XK3VpoahJfDdLEauCFx9Zdsef"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b9931385bcf4dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
track
www.linkedin.com/li/ Frame E890
0
228 B
Ping
General
Full URL
https://www.linkedin.com/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6862063190298259456?compact=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXSgl+eOmwlBoKjRq9qpw==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 79F5E58B71044AECB1DD3925FDF9B888 Ref B: FRAEDGE1214 Ref C: 2021-12-06T23:11:15Z
date
Mon, 06 Dec 2021 23:11:15 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.linkedin.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
x-li-proto
http/2
x-li-fabric
prod-ltx1
expires
Thu, 01 Jan 1970 00:00:00 GMT
track
www.linkedin.com/li/ Frame 117A
0
1 KB
Ping
General
Full URL
https://www.linkedin.com/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6846197346825588736?compact=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXSgl+eOd9F5XiQwNjpUg==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: CE6E71A0D914418E89C577D0E732212A Ref B: FRAEDGE1214 Ref C: 2021-12-06T23:11:15Z
date
Mon, 06 Dec 2021 23:11:15 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.linkedin.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
x-li-proto
http/2
x-li-fabric
prod-ltx1
expires
Thu, 01 Jan 1970 00:00:00 GMT
ping
api.loopedin.io/v1/users/ Frame
0
0
Preflight
General
Full URL
https://api.loopedin.io/v1/users/ping
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Cowboy
Connection
keep-alive
Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Dns-Prefetch-Control
off
Expect-Ct
max-age=0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
no-referrer
X-Xss-Protection
0
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Headers
Content-Type,Authorization
Content-Length
0
Date
Mon, 06 Dec 2021 23:11:15 GMT
Via
1.1 vegur
iframe_api
www.youtube.com/ Frame A047
980 B
515 B
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfb416f542c3ed137ea4e44f1bf97101652d271887060f5d971bdfedd20aadda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires
Mon, 06 Dec 2021 23:11:15 GMT
matomo.js
matomo.groovetech.io/ Frame A047
100 KB
32 KB
Script
General
Full URL
https://matomo.groovetech.io/matomo.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 Laval, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 /
Resource Hash
68fed142b211b51c4d2e9b610dd4d09bc4812739b5beaa63535d88e38e90a946

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
content-encoding
gzip
last-modified
Tue, 21 Jul 2020 21:11:02 GMT
server
nginx/1.19.2
etag
"19167-5aafa0f820d0f-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
32444
1d048213-b831-4a2d-9be8-024493ac2560
https://app.groove.cm/ Frame A047
98 B
0
Script
General
Full URL
blob:https://app.groove.cm/1d048213-b831-4a2d-9be8-024493ac2560
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8cfda587b6ff4d82ce74e7c3a139112bc6b0a7a3b5a5bd632a8626aefdbd1409

Request headers

Referer
Origin
https://app.groove.cm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
98
Content-Type
text/javascript
notification.png
cdn.productstash.io/images/ Frame A047
1 KB
2 KB
Image
General
Full URL
https://cdn.productstash.io/images/notification.png
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
87608a8dea58460e4b38f3445a737f999eb6a62dee361be55e06625d505c4e5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
via
1.1 vegur
x-content-type-options
nosniff
cdn-edgestorageid
756
x-dns-prefetch-control
off
cdn-cachedat
08/11/2021 08:30:54
cdn-pullzone
173232
content-length
1156
x-xss-protection
1; mode=block
server
BunnyCDN-DE1-756
last-modified
Mon, 09 Aug 2021 16:46:09 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/png
cdn-cache
HIT
cdn-uid
48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control
public, max-age=31536000
cdn-requestid
08d6acfd778b9be5fc7a998bf5bf3202
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
ping
api.loopedin.io/v1/users/ Frame A047
3 B
1 KB
Fetch
General
Full URL
https://api.loopedin.io/v1/users/ping
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Dns-Prefetch-Control
off
Date
Mon, 06 Dec 2021 23:11:15 GMT
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
3
X-Xss-Protection
0
Referrer-Policy
no-referrer
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Etag
W/"3-n5rwKVhboBTgfNORDKl2z1YWBhY"
Expect-Ct
max-age=0
X-Ratelimit-Remaining
38
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset
1638832300
X-Ratelimit-Limit
50
Content-Type
application/json; charset=utf-8
app-config
api.loopedin.io/ Frame A047
525 B
2 KB
XHR
General
Full URL
https://api.loopedin.io/app-config?product_id=f634edf5-70e7-429d-8c94-c26dfaeaee26&timestamp=0&public=true&user=public&domain=app.groove.cm
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
9d9f8ace2331bb85ead119f0ca083ec82d50eb73beab3e738f88ad1c74525f06
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Dns-Prefetch-Control
off
Date
Mon, 06 Dec 2021 23:11:15 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept-Encoding
Content-Length
525
X-Xss-Protection
0
Referrer-Policy
no-referrer
Server
Cowboy
Etag
W/"20d-Bb5sbz+O0uvmXY8v0MEWnhaPivw"
Expect-Ct
max-age=0
X-Ratelimit-Remaining
39
Access-Control-Allow-Methods
GET
X-Download-Options
noopen
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset
1638832300
X-Ratelimit-Limit
50
Content-Type
application/json; charset=utf-8
www-widgetapi.js
www.youtube.com/s/player/8040e515/www-widgetapi.vflset/ Frame 3123
148 KB
48 KB
Script
General
Full URL
https://www.youtube.com/s/player/8040e515/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28a367ad31b0c6d2f4f3811be3a1b0f222edf79f01e4908a92dd0cac1ce781b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 18:24:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
17202
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49081
x-xss-protection
0
last-modified
Sun, 05 Dec 2021 00:07:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Dec 2022 18:24:33 GMT
www-widgetapi.js
www.youtube.com/s/player/8040e515/www-widgetapi.vflset/ Frame DE4C
148 KB
48 KB
Script
General
Full URL
https://www.youtube.com/s/player/8040e515/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28a367ad31b0c6d2f4f3811be3a1b0f222edf79f01e4908a92dd0cac1ce781b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 18:24:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
17202
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49081
x-xss-protection
0
last-modified
Sun, 05 Dec 2021 00:07:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Dec 2022 18:24:33 GMT
www-widgetapi.js
www.youtube.com/s/player/8040e515/www-widgetapi.vflset/ Frame 5E6E
148 KB
48 KB
Script
General
Full URL
https://www.youtube.com/s/player/8040e515/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28a367ad31b0c6d2f4f3811be3a1b0f222edf79f01e4908a92dd0cac1ce781b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 18:24:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
17202
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49081
x-xss-protection
0
last-modified
Sun, 05 Dec 2021 00:07:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Dec 2022 18:24:33 GMT
0
bat.bing.com/action/ Frame A047
0
118 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=17533112&Ver=2&mid=e065adf3-ff80-44f8-b988-8a2e8f54e4ba&sid=cf1f5ce056e911ec87297f437de44c71&vid=cf1f922056e911ec90e855a8a280b5b7&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=GrooveFunnels&p=https%3A%2F%2Fposting4profitnow.com%2F&r=&lt=4846&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=209429
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 11741DF5C2EC4E0BA1D7F714EABCF5A0 Ref B: FRAEDGE1408 Ref C: 2021-12-06T23:11:15Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
config.js
app.groove.cm/config/ Frame 19F2
324 B
451 B
Script
General
Full URL
https://app.groove.cm/config/config.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d7560c8b33f798d429fa0e84d88e11aff034ec7ab72a758d3ed52fc9b285a18

Request headers

Referer
Origin
https://app.groove.cm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:47:41 GMT
server
cloudflare
age
564
etag
W/"61ae228d-144"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSYY3ptsUiowKlFpnxkqX9GRTytbWvGA2tdUsiU5F7B0Dpr3qyYcyawMETfTJJzCtJKBVch0o%2B%2BGfJIp8mqXBZZSPvbi1W91CiS%2Ba7ouVGjWqR6gpqNiVfasC5IWJ8bRqbl6%2BQRCCwgCzytk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b993139bd474dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pptm.js
www.paypal.com/tagmanager/ Frame DB7D
12 KB
6 KB
Script
General
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=posting4profitnow.groovesell.com&t=xo&v=5.0.271&source=payments_sdk&client_id=AcJ2Wq5bO3MhX4oAX6e-bZT_OkDv0Hap47V_3oVOt0BNhtfZ_ez90HznmD-b1RDZLWVEYbdbofM3k58s&vault=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AcJ2Wq5bO3MhX4oAX6e-bZT_OkDv0Hap47V_3oVOt0BNhtfZ_ez90HznmD-b1RDZLWVEYbdbofM3k58s&vault=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
442035f71c10d96bf7fa6efe89aca7705495cfc40909bb70ad22fc4a9c091781
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-W5yydUDpzDFlkqC4QljIGVh9yFk9DaQ1zfkApg9F6dnfNEq+' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
768
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-W5yydUDpzDFlkqC4QljIGVh9yFk9DaQ1zfkApg9F6dnfNEq+' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
0
paypal-debug-id
abcddaaceff14
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
4321
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
date
Mon, 06 Dec 2021 23:11:16 GMT
strict-transport-security
max-age=63072000
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
etag
W/"2ef4-3xgck+FFolYd+Y4aULz7wuzevMY"
config.js
app.groove.cm/config/ Frame A047
324 B
452 B
Script
General
Full URL
https://app.groove.cm/config/config.js
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d7560c8b33f798d429fa0e84d88e11aff034ec7ab72a758d3ed52fc9b285a18

Request headers

Referer
Origin
https://app.groove.cm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 14:47:41 GMT
server
cloudflare
age
564
etag
W/"61ae228d-144"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MahG1KqFU%2FyPlE8mYc6tX3CsDXD0WzIeaEDBgStmCzpbBL7AiO0ZBeE8mZxsAGDlnGT9PJkwUIphpcBfDai5lXHjGxmF%2F%2FzkaW8jnvIgV2RsHmIdeY%2FTayXB6gLUKWGerzh3J%2BcXVcCLbcoq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b993139dd834dfa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
www-widgetapi.js
www.youtube.com/s/player/8040e515/www-widgetapi.vflset/ Frame 19F2
148 KB
48 KB
Script
General
Full URL
https://www.youtube.com/s/player/8040e515/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28a367ad31b0c6d2f4f3811be3a1b0f222edf79f01e4908a92dd0cac1ce781b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 18:24:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
17202
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49081
x-xss-protection
0
last-modified
Sun, 05 Dec 2021 00:07:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Dec 2022 18:24:33 GMT
www-widgetapi.js
www.youtube.com/s/player/8040e515/www-widgetapi.vflset/ Frame 2A80
148 KB
48 KB
Script
General
Full URL
https://www.youtube.com/s/player/8040e515/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28a367ad31b0c6d2f4f3811be3a1b0f222edf79f01e4908a92dd0cac1ce781b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 18:24:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
17202
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49081
x-xss-protection
0
last-modified
Sun, 05 Dec 2021 00:07:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Dec 2022 18:24:33 GMT
a
www.googletagmanager.com/ Frame 2A80
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-VQKC5VQTH1&cv=1&v=3&t=t&pid=221006700&rv=c10&es=1&e=gtm.dom&eid=5&u=AAAAC&ut=C&tc=16&tr=1ytl.5ytl&ti=1ytl.1ytl&z=0
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/8040e515/www-widgetapi.vflset/ Frame A047
148 KB
48 KB
Script
General
Full URL
https://www.youtube.com/s/player/8040e515/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28a367ad31b0c6d2f4f3811be3a1b0f222edf79f01e4908a92dd0cac1ce781b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 18:24:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
17202
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49081
x-xss-protection
0
last-modified
Sun, 05 Dec 2021 00:07:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Dec 2022 18:24:33 GMT
fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame
0
0
Preflight
General
Full URL
https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=1pRJ3JmNn0gEPIi1nIoY&id=79645
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-auth-provider
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.24
cache-control
no-cache, private
access-control-allow-methods
POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers
Content-Type, X-Auth-Token, Origin, Authorization, *
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPVY7mdyIYKSCcYufaRrvxjl5U1HHcYYNdWNLxO%2B7mX8SEhs3JWLh5SrhK0JYka69pD4vJAHPZs1JXgUMVGD5%2BSw2iKOJPLQS8%2FvCguXPOQFg6Pd%2Fn4Mox9Iq9KK3vYa4Fkk4Cp0l18QrMQ6"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b99313a1884691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame DE4C
2 KB
1 KB
XHR
General
Full URL
https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=1pRJ3JmNn0gEPIi1nIoY&id=79645
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
bc4778fe383942bc1f38ac5bda189a0c15783f3d51ac8c8e5ee83108dd152683

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.groove.cm/
x-auth-provider
auth0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.24
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
595
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTbntSZbYUvH6SJPIqPudGOMJlT8kNhJyu0b43Fqk4qFhE34ioxXOHOcECerjCtGwyNha632t6fD7e8U98CUuI%2BII%2FB5vtxyt9k%2FAl1osrQlm8EGv1AmK5AFlkXhhyIZBiR6a7PNLPIWiyIc"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6b99313b0a25691c-FRA
fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame 2A80
2 KB
1 KB
XHR
General
Full URL
https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=jGx72GODkUqq1ZyTrN49&id=79654
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
adfb8ca1967444db58f13ae76e98aaae549e0e3baf2c276caa36f68d6155740d

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.groove.cm/
x-auth-provider
auth0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.24
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
593
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Giu7sNk9dKVjxqsFzTTZH4ZwcKjUPSztX%2F8H0K1Rsc6zBkR9M4gjqIFsSa3UmOn8hQ5CVLDXh4qaqusH6xAUaRxGtdNhEm3u24g0bRt%2FlhJF2z%2FFPXsqcGFCCdGc3lml1X9138TCvk3EhBL"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6b99313c8cb0691c-FRA
fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame
0
0
Preflight
General
Full URL
https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=jGx72GODkUqq1ZyTrN49&id=79654
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-auth-provider
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.24
cache-control
no-cache, private
access-control-allow-methods
POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers
Content-Type, X-Auth-Token, Origin, Authorization, *
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6iq8UninNG9jNFV0SroW07JLX6F48TUlLMG2qVAMSLmYFBP8vAt%2FCAA1HuXhSWShZRyDn7hcI1AjLu7Xn2I1mLGRc6j%2FPyDH3DZS699BkxKUR7RHhjNa%2B5sSHfc02T3QgcJ1%2BK6bYG%2FyrVV"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b99313a38c1691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame
0
0
Preflight
General
Full URL
https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=jZ9IfBVyFOKNxl9jU54M&id=79651
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-auth-provider
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.24
cache-control
no-cache, private
access-control-allow-methods
POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers
Content-Type, X-Auth-Token, Origin, Authorization, *
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c73uRgyCejXKTSkQbpc19jaSdf528JH5W6hST9nT3ZgioFuBKO20sBK8ZrlIlBhNyhiaWbcA2GY7Ff880a1niBkO1l%2FMKqI8RjzCFUMc19FcP5BDM8sA5dAu82m3vHMYkoQJ1aom9UVyMTms"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b99313a48eb691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame 5E6E
2 KB
1 KB
XHR
General
Full URL
https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=jZ9IfBVyFOKNxl9jU54M&id=79651
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
2dddee4c43ef19390c3a24a21c2b4bd293d98de6c375b2f22bbc273d09aae3d2

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.groove.cm/
x-auth-provider
auth0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.24
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
597
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYe2g9yQ7NW5NQxUtBrH3j4W6B2ktim7akUQ44JLVH95mSVfJWwa%2B7gjoUXZEcHd023rKm5FKjZDB03uMb6BiazojMc9ASA7CwcqAhUD36xkAzZs9wdZ5v2j8JTo3d496rjgk9UtoUGrUOIE"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6b99313c8cae691c-FRA
fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame 3123
2 KB
1 KB
XHR
General
Full URL
https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=dytj8Zl0tXGVRJ1e2VfN&id=79650
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
358f9298ddae494bfe9c1d804bcaeaf40c9447ce40f92c138719744421906c89

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.groove.cm/
x-auth-provider
auth0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.24
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
593
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJtIAlxvasejLBkTZ8vIHC%2FISEcNDY1dTFTbgkvUGFjda2TmV%2BUa3mcZo0cGeuaTYs6xg%2BvCSF95PYMQoJP%2FX1llCR64TZ3cgyHAvjNNH6%2BCICua7u39eP57Jshdjxe5WZAG9oy2d6oZxgQ1"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6b99313c8cb7691c-FRA
fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame
0
0
Preflight
General
Full URL
https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=dytj8Zl0tXGVRJ1e2VfN&id=79650
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-auth-provider
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.24
cache-control
no-cache, private
access-control-allow-methods
POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers
Content-Type, X-Auth-Token, Origin, Authorization, *
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVSwIRyOsuTTO8XtrIu6gReb%2FdOVlDokPsefZAHdzOpWc5VJT0%2BD6qkN6HMs5c%2FB0g3LQHKfuC4nucIR1K6vDZoW%2F6%2FN7zaZ2dzjSvyQxQGM6%2FkSLcL8pgUawVAFKgyjjM87Kdpn1twNcbs9"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b99313a692b691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
beacon-v2.helpscout.net/ Frame DE4C
293 B
619 B
Script
General
Full URL
https://beacon-v2.helpscout.net/
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79645/1pRJ3JmNn0gEPIi1nIoY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e43cc1d04dd927b53e589be9261549e529ad72cb5c14241bad2c7a234345d7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:09:38 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 11:53:15 GMT
server
AmazonS3
age
112
etag
"6f853bef4da88a5c8d02f79526bf5bdb"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=120, s-maxage=120, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
243
x-amz-cf-id
352tgCPaKWpMGG1r0vbQ05YDfWgQ2KgaD-6Q_YKWjLd-iLANDs9h6Q==
logger
www.paypal.com/xoplatform/logger/api/ Frame DB7D
815 B
2 KB
XHR
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AcJ2Wq5bO3MhX4oAX6e-bZT_OkDv0Hap47V_3oVOt0BNhtfZ_ez90HznmD-b1RDZLWVEYbdbofM3k58s&vault=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
84d62b519d048a9b094ad6ba3d5632ebc193ed4b1725fca7e4322668b068a3a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://posting4profitnow.groovesell.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type
application/json

Response headers

x-edgeconnect-origin-mex-latency
47
date
Mon, 06 Dec 2021 23:11:16 GMT
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
149
etag
W/"32f-tkt2ecGux3BcSxrnf9Sy+kEcfS0"
strict-transport-security
max-age=63072000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://posting4profitnow.groovesell.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
paypal-debug-id
a658779682c0b
dc
ccg11-origin-www-1.paypal.com
content-length
815
logger
www.paypal.com/xoplatform/logger/api/ Frame
0
0
Preflight
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://posting4profitnow.groovesell.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://posting4profitnow.groovesell.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
adb4ac71c40af
x-content-type-options
nosniff
dc
ccg11-origin-www-1.paypal.com
content-length
0
x-edgeconnect-midmile-rtt
150
x-edgeconnect-origin-mex-latency
26
date
Mon, 06 Dec 2021 23:11:15 GMT
strict-transport-security
max-age=63072000
/
beacon-v2.helpscout.net/ Frame 5E6E
293 B
621 B
Script
General
Full URL
https://beacon-v2.helpscout.net/
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79651/jZ9IfBVyFOKNxl9jU54M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e43cc1d04dd927b53e589be9261549e529ad72cb5c14241bad2c7a234345d7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:09:38 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 11:53:15 GMT
server
AmazonS3
age
112
etag
"6f853bef4da88a5c8d02f79526bf5bdb"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=120, s-maxage=120, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
243
x-amz-cf-id
xDVsy1Kzkjv3MJQsmsk2YBKUbrudkT11DynQWkC9F9y8z6CF-wzGsA==
matomo.php
matomo.groovetech.io/ Frame 2A80
43 B
217 B
Image
General
Full URL
https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=005259&h=23&m=11&s=15&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79654%2FjGx72GODkUqq1ZyTrN49&urlref=https%3A%2F%2Fposting4profitnow.com%2F&_id=5c726a7a17b5f557&_idts=1638832276&_idvc=1&_idn=1&_refts=1638832276&_viewts=1638832276&_ref=https%3A%2F%2Fposting4profitnow.com%2F&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=197&pv_id=WnyidH
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 Laval, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 / PHP/7.4.16
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
no-store
server
nginx/1.19.2
x-powered-by
PHP/7.4.16
content-length
43
content-type
image/gif
/
beacon-v2.helpscout.net/ Frame 3123
293 B
621 B
Script
General
Full URL
https://beacon-v2.helpscout.net/
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79650/dytj8Zl0tXGVRJ1e2VfN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e43cc1d04dd927b53e589be9261549e529ad72cb5c14241bad2c7a234345d7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:09:38 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 11:53:15 GMT
server
AmazonS3
age
112
etag
"6f853bef4da88a5c8d02f79526bf5bdb"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=120, s-maxage=120, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
243
x-amz-cf-id
03VVQUz4lWveVPBw3UozvhBETC2MAipQlrGZTj3Ih_blfMvL1r1SIw==
matomo.php
matomo.groovetech.io/ Frame 3123
43 B
217 B
Image
General
Full URL
https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=643522&h=23&m=11&s=15&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79650%2Fdytj8Zl0tXGVRJ1e2VfN&urlref=https%3A%2F%2Fposting4profitnow.com%2F&_id=d25de31503f3750f&_idts=1638832276&_idvc=1&_idn=1&_refts=1638832276&_viewts=1638832276&_ref=https%3A%2F%2Fposting4profitnow.com%2F&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=189&pv_id=YAmZoX
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 Laval, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 / PHP/7.4.16
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
no-store
server
nginx/1.19.2
x-powered-by
PHP/7.4.16
content-length
43
content-type
image/gif
matomo.php
matomo.groovetech.io/ Frame DE4C
43 B
217 B
Image
General
Full URL
https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=669899&h=23&m=11&s=15&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79645%2F1pRJ3JmNn0gEPIi1nIoY&urlref=https%3A%2F%2Fposting4profitnow.com%2F&_id=efe11913c50f7027&_idts=1638832276&_idvc=1&_idn=1&_refts=1638832276&_viewts=1638832276&_ref=https%3A%2F%2Fposting4profitnow.com%2F&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=193&pv_id=sLxoTR
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 Laval, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 / PHP/7.4.16
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
no-store
server
nginx/1.19.2
x-powered-by
PHP/7.4.16
content-length
43
content-type
image/gif
matomo.php
matomo.groovetech.io/ Frame 5E6E
43 B
217 B
Image
General
Full URL
https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=621666&h=23&m=11&s=15&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79651%2FjZ9IfBVyFOKNxl9jU54M&urlref=https%3A%2F%2Fposting4profitnow.com%2F&_id=4adb19cc828f0aee&_idts=1638832276&_idvc=1&_idn=1&_refts=1638832276&_viewts=1638832276&_ref=https%3A%2F%2Fposting4profitnow.com%2F&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=197&pv_id=Rimxs7
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 Laval, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 / PHP/7.4.16
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
no-store
server
nginx/1.19.2
x-powered-by
PHP/7.4.16
content-length
43
content-type
image/gif
/
s.ad.smaato.net/c/ Frame A05F
0
241 B
Image
General
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-1_F-wPDDaHmphzx3-EDPscMMJ2wyYYEiEJmuhw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:6200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
via
1.1 84f381696dd33e92960b92250106e465.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
WsnZeA7tnvS7QXPcAM2DOdINkJELV3pm1BYLJoVA3EURvGS3RKIs0w==
x-cache
FunctionGeneratedResponse from cloudfront
397596.gif
idsync.rlcdn.com/ Frame A05F
Redirect Chain
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397596.gif?partner_uid=NbE6oXP6ueaWUIf2wzhyc_wdpFwqMk8U
42 B
417 B
Image
General
Full URL
https://idsync.rlcdn.com/397596.gif?partner_uid=NbE6oXP6ueaWUIf2wzhyc_wdpFwqMk8U
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 23:11:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/397596.gif?partner_uid=NbE6oXP6ueaWUIf2wzhyc_wdpFwqMk8U
strict-transport-security
max-age=31536000
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2733
date
Mon, 06 Dec 2021 23:11:15 GMT
content-length
197
content-type
text/html; charset=utf-8
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame A05F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay04M1Vmd3ZERGFIbXBoengzLUVEUHNjTU1KMnc4ci1rNVRFc2NpQQ
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
341 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
content-type
image/gif
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
225025
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
partner.mediawallahscript.com/ Frame A05F
Redirect Chain
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&custom=&tag_format=img&tag_action=sync&custom=&cb=39119344-2bd5-4ed0-a5f8-964418d...
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=39119344-2bd5-4ed...
0
638 B
Image
General
Full URL
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=39119344-2bd5-4ed0-a5f8-964418dc5aa6&final=true&reqid=cff1ecf0-56e9-11ec-8a42-672da2a98bfa&timestamp=2021-12-06T23%3A11%3A15.775Z
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Server
34.255.54.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-54-140.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:15 GMT
Cache-Control
private, no-cache, must-revalidate, no-store, max-age=0
Server
nginx/1.18.0
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 06 Dec 2021 23:11:15 GMT
Server
nginx/1.18.0
Vary
Accept, Accept-Encoding
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/?account_id=1043&partner_id=1048&uid=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=39119344-2bd5-4ed0-a5f8-964418dc5aa6&final=true&reqid=cff1ecf0-56e9-11ec-8a42-672da2a98bfa&timestamp=2021-12-06T23%3A11%3A15.775Z
Cache-Control
private, no-cache, must-revalidate, no-store, max-age=0
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
294
Expires
Sat, 26 Jul 1997 05:00:00 GMT
m
cm.mgid.com/ Frame A05F
Redirect Chain
  • https://cm.mgid.com/m?cdsp=617660&c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA
  • https://cm.mgid.com/m?c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&cdsp=617660&sct=1
43 B
500 B
Image
General
Full URL
https://cm.mgid.com/m?c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&cdsp=617660&sct=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b99313c4e8672f7-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://cm.mgid.com/m?c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&cdsp=617660&sct=1
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b99313b0b334eb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
v1
ads.yahoo.com/cms/ Frame A05F
0
297 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
spp.pl
sp.analytics.yahoo.com/ Frame A05F
43 B
373 B
Image
General
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Mon, 06 Dec 2021 23:11:15 GMT
sync
ups.analytics.yahoo.com/ups/58301/ Frame A05F
0
479 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-s4gknvDDaHmphzx3-EDPscMMJ2we1vEQvPpf9g
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
sync-criteo.ads.yieldmo.com/ Frame A05F
43 B
220 B
Image
General
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-ZDxPAfDDaHmphzx3-EDPscMMJ2xHJbis2zHNJA&pn_id=criteo&ext=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.31.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-31-25.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
cookie-sync
sync.outbrain.com/ Frame A05F
0
476 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-MyAaIvDDaHmphzx3-EDPscMMJ2yl2n2-9z8SXg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:15 GMT
Cache-Control
no-cache
X-TraceId
e66bf58399d04eca9c36c9e63a41a7c4
Content-Length
0
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame A05F
Redirect Chain
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-b4tNw_DDaHmphzx3-EDPscMMJ2yshooaA3SwaQ
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-b4tNw_DDaHmphzx3-EDPscMMJ2yshooaA3SwaQ&cookieRequired=true
0
132 B
Image
General
Full URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-b4tNw_DDaHmphzx3-EDPscMMJ2yshooaA3SwaQ&cookieRequired=true
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
188.65.124.38 L'Haÿ-les-Roses, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
icscale-01-pub-ix7.vip.dailymotion.com
Software
nginx/1.19.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-dm-lb-name
icscale-01-01.adm.ix7.dailymotion.com
date
Mon, 06 Dec 2021 23:11:15 GMT
server
nginx/1.19.3
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains

Redirect headers

location
/dspreply?dspId=1521&dspUserId=k-b4tNw_DDaHmphzx3-EDPscMMJ2yshooaA3SwaQ&cookieRequired=true
date
Mon, 06 Dec 2021 23:11:15 GMT
server
nginx/1.19.3
content-length
135
strict-transport-security
max-age=15724800; includeSubDomains
x-dm-lb-name
icscale-01-01.adm.ix7.dailymotion.com
content-type
text/html; charset=utf-8
t.gif
cw.addthis.com/ Frame A05F
0
425 B
Image
General
Full URL
https://cw.addthis.com/t.gif?pid=113&pdid=k-MaK92PDDaHmphzx3-EDPscMMJ2wfS8bpL2vAnw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 06 Dec 2021 23:11:15 GMT
tap.php
pixel.rubiconproject.com/ Frame A05F
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-MaK92PDDaHmphzx3-EDPscMMJ2wfS8bpL2vAnw&expires=30
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
Content-Type
image/gif
sd
us-u.openx.net/w/1.0/ Frame A05F
43 B
275 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072953&val=k-Sjd-tvDDaHmphzx3-EDPscMMJ2zUXoalqpBNnQ&c=us
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
via
1.1 google
server
OXGW/16.221.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
setuid
secure.adnxs.com/ Frame A05F
43 B
1019 B
Image
General
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k-VRW-4fDDaHmphzx3-EDPscMMJ2wXn8SENDwQAg&seg=95287
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:15 GMT
X-Proxy-Origin
194.36.108.22; 194.36.108.22; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
153185de-c547-4f01-baa5-94a42a177f1d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A05F
42 B
112 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-1mDbNPDDaHmphzx3-EDPscMMJ2xnYZ2tUWMu2Q
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:428
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
xuid
eb2.3lift.com/ Frame A05F
37 B
353 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-IHfF0vDDaHmphzx3-EDPscMMJ2ze6_ZoSbLTNA&dongle=013b
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cksync.php
contextual.media.net/ Frame A05F
45 B
797 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-2781gPDDaHmphzx3-EDPscMMJ2yTRW9SU8GsvQ
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 06 Dec 2021 23:11:15 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 06 Dec 2021 23:11:15 GMT
rum
r.casalemedia.com/ Frame A05F
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA&C=1
43 B
1 KB
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA&C=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 06 Dec 2021 23:11:15 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
296
Expires
Mon, 06 Dec 2021 23:11:15 GMT
sync
ups.analytics.yahoo.com/ups/55945/ Frame A05F
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=k-jQZY_vDDaHmphzx3-EDPscMMJ2wAn0deCThEpw&_origin=1
  • https://pixel.advertising.com/ups/55945/sync?uid=k-jQZY_vDDaHmphzx3-EDPscMMJ2wAn0deCThEpw&_origin=1&verify=true
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-jQZY_vDDaHmphzx3-EDPscMMJ2wAn0deCThEpw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
0
20 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-jQZY_vDDaHmphzx3-EDPscMMJ2wAn0deCThEpw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-jQZY_vDDaHmphzx3-EDPscMMJ2wAn0deCThEpw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
date
Mon, 06 Dec 2021 23:11:15 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame A05F
43 B
220 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-cTtojPDDaHmphzx3-EDPscMMJ2xC6o945sFeXA&expires=30&user_group=5
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.209.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-209-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pixel_sync
trends.revcontent.com/cm/ Frame A05F
35 B
215 B
Image
General
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-ximRpPDDaHmphzx3-EDPscMMJ2yqfBRefEaVPA
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.164.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-164-0.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
x-powered-by
Express
content-length
35
content-type
image/gif
sync.htm
ade.clmbtech.com/uid/ Frame A05F
68 B
263 B
Image
General
Full URL
https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-m0sGV_DDaHmphzx3-EDPscMMJ2zS_IvAIdj-kA
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
x-content-type-options
nosniff
server
Bhoot
date
Mon, 06 Dec 2021 23:11:16 GMT
x-frame-options
sameorigin
content-type
image/jpeg
content-disposition
inline;filename=f.txt
content-length
68
x-xss-protection
1; mode=block
um
criteo-sync.teads.tv/ Frame A05F
23 B
172 B
Image
General
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-PxhGcvDDaHmphzx3-EDPscMMJ2yU-nosYjGWrw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 06 Dec 2021 23:11:15 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame A05F
0
228 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-gmu0NvDDaHmphzx3-EDPscMMJ2y82y_vOrWrEg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
8222
/
rtb-csync.smartadserver.com/redir/ Frame A05F
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-GmimnvDDaHmphzx3-EDPscMMJ2x0do6uErv3aw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
transfer-encoding
chunked
content-type
image/gif
fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame 19F2
2 KB
1 KB
XHR
General
Full URL
https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=Tot2pgPvI8YiKGUNLHCb&id=79652
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
4a80ca7e45929459010d4813ace7e0fb724a44f739e7d9f615057bea9f0573b1

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.groove.cm/
x-auth-provider
auth0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.24
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
598
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNNR6vSK9GEeIjErtNakeJ4J68Dl7C%2BmiZ2AJb3oMDPse7O1YmV5W%2BjhYAEJmxd0TBfYbPk4ujxxcUQGKIPW3B5D9GNtomcMz9VKMW5aOBmXMT%2BT3u7DagbrEI1lnDop1f7WNorWqGUNIY%2FT"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6b99313bcb70691c-FRA
fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame
0
0
Preflight
General
Full URL
https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=Tot2pgPvI8YiKGUNLHCb&id=79652
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-auth-provider
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.24
cache-control
no-cache, private
access-control-allow-methods
POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers
Content-Type, X-Auth-Token, Origin, Authorization, *
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I45oN4FZWgkqECpRDWOHBQsW3M6OrqT0uLuum8SqldpDLFqQY4rQ9qpSztWpuU6pXG8SVrFoCRaD%2FEBpBhDJmleHuhhiQRrv5rmEwO5qIWYTrXMLnF2KTLsnazVel0xGqfLdQ9qQggjoli4S"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b99313ad9dd691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
397596.gif
idsync.rlcdn.com/ Frame 15DC
Redirect Chain
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397596.gif?partner_uid=6VvJFZpoEZUiM7AuQu8JLSLzHZFKIHIx
42 B
287 B
Image
General
Full URL
https://idsync.rlcdn.com/397596.gif?partner_uid=6VvJFZpoEZUiM7AuQu8JLSLzHZFKIHIx
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 23:11:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/397596.gif?partner_uid=6VvJFZpoEZUiM7AuQu8JLSLzHZFKIHIx
strict-transport-security
max-age=31536000
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3257
date
Mon, 06 Dec 2021 23:11:15 GMT
content-length
197
content-type
text/html; charset=utf-8
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 15DC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay04M1Vmd3ZERGFIbXBoengzLUVEUHNjTU1KMnc4ci1rNVRFc2NpQQ
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
341 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
content-type
image/gif
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
250265
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/ Frame 15DC
Redirect Chain
  • https://cm.mgid.com/m?cdsp=617660&c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA
  • https://cm.mgid.com/m?c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&cdsp=617660&sct=1
43 B
464 B
Image
General
Full URL
https://cm.mgid.com/m?c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&cdsp=617660&sct=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b99313c4e8272f7-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://cm.mgid.com/m?c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&cdsp=617660&sct=1
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b99313b0b354eb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
v1
ads.yahoo.com/cms/ Frame 15DC
0
19 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
spp.pl
sp.analytics.yahoo.com/ Frame 15DC
43 B
79 B
Image
General
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Mon, 06 Dec 2021 23:11:15 GMT
sync
ups.analytics.yahoo.com/ups/58301/ Frame 15DC
0
18 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-s4gknvDDaHmphzx3-EDPscMMJ2we1vEQvPpf9g
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie-sync
sync.outbrain.com/ Frame 15DC
0
476 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-MyAaIvDDaHmphzx3-EDPscMMJ2yl2n2-9z8SXg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:15 GMT
Cache-Control
no-cache
X-TraceId
8bab8c4f8ca01fe648f6eb973c3399d9
Content-Length
0
t.gif
cw.addthis.com/ Frame 15DC
0
426 B
Image
General
Full URL
https://cw.addthis.com/t.gif?pid=113&pdid=k-MaK92PDDaHmphzx3-EDPscMMJ2wfS8bpL2vAnw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 06 Dec 2021 23:11:15 GMT
tap.php
pixel.rubiconproject.com/ Frame 15DC
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-MaK92PDDaHmphzx3-EDPscMMJ2wfS8bpL2vAnw&expires=30
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Content-Type
image/gif
bounce
secure.adnxs.com/ Frame 15DC
Redirect Chain
  • https://secure.adnxs.com/setuid?entity=52&code=k-VRW-4fDDaHmphzx3-EDPscMMJ2wXn8SENDwQAg&seg=95287
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-VRW-4fDDaHmphzx3-EDPscMMJ2wXn8SENDwQAg%26seg%3D95287
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-VRW-4fDDaHmphzx3-EDPscMMJ2wXn8SENDwQAg%26seg%3D95287
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:15 GMT
X-Proxy-Origin
194.36.108.22; 194.36.108.22; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2478b6e3-bcf0-46ec-8889-949136ad9ca6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:15 GMT
X-Proxy-Origin
194.36.108.22; 194.36.108.22; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
00d72283-e046-473a-bb82-9fff427c5b65
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-VRW-4fDDaHmphzx3-EDPscMMJ2wXn8SENDwQAg%26seg%3D95287
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 15DC
42 B
675 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-1mDbNPDDaHmphzx3-EDPscMMJ2xnYZ2tUWMu2Q
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:424
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
xuid
eb2.3lift.com/ Frame 15DC
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-IHfF0vDDaHmphzx3-EDPscMMJ2ze6_ZoSbLTNA&dongle=013b
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-IHfF0vDDaHmphzx3-EDPscMMJ2ze6_ZoSbLTNA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
37 B
353 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-IHfF0vDDaHmphzx3-EDPscMMJ2ze6_ZoSbLTNA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=2711&xuid=k-IHfF0vDDaHmphzx3-EDPscMMJ2ze6_ZoSbLTNA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cksync.php
contextual.media.net/ Frame 15DC
45 B
797 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-2781gPDDaHmphzx3-EDPscMMJ2yTRW9SU8GsvQ
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 06 Dec 2021 23:11:15 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 06 Dec 2021 23:11:15 GMT
rum
r.casalemedia.com/ Frame 15DC
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA&C=1
43 B
1 KB
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA&C=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 06 Dec 2021 23:11:15 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
296
Expires
Mon, 06 Dec 2021 23:11:15 GMT
sync
x.bidswitch.net/ Frame 15DC
43 B
220 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-cTtojPDDaHmphzx3-EDPscMMJ2xC6o945sFeXA&expires=30&user_group=5
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.209.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-209-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pixel_sync
trends.revcontent.com/cm/ Frame 15DC
35 B
335 B
Image
General
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-ximRpPDDaHmphzx3-EDPscMMJ2yqfBRefEaVPA
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.164.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-164-0.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
x-powered-by
Express
content-length
35
content-type
image/gif
um
criteo-sync.teads.tv/ Frame 15DC
23 B
172 B
Image
General
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-PxhGcvDDaHmphzx3-EDPscMMJ2yU-nosYjGWrw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 06 Dec 2021 23:11:15 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 15DC
0
230 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-gmu0NvDDaHmphzx3-EDPscMMJ2y82y_vOrWrEg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
8222
/
rtb-csync.smartadserver.com/redir/ Frame 15DC
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-GmimnvDDaHmphzx3-EDPscMMJ2x0do6uErv3aw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
transfer-encoding
chunked
content-type
image/gif
sync
sync-criteo.ads.yieldmo.com/ Frame 15DC
43 B
219 B
Image
General
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-ZDxPAfDDaHmphzx3-EDPscMMJ2xHJbis2zHNJA&pn_id=criteo&ext=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.31.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-31-25.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
sync.htm
ade.clmbtech.com/uid/ Frame 15DC
68 B
263 B
Image
General
Full URL
https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-m0sGV_DDaHmphzx3-EDPscMMJ2zS_IvAIdj-kA
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
x-content-type-options
nosniff
server
Bhoot
date
Mon, 06 Dec 2021 23:11:16 GMT
x-frame-options
sameorigin
content-type
image/jpeg
content-disposition
inline;filename=f.txt
content-length
68
x-xss-protection
1; mode=block
/
partner.mediawallahscript.com/ Frame 15DC
0
638 B
Image
General
Full URL
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&custom=&tag_format=img&tag_action=sync&custom=&cb=05b5acb6-3aac-4f4d-8563-70ce5523008b
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.54.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-54-140.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:15 GMT
Cache-Control
private, no-cache, must-revalidate, no-store, max-age=0
Server
nginx/1.18.0
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 15DC
68 B
262 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-J63fqvDDaHmphzx3-EDPscMMJ2zX0u7MvcpDRw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.150.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-150-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
content-length
68
content-type
image/png
match
ad.360yield.com/ul_cb/ Frame 15DC
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jvwCv_DDaHmphzx3-EDPscMMJ2wh8Yutyt5n_g
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jvwCv_DDaHmphzx3-EDPscMMJ2wh8Yutyt5n_g
43 B
447 B
Image
General
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jvwCv_DDaHmphzx3-EDPscMMJ2wh8Yutyt5n_g
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
52.211.218.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-218-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 23:11:16 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jvwCv_DDaHmphzx3-EDPscMMJ2wh8Yutyt5n_g
date
Mon, 06 Dec 2021 23:11:15 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
28292
i6.liadm.com/s/ Frame 15DC
Redirect Chain
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg&_li_chk=true&previous_uuid=63111467f40f4fec99df663a2742efd3
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
43 B
447 B
Image
General
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Server
2600:1f18:444a:4602:b51a:2bef:14:5241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:16 GMT
Cache-Control
no-store
Connection
keep-alive
trace-id
3f88b617ba2502d8
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
Date
Mon, 06 Dec 2021 23:11:16 GMT
Connection
keep-alive
trace-id
ad54a842ae0d61f5
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
1017
jadserve.postrelease.com/suid/ Frame 15DC
43 B
426 B
Image
General
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-mdt8BfDDaHmphzx3-EDPscMMJ2yYODucgoTCLQ
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55945/ Frame 15DC
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
0
20 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
date
Mon, 06 Dec 2021 23:11:15 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
criteo-partners.tremorhub.com/ Frame 15DC
43 B
183 B
Image
General
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-OR0G-PDDaHmphzx3-EDPscMMJ2xq_SEGmgooYg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:7de5:38a9:e1be:23d8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
empty.gif
cdn.stickyadstv.com/one-shot/ Frame 15DC
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-C04Ac_DDaHmphzx3-EDPscMMJ2zZ3wr9oHvjxw&redirectId=69
  • https://cdn.stickyadstv.com/one-shot/empty.gif?
43 B
438 B
Image
General
Full URL
https://cdn.stickyadstv.com/one-shot/empty.gif?
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:16 GMT
Last-Modified
Thu, 28 Feb 2013 15:45:35 GMT
ETag
"1362066335"
X-HW
1638832276.dop237.fr8.t,1638832276.cds126.fr8.shn,1638832276.cds126.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
43

Redirect headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:16 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1638832275824082-400
Expires
Mon, 06 Dec 2021 23:11:16 GMT
397596.gif
idsync.rlcdn.com/ Frame 2BC1
Redirect Chain
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397596.gif?partner_uid=RFShoctgniEiYTfHS3TS32xEPXL1qpfU
42 B
287 B
Image
General
Full URL
https://idsync.rlcdn.com/397596.gif?partner_uid=RFShoctgniEiYTfHS3TS32xEPXL1qpfU
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 23:11:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/397596.gif?partner_uid=RFShoctgniEiYTfHS3TS32xEPXL1qpfU
strict-transport-security
max-age=31536000
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2591
date
Mon, 06 Dec 2021 23:11:15 GMT
content-length
197
content-type
text/html; charset=utf-8
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 2BC1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay04M1Vmd3ZERGFIbXBoengzLUVEUHNjTU1KMnc4ci1rNVRFc2NpQQ
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
341 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
content-type
image/gif
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
171031
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/ Frame 2BC1
Redirect Chain
  • https://cm.mgid.com/m?cdsp=617660&c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA
  • https://cm.mgid.com/m?c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&cdsp=617660&sct=1
43 B
464 B
Image
General
Full URL
https://cm.mgid.com/m?c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&cdsp=617660&sct=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b99313c4e8572f7-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://cm.mgid.com/m?c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&cdsp=617660&sct=1
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b99313b0b374eb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
v1
ads.yahoo.com/cms/ Frame 2BC1
0
19 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
spp.pl
sp.analytics.yahoo.com/ Frame 2BC1
43 B
79 B
Image
General
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Mon, 06 Dec 2021 23:11:15 GMT
sync
ups.analytics.yahoo.com/ups/58301/ Frame 2BC1
0
18 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-s4gknvDDaHmphzx3-EDPscMMJ2we1vEQvPpf9g
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie-sync
sync.outbrain.com/ Frame 2BC1
0
476 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-MyAaIvDDaHmphzx3-EDPscMMJ2yl2n2-9z8SXg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:15 GMT
Cache-Control
no-cache
X-TraceId
4eafbfbee94788e97cc84f21239d56de
Content-Length
0
t.gif
cw.addthis.com/ Frame 2BC1
0
424 B
Image
General
Full URL
https://cw.addthis.com/t.gif?pid=113&pdid=k-MaK92PDDaHmphzx3-EDPscMMJ2wfS8bpL2vAnw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 06 Dec 2021 23:11:15 GMT
bounce
secure.adnxs.com/ Frame 2BC1
Redirect Chain
  • https://secure.adnxs.com/setuid?entity=52&code=k-VRW-4fDDaHmphzx3-EDPscMMJ2wXn8SENDwQAg&seg=95287
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-VRW-4fDDaHmphzx3-EDPscMMJ2wXn8SENDwQAg%26seg%3D95287
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-VRW-4fDDaHmphzx3-EDPscMMJ2wXn8SENDwQAg%26seg%3D95287
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:15 GMT
X-Proxy-Origin
194.36.108.22; 194.36.108.22; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
29b6b221-919a-4d7e-a721-7e83727f9dc1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:15 GMT
X-Proxy-Origin
194.36.108.22; 194.36.108.22; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
488af988-a8e3-4c91-8cdb-63435ef6db9f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-VRW-4fDDaHmphzx3-EDPscMMJ2wXn8SENDwQAg%26seg%3D95287
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2BC1
42 B
113 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-1mDbNPDDaHmphzx3-EDPscMMJ2xnYZ2tUWMu2Q
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:447
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
xuid
eb2.3lift.com/ Frame 2BC1
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-IHfF0vDDaHmphzx3-EDPscMMJ2ze6_ZoSbLTNA&dongle=013b
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-IHfF0vDDaHmphzx3-EDPscMMJ2ze6_ZoSbLTNA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
37 B
353 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-IHfF0vDDaHmphzx3-EDPscMMJ2ze6_ZoSbLTNA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=2711&xuid=k-IHfF0vDDaHmphzx3-EDPscMMJ2ze6_ZoSbLTNA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cksync.php
contextual.media.net/ Frame 2BC1
45 B
797 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-2781gPDDaHmphzx3-EDPscMMJ2yTRW9SU8GsvQ
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 06 Dec 2021 23:11:15 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 06 Dec 2021 23:11:15 GMT
rum
r.casalemedia.com/ Frame 2BC1
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA&C=1
43 B
1 KB
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA&C=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 06 Dec 2021 23:11:15 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
296
Expires
Mon, 06 Dec 2021 23:11:15 GMT
/
s.ad.smaato.net/c/ Frame 2BC1
0
241 B
Image
General
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-1_F-wPDDaHmphzx3-EDPscMMJ2wyYYEiEJmuhw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:6200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
via
1.1 84f381696dd33e92960b92250106e465.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
gGwW2mp32uRJM8jzQGMkD6akHbfMW81QAWS-9C4XRXPADa3voz2jXA==
x-cache
FunctionGeneratedResponse from cloudfront
sync
x.bidswitch.net/ul_cb/ Frame 2BC1
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-cTtojPDDaHmphzx3-EDPscMMJ2xC6o945sFeXA&expires=30&user_group=5
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-cTtojPDDaHmphzx3-EDPscMMJ2xC6o945sFeXA&expires=30&user_group=5
43 B
495 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-cTtojPDDaHmphzx3-EDPscMMJ2xC6o945sFeXA&expires=30&user_group=5
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Server
3.127.209.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-209-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-cTtojPDDaHmphzx3-EDPscMMJ2xC6o945sFeXA&expires=30&user_group=5
Date
Mon, 06 Dec 2021 23:11:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel_sync
trends.revcontent.com/cm/ Frame 2BC1
35 B
337 B
Image
General
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-ximRpPDDaHmphzx3-EDPscMMJ2yqfBRefEaVPA
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.164.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-164-0.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
x-powered-by
Express
content-length
35
content-type
image/gif
um
criteo-sync.teads.tv/ Frame 2BC1
23 B
172 B
Image
General
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-PxhGcvDDaHmphzx3-EDPscMMJ2yU-nosYjGWrw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 06 Dec 2021 23:11:15 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 2BC1
0
229 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-gmu0NvDDaHmphzx3-EDPscMMJ2y82y_vOrWrEg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
8222
/
rtb-csync.smartadserver.com/redir/ Frame 2BC1
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-GmimnvDDaHmphzx3-EDPscMMJ2x0do6uErv3aw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
transfer-encoding
chunked
content-type
image/gif
v1
match.sharethrough.com/sync/ Frame 2BC1
68 B
262 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-J63fqvDDaHmphzx3-EDPscMMJ2zX0u7MvcpDRw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.150.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-150-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
content-length
68
content-type
image/png
match
ad.360yield.com/ul_cb/ Frame 2BC1
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jvwCv_DDaHmphzx3-EDPscMMJ2wh8Yutyt5n_g
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jvwCv_DDaHmphzx3-EDPscMMJ2wh8Yutyt5n_g
43 B
446 B
Image
General
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jvwCv_DDaHmphzx3-EDPscMMJ2wh8Yutyt5n_g
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
52.211.218.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-218-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 23:11:16 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jvwCv_DDaHmphzx3-EDPscMMJ2wh8Yutyt5n_g
date
Mon, 06 Dec 2021 23:11:15 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
28292
i6.liadm.com/s/ Frame 2BC1
Redirect Chain
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg&_li_chk=true&previous_uuid=2e9c8545b66f4139a04b5b1e1eab31f1
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
43 B
447 B
Image
General
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Server
2600:1f18:444a:4602:b51a:2bef:14:5241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:16 GMT
Cache-Control
no-store
Connection
keep-alive
trace-id
2278cf9a77323ca1
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
Date
Mon, 06 Dec 2021 23:11:15 GMT
Connection
keep-alive
trace-id
cdbaf5e2ffcab882
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
1017
jadserve.postrelease.com/suid/ Frame 2BC1
43 B
426 B
Image
General
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-mdt8BfDDaHmphzx3-EDPscMMJ2yYODucgoTCLQ
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55945/ Frame 2BC1
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
0
612 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
date
Mon, 06 Dec 2021 23:11:15 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
criteo-partners.tremorhub.com/ Frame 2BC1
43 B
182 B
Image
General
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-OR0G-PDDaHmphzx3-EDPscMMJ2xq_SEGmgooYg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:7de5:38a9:e1be:23d8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
empty.gif
cdn.stickyadstv.com/one-shot/ Frame 2BC1
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-C04Ac_DDaHmphzx3-EDPscMMJ2zZ3wr9oHvjxw&redirectId=69
  • https://cdn.stickyadstv.com/one-shot/empty.gif?
43 B
438 B
Image
General
Full URL
https://cdn.stickyadstv.com/one-shot/empty.gif?
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:16 GMT
Last-Modified
Thu, 28 Feb 2013 15:45:35 GMT
ETag
"1362066335"
X-HW
1638832276.dop237.fr8.t,1638832276.cds126.fr8.shn,1638832276.cds126.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
43

Redirect headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:16 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1638832275918045-383
Expires
Mon, 06 Dec 2021 23:11:16 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 2BC1
43 B
219 B
Image
General
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-ZDxPAfDDaHmphzx3-EDPscMMJ2xHJbis2zHNJA&pn_id=criteo&ext=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.31.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-31-25.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
/
partner.mediawallahscript.com/ Frame 2BC1
0
638 B
Image
General
Full URL
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&custom=&tag_format=img&tag_action=sync&custom=&cb=05378b59-4d13-4578-9e94-f601f2fd526a
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.54.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-54-140.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:15 GMT
Cache-Control
private, no-cache, must-revalidate, no-store, max-age=0
Server
nginx/1.18.0
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires
Sat, 26 Jul 1997 05:00:00 GMT
matomo.php
matomo.groovetech.io/ Frame 19F2
43 B
217 B
Image
General
Full URL
https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=369895&h=23&m=11&s=15&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79652%2FTot2pgPvI8YiKGUNLHCb&urlref=https%3A%2F%2Fposting4profitnow.com%2F&_id=422cbbf17902798e&_idts=1638832276&_idvc=1&_idn=1&_refts=1638832276&_viewts=1638832276&_ref=https%3A%2F%2Fposting4profitnow.com%2F&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=198&pv_id=BkiI4y
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 Laval, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 / PHP/7.4.16
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
no-store
server
nginx/1.19.2
x-powered-by
PHP/7.4.16
content-length
43
content-type
image/gif
fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame
0
0
Preflight
General
Full URL
https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=6RU0RcHbRRAQUOkM9eE8&id=79647
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-auth-provider
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.24
cache-control
no-cache, private
access-control-allow-methods
POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers
Content-Type, X-Auth-Token, Origin, Authorization, *
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMz%2BtwdYzA2tvjQ9OaREZg7umnHLN%2F2qLwbssggZ9x011xiD70EjspAlx0hOBvagX%2BlGhoU8nkHqy9F2lNgEWhhkoVMstJHRxhyHX1bOnm2qLiaGs%2B2mT2DuAoBaJCHg7lUmGagMpjPleOU8"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b99313bfbad691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame A047
2 KB
1 KB
XHR
General
Full URL
https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=6RU0RcHbRRAQUOkM9eE8&id=79647
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f108d678.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d90a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
5445b3f775e66a08a1554e0e59e78ec31bac411ec2761b9cf3e992916255a803

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.groove.cm/
x-auth-provider
auth0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.24
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
596
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5A1EZGvnn8jy7GlsapXqqEKKP63SLWm9E25RaDpe6ZK0r88MTyyh2VRjFKEMAKe7Svr4M83srjjkmNkZlCIf3sz3Yg4fFFm%2FZKRAQinXaT%2FCfnTZa17ptf6D%2FIyBX4r6548dmtbKZi1StqH"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6b99313e2f4b691c-FRA
track
www.linkedin.com/li/ Frame E890
0
128 B
Ping
General
Full URL
https://www.linkedin.com/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6862063190298259456?compact=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXSgl+m5jP6r1n4J77irw==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 5652A55AF5EE4F21B52CD332B14EABD5 Ref B: FRAEDGE1214 Ref C: 2021-12-06T23:11:15Z
date
Mon, 06 Dec 2021 23:11:15 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.linkedin.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
x-li-proto
http/2
x-li-fabric
prod-ltx1
expires
Thu, 01 Jan 1970 00:00:00 GMT
matomo.php
matomo.groovetech.io/ Frame A047
43 B
217 B
Image
General
Full URL
https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=887172&h=23&m=11&s=15&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79647%2F6RU0RcHbRRAQUOkM9eE8&urlref=https%3A%2F%2Fposting4profitnow.com%2F&_id=53e21c0b6a93be8c&_idts=1638832276&_idvc=1&_idn=1&_refts=1638832276&_viewts=1638832276&_ref=https%3A%2F%2Fposting4profitnow.com%2F&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=206&pv_id=rqlg2m
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 Laval, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 / PHP/7.4.16
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
no-store
server
nginx/1.19.2
x-powered-by
PHP/7.4.16
content-length
43
content-type
image/gif
vendor.00021bae.js
beacon-v2.helpscout.net/static/js/ Frame DE4C
702 KB
196 KB
Script
General
Full URL
https://beacon-v2.helpscout.net/static/js/vendor.00021bae.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2ef7f9d5e2367c3eab4c00d3176681ce5cb08165c93b923ae1af79dd338ca0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:08:33 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 11:53:15 GMT
server
AmazonS3
age
163
etag
"562f9cf4d7301f22473859322a0284d1"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
199788
x-amz-cf-id
CN6-ZPleinDIbWyM1BxtpU6_7ekuUrEHGWRYjPkCOfLReYDoaFthrg==
main.73fbc42b.js
beacon-v2.helpscout.net/static/js/ Frame DE4C
256 KB
64 KB
Script
General
Full URL
https://beacon-v2.helpscout.net/static/js/main.73fbc42b.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
485c6f41a2d2496161238f7ecdfc07355e14f46798febe3919537c7ef735919a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:10:18 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 11:53:15 GMT
server
AmazonS3
age
64
etag
"f0a424815d531ddbefbe5765d5d2d1c7"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
65368
x-amz-cf-id
1R-VBjsvwkZ2-TH-5DEHBLjwUEs6-gKIE1--JjfRiW1wQUN4-l2FuQ==
vendor.00021bae.js
beacon-v2.helpscout.net/static/js/ Frame 3123
702 KB
196 KB
Script
General
Full URL
https://beacon-v2.helpscout.net/static/js/vendor.00021bae.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2ef7f9d5e2367c3eab4c00d3176681ce5cb08165c93b923ae1af79dd338ca0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:08:33 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 11:53:15 GMT
server
AmazonS3
age
163
etag
"562f9cf4d7301f22473859322a0284d1"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
199788
x-amz-cf-id
r8CrqM8yZKQtQ2LpeFgAIt05scBP4SyXfV4gYr2X986mE0TJDrw8jQ==
main.73fbc42b.js
beacon-v2.helpscout.net/static/js/ Frame 3123
256 KB
64 KB
Script
General
Full URL
https://beacon-v2.helpscout.net/static/js/main.73fbc42b.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
485c6f41a2d2496161238f7ecdfc07355e14f46798febe3919537c7ef735919a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:10:18 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 11:53:15 GMT
server
AmazonS3
age
64
etag
"f0a424815d531ddbefbe5765d5d2d1c7"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
65368
x-amz-cf-id
mS9mJ-rbe5cEAmT2iF-DSEq5jHfOEQf8NXcq1FwdskgcjRkSExeaiA==
vendor.00021bae.js
beacon-v2.helpscout.net/static/js/ Frame 5E6E
702 KB
196 KB
Script
General
Full URL
https://beacon-v2.helpscout.net/static/js/vendor.00021bae.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2ef7f9d5e2367c3eab4c00d3176681ce5cb08165c93b923ae1af79dd338ca0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:08:33 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 11:53:15 GMT
server
AmazonS3
age
163
etag
"562f9cf4d7301f22473859322a0284d1"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
199788
x-amz-cf-id
Wscm4a_e9hRXtlAwvRv5YHCAx6E5TMvpGepaU_Uxbr4vL1yr9xEtZg==
main.73fbc42b.js
beacon-v2.helpscout.net/static/js/ Frame 5E6E
256 KB
64 KB
Script
General
Full URL
https://beacon-v2.helpscout.net/static/js/main.73fbc42b.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
485c6f41a2d2496161238f7ecdfc07355e14f46798febe3919537c7ef735919a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:10:18 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 11:53:15 GMT
server
AmazonS3
age
64
etag
"f0a424815d531ddbefbe5765d5d2d1c7"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
65368
x-amz-cf-id
CKKhYPhjBiLclvT8WC8I-7W1OhDhunUET81bao9XwEAbBXtGS7XdMA==
spp.pl
sp.analytics.yahoo.com/ Frame 2BC1
43 B
79 B
Image
General
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=39872&js=no
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Mon, 06 Dec 2021 23:11:15 GMT
/
beacon-v2.helpscout.net/ Frame 2A80
293 B
619 B
Script
General
Full URL
https://beacon-v2.helpscout.net/
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79654/jGx72GODkUqq1ZyTrN49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e43cc1d04dd927b53e589be9261549e529ad72cb5c14241bad2c7a234345d7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:09:38 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 11:53:15 GMT
server
AmazonS3
age
112
etag
"6f853bef4da88a5c8d02f79526bf5bdb"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=120, s-maxage=120, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
243
x-amz-cf-id
CKdVywf0MP90ZW0yS9N2xaUdkgorU1phbB1hWVAhIovh2xsBfTbSxA==
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame A05F
Redirect Chain
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
43 B
342 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
content-type
image/gif
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1555195
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:16 GMT
X-Proxy-Origin
194.36.108.22; 194.36.108.22; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
bedd4074-2829-4c55-9ef4-55860de2729b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
tags.bluekai.com/site/29001/ Frame A05F
Redirect Chain
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=LLiRQVCTtFWOTIKg_kRKL_2C4AFhwJ-e
62 B
765 B
Image
General
Full URL
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=LLiRQVCTtFWOTIKg_kRKL_2C4AFhwJ-e
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:16 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
c319
Content-Type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=LLiRQVCTtFWOTIKg_kRKL_2C4AFhwJ-e
strict-transport-security
max-age=31536000
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2327
date
Mon, 06 Dec 2021 23:11:15 GMT
content-length
205
content-type
text/html; charset=utf-8
t.gif
cw.addthis.com/ Frame A05F
0
425 B
Image
General
Full URL
https://cw.addthis.com/t.gif?pid=113&pdid=k-4JPUWfDDaHmphzx3-EDPscMMJ2xHAgab-uRrcg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 06 Dec 2021 23:11:15 GMT
397596.gif
idsync.rlcdn.com/ Frame DB6A
Redirect Chain
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397596.gif?partner_uid=WQs2UjqrH5x4GiWd9OQTOAp2a6SIqgGt
42 B
287 B
Image
General
Full URL
https://idsync.rlcdn.com/397596.gif?partner_uid=WQs2UjqrH5x4GiWd9OQTOAp2a6SIqgGt
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 23:11:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/397596.gif?partner_uid=WQs2UjqrH5x4GiWd9OQTOAp2a6SIqgGt
strict-transport-security
max-age=31536000
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2717
date
Mon, 06 Dec 2021 23:11:15 GMT
content-length
197
content-type
text/html; charset=utf-8
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame DB6A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay04M1Vmd3ZERGFIbXBoengzLUVEUHNjTU1KMnc4ci1rNVRFc2NpQQ
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
341 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
content-type
image/gif
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
319635
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/ Frame DB6A
43 B
464 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=617660&c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b99313c4e8f72f7-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
spp.pl
sp.analytics.yahoo.com/ Frame DB6A
43 B
88 B
Image
General
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Mon, 06 Dec 2021 23:11:15 GMT
cookie-sync
sync.outbrain.com/ Frame DB6A
0
476 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-MyAaIvDDaHmphzx3-EDPscMMJ2yl2n2-9z8SXg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:16 GMT
Cache-Control
no-cache
X-TraceId
e43cae97f067edafd35545c1ca5894bb
Content-Length
0
t.gif
cw.addthis.com/ Frame DB6A
0
424 B
Image
General
Full URL
https://cw.addthis.com/t.gif?pid=113&pdid=k-MaK92PDDaHmphzx3-EDPscMMJ2wfS8bpL2vAnw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 06 Dec 2021 23:11:16 GMT
tap.php
pixel.rubiconproject.com/ Frame DB6A
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-MaK92PDDaHmphzx3-EDPscMMJ2wfS8bpL2vAnw&expires=30
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8eb2d9eeed9b9c468975d0ba24565e5b
Content-Type
image/gif
setuid
secure.adnxs.com/ Frame DB6A
43 B
1019 B
Image
General
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k-VRW-4fDDaHmphzx3-EDPscMMJ2wXn8SENDwQAg&seg=95287
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:15 GMT
X-Proxy-Origin
194.36.108.22; 194.36.108.22; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a545c97e-f876-4888-8aec-69b1097b7bd9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DB6A
42 B
113 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-1mDbNPDDaHmphzx3-EDPscMMJ2xnYZ2tUWMu2Q
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:539
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
xuid
eb2.3lift.com/ Frame DB6A
37 B
353 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-IHfF0vDDaHmphzx3-EDPscMMJ2ze6_ZoSbLTNA&dongle=013b
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cksync.php
contextual.media.net/ Frame DB6A
45 B
634 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-2781gPDDaHmphzx3-EDPscMMJ2yTRW9SU8GsvQ
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 06 Dec 2021 23:11:15 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 06 Dec 2021 23:11:15 GMT
rum
r.casalemedia.com/ Frame DB6A
43 B
907 B
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 06 Dec 2021 23:11:15 GMT
sync
x.bidswitch.net/ Frame DB6A
43 B
220 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-cTtojPDDaHmphzx3-EDPscMMJ2xC6o945sFeXA&expires=30&user_group=5
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.209.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-209-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pixel_sync
trends.revcontent.com/cm/ Frame DB6A
35 B
215 B
Image
General
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-ximRpPDDaHmphzx3-EDPscMMJ2yqfBRefEaVPA
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.164.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-164-0.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
x-powered-by
Express
content-length
35
content-type
image/gif
um
criteo-sync.teads.tv/ Frame DB6A
23 B
172 B
Image
General
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-PxhGcvDDaHmphzx3-EDPscMMJ2yU-nosYjGWrw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 06 Dec 2021 23:11:15 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame DB6A
0
228 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-gmu0NvDDaHmphzx3-EDPscMMJ2y82y_vOrWrEg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
8222
/
rtb-csync.smartadserver.com/redir/ Frame DB6A
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-GmimnvDDaHmphzx3-EDPscMMJ2x0do6uErv3aw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
transfer-encoding
chunked
content-type
image/gif
v1
match.sharethrough.com/sync/ Frame DB6A
68 B
261 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-J63fqvDDaHmphzx3-EDPscMMJ2zX0u7MvcpDRw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.150.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-150-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
content-length
68
content-type
image/png
match
ad.360yield.com/ul_cb/ Frame DB6A
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jvwCv_DDaHmphzx3-EDPscMMJ2wh8Yutyt5n_g
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jvwCv_DDaHmphzx3-EDPscMMJ2wh8Yutyt5n_g
43 B
447 B
Image
General
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jvwCv_DDaHmphzx3-EDPscMMJ2wh8Yutyt5n_g
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
52.211.218.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-218-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 23:11:16 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jvwCv_DDaHmphzx3-EDPscMMJ2wh8Yutyt5n_g
date
Mon, 06 Dec 2021 23:11:15 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
28292
i6.liadm.com/s/ Frame DB6A
Redirect Chain
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg&_li_chk=true&previous_uuid=fc507cf909d646538463df56401eefd9
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
43 B
447 B
Image
General
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Server
2600:1f18:444a:4602:b51a:2bef:14:5241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:16 GMT
Cache-Control
no-store
Connection
keep-alive
trace-id
8e4d322f6df3a8d9
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
Date
Mon, 06 Dec 2021 23:11:16 GMT
Connection
keep-alive
trace-id
5c54e89033c18674
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
1017
jadserve.postrelease.com/suid/ Frame DB6A
43 B
427 B
Image
General
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-mdt8BfDDaHmphzx3-EDPscMMJ2yYODucgoTCLQ
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55945/ Frame DB6A
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
0
20 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
date
Mon, 06 Dec 2021 23:11:15 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
criteo-partners.tremorhub.com/ Frame DB6A
43 B
182 B
Image
General
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-OR0G-PDDaHmphzx3-EDPscMMJ2xq_SEGmgooYg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:7de5:38a9:e1be:23d8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
empty.gif
cdn.stickyadstv.com/one-shot/ Frame DB6A
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-C04Ac_DDaHmphzx3-EDPscMMJ2zZ3wr9oHvjxw&redirectId=69
  • https://cdn.stickyadstv.com/one-shot/empty.gif?
43 B
438 B
Image
General
Full URL
https://cdn.stickyadstv.com/one-shot/empty.gif?
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:16 GMT
Last-Modified
Thu, 28 Feb 2013 15:45:35 GMT
ETag
"1362066335"
X-HW
1638832276.dop237.fr8.t,1638832276.cds126.fr8.shn,1638832276.cds126.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
43

Redirect headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:16 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1638832275360073-407
Expires
Mon, 06 Dec 2021 23:11:16 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame DB6A
43 B
219 B
Image
General
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-ZDxPAfDDaHmphzx3-EDPscMMJ2xHJbis2zHNJA&pn_id=criteo&ext=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.31.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-31-25.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
/
partner.mediawallahscript.com/ Frame DB6A
0
638 B
Image
General
Full URL
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&custom=&tag_format=img&tag_action=sync&custom=&cb=01f36c6d-0fbc-4840-b674-3ae6f98c9060
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.54.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-54-140.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:15 GMT
Cache-Control
private, no-cache, must-revalidate, no-store, max-age=0
Server
nginx/1.18.0
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
ads.yahoo.com/cms/ Frame DB6A
0
19 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
sync
ups.analytics.yahoo.com/ups/58301/ Frame DB6A
0
18 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-s4gknvDDaHmphzx3-EDPscMMJ2we1vEQvPpf9g
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
s.ad.smaato.net/c/ Frame DB6A
0
240 B
Image
General
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-1_F-wPDDaHmphzx3-EDPscMMJ2wyYYEiEJmuhw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:6200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
via
1.1 84f381696dd33e92960b92250106e465.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
qPMWAbjB8nTtlSLHkObhnrrVef8hu95N9RabH8OfelLbq28nNNrdZA==
x-cache
FunctionGeneratedResponse from cloudfront
a
www.googletagmanager.com/ Frame 2A80
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-VQKC5VQTH1&cv=1&v=3&t=t&pid=221006700&rv=c10&es=1&e=gtm.load&eid=6&u=AAAAC&ut=C&tc=16&tr=1sdl&ti=1sdl&z=0
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ Frame 2A80
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-VQKC5VQTH1&cv=1&v=3&t=t&pid=221006700&rv=c10&es=1&e=gtm.scrollDepth&eid=7&u=AAAAC&ut=C&tc=16&z=0
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ Frame 2A80
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-VQKC5VQTH1&cv=1&v=3&t=t&pid=221006700&rv=c10&es=1&e=gtm.scrollDepth&eid=9&u=AAAAC&ut=C&tc=16&z=0
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ Frame 2A80
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-VQKC5VQTH1&cv=1&v=3&t=t&pid=221006700&rv=c10&es=1&e=gtm.scrollDepth&eid=11&u=AAAAC&ut=C&tc=16&z=0
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 15DC
Redirect Chain
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
43 B
342 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
content-type
image/gif
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1636589
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:16 GMT
X-Proxy-Origin
194.36.108.22; 194.36.108.22; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
836955dd-26a0-443c-9979-f70f31143542
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame DB6A
Redirect Chain
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
43 B
342 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
content-type
image/gif
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1716540
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:16 GMT
X-Proxy-Origin
194.36.108.22; 194.36.108.22; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
319616da-77b4-43ea-9d50-f41020f63af9
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 2BC1
Redirect Chain
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
43 B
342 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
content-type
image/gif
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1190193
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:16 GMT
X-Proxy-Origin
194.36.108.22; 194.36.108.22; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
03e9387f-235b-40e3-9960-45a534b1b7f6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
beacon-v2.helpscout.net/ Frame 19F2
293 B
621 B
Script
General
Full URL
https://beacon-v2.helpscout.net/
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79652/Tot2pgPvI8YiKGUNLHCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e43cc1d04dd927b53e589be9261549e529ad72cb5c14241bad2c7a234345d7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:09:38 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 11:53:15 GMT
server
AmazonS3
age
113
etag
"6f853bef4da88a5c8d02f79526bf5bdb"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=120, s-maxage=120, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
243
x-amz-cf-id
tasSvx0_IjGWeFf6GBYyhEdX4ERLktbASyGMQdw8RNYwozik3qV9tQ==
/
beacon-v2.helpscout.net/ Frame A047
293 B
620 B
Script
General
Full URL
https://beacon-v2.helpscout.net/
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/79647/6RU0RcHbRRAQUOkM9eE8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e43cc1d04dd927b53e589be9261549e529ad72cb5c14241bad2c7a234345d7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:09:38 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 11:53:15 GMT
server
AmazonS3
age
113
etag
"6f853bef4da88a5c8d02f79526bf5bdb"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=120, s-maxage=120, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
243
x-amz-cf-id
U4gQ5zvDWuWBwOTOA9T4-y-2fFgWje3maYPmiTuY0AP4CI38jTyEzg==
vendor.00021bae.js
beacon-v2.helpscout.net/static/js/ Frame 2A80
702 KB
196 KB
Script
General
Full URL
https://beacon-v2.helpscout.net/static/js/vendor.00021bae.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2ef7f9d5e2367c3eab4c00d3176681ce5cb08165c93b923ae1af79dd338ca0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:08:33 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 11:53:15 GMT
server
AmazonS3
age
164
etag
"562f9cf4d7301f22473859322a0284d1"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
199788
x-amz-cf-id
StB1am-jP5fik-EXUJMWTH4q5L5DbG7m3xx2IcvzDLczFvLwSyU6jQ==
main.73fbc42b.js
beacon-v2.helpscout.net/static/js/ Frame 2A80
256 KB
64 KB
Script
General
Full URL
https://beacon-v2.helpscout.net/static/js/main.73fbc42b.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
485c6f41a2d2496161238f7ecdfc07355e14f46798febe3919537c7ef735919a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:10:18 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 11:53:15 GMT
server
AmazonS3
age
65
etag
"f0a424815d531ddbefbe5765d5d2d1c7"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
65368
x-amz-cf-id
xYFW7JE5SdpBV5PeO0q46gWfNWdLFW5rGzSQ1KzK3eoz6vA8c4-OwQ==
truncated
/ Frame 19F2
4 KB
4 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://app.groove.cm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
397596.gif
idsync.rlcdn.com/ Frame B018
Redirect Chain
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397596.gif?partner_uid=oKUOC7tgH1vVGAvr3kDjQ1AcUFKC6wRs
42 B
288 B
Image
General
Full URL
https://idsync.rlcdn.com/397596.gif?partner_uid=oKUOC7tgH1vVGAvr3kDjQ1AcUFKC6wRs
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 23:11:16 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/397596.gif?partner_uid=oKUOC7tgH1vVGAvr3kDjQ1AcUFKC6wRs
strict-transport-security
max-age=31536000
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2554
date
Mon, 06 Dec 2021 23:11:16 GMT
content-length
197
content-type
text/html; charset=utf-8
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame B018
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay04M1Vmd3ZERGFIbXBoengzLUVEUHNjTU1KMnc4ci1rNVRFc2NpQQ
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
341 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
content-type
image/gif
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
187796
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/ Frame B018
43 B
464 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=617660&c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b99313e68f072f7-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
spp.pl
sp.analytics.yahoo.com/ Frame B018
43 B
373 B
Image
General
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Mon, 06 Dec 2021 23:11:16 GMT
cookie-sync
sync.outbrain.com/ Frame B018
0
313 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-MyAaIvDDaHmphzx3-EDPscMMJ2yl2n2-9z8SXg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:16 GMT
Cache-Control
no-cache
X-TraceId
7e4b249ec820e2c4a6d710b874273550
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame B018
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-MaK92PDDaHmphzx3-EDPscMMJ2wfS8bpL2vAnw&expires=30
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
Content-Type
image/gif
setuid
secure.adnxs.com/ Frame B018
43 B
1019 B
Image
General
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k-VRW-4fDDaHmphzx3-EDPscMMJ2wXn8SENDwQAg&seg=95287
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:16 GMT
X-Proxy-Origin
194.36.108.22; 194.36.108.22; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
9d825f16-d725-4280-ac83-01f3b6f34f8a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B018
42 B
521 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-1mDbNPDDaHmphzx3-EDPscMMJ2xnYZ2tUWMu2Q
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:371
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
xuid
eb2.3lift.com/ Frame B018
37 B
353 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-IHfF0vDDaHmphzx3-EDPscMMJ2ze6_ZoSbLTNA&dongle=013b
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cksync.php
contextual.media.net/ Frame B018
45 B
634 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-2781gPDDaHmphzx3-EDPscMMJ2yTRW9SU8GsvQ
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 06 Dec 2021 23:11:16 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 06 Dec 2021 23:11:16 GMT
rum
r.casalemedia.com/ Frame B018
43 B
1 KB
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 06 Dec 2021 23:11:16 GMT
sync
x.bidswitch.net/ Frame B018
43 B
220 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-cTtojPDDaHmphzx3-EDPscMMJ2xC6o945sFeXA&expires=30&user_group=5
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.209.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-209-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pixel_sync
trends.revcontent.com/cm/ Frame B018
35 B
215 B
Image
General
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-ximRpPDDaHmphzx3-EDPscMMJ2yqfBRefEaVPA
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.164.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-164-0.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
x-powered-by
Express
content-length
35
content-type
image/gif
um
criteo-sync.teads.tv/ Frame B018
23 B
172 B
Image
General
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-PxhGcvDDaHmphzx3-EDPscMMJ2yU-nosYjGWrw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 06 Dec 2021 23:11:16 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
/
rtb-csync.smartadserver.com/redir/ Frame B018
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-GmimnvDDaHmphzx3-EDPscMMJ2x0do6uErv3aw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:15 GMT
transfer-encoding
chunked
content-type
image/gif
v1
match.sharethrough.com/sync/ Frame B018
68 B
262 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-J63fqvDDaHmphzx3-EDPscMMJ2zX0u7MvcpDRw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.150.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-150-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
content-length
68
content-type
image/png
match
ad.360yield.com/ Frame B018
43 B
446 B
Image
General
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jvwCv_DDaHmphzx3-EDPscMMJ2wh8Yutyt5n_g
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.218.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-218-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 23:11:16 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
28292
i6.liadm.com/s/ Frame B018
Redirect Chain
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg&_li_chk=true&previous_uuid=80d121be748c4e44aae6a1bc1ba2a127
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
43 B
447 B
Image
General
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Server
2600:1f18:444a:4602:b51a:2bef:14:5241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:16 GMT
Cache-Control
no-store
Connection
keep-alive
trace-id
74d5b1d5bf062da0
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
Date
Mon, 06 Dec 2021 23:11:16 GMT
Connection
keep-alive
trace-id
9cc89f397deedb43
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
1017
jadserve.postrelease.com/suid/ Frame B018
43 B
426 B
Image
General
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-mdt8BfDDaHmphzx3-EDPscMMJ2yYODucgoTCLQ
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
criteo-partners.tremorhub.com/ Frame B018
43 B
182 B
Image
General
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-OR0G-PDDaHmphzx3-EDPscMMJ2xq_SEGmgooYg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:7de5:38a9:e1be:23d8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
empty.gif
cdn.stickyadstv.com/one-shot/ Frame B018
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-C04Ac_DDaHmphzx3-EDPscMMJ2zZ3wr9oHvjxw&redirectId=69
  • https://cdn.stickyadstv.com/one-shot/empty.gif?
43 B
438 B
Image
General
Full URL
https://cdn.stickyadstv.com/one-shot/empty.gif?
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:16 GMT
Last-Modified
Thu, 28 Feb 2013 15:45:35 GMT
ETag
"1362066335"
X-HW
1638832276.dop237.fr8.t,1638832276.cds126.fr8.shn,1638832276.cds126.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
43

Redirect headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:16 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1638832276177026-331
Expires
Mon, 06 Dec 2021 23:11:16 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame B018
43 B
219 B
Image
General
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-ZDxPAfDDaHmphzx3-EDPscMMJ2xHJbis2zHNJA&pn_id=criteo&ext=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.31.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-31-25.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
/
partner.mediawallahscript.com/ Frame B018
0
638 B
Image
General
Full URL
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&custom=&tag_format=img&tag_action=sync&custom=&cb=dbe3e942-bd12-4ee5-8ba8-d025af09acc2
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.54.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-54-140.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:16 GMT
Cache-Control
private, no-cache, must-revalidate, no-store, max-age=0
Server
nginx/1.18.0
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
ads.yahoo.com/cms/ Frame B018
0
458 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
sync
ups.analytics.yahoo.com/ups/58301/ Frame B018
0
18 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-s4gknvDDaHmphzx3-EDPscMMJ2we1vEQvPpf9g
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
t.gif
cw.addthis.com/ Frame B018
0
424 B
Image
General
Full URL
https://cw.addthis.com/t.gif?pid=113&pdid=k-MaK92PDDaHmphzx3-EDPscMMJ2wfS8bpL2vAnw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 06 Dec 2021 23:11:16 GMT
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B018
0
229 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-gmu0NvDDaHmphzx3-EDPscMMJ2y82y_vOrWrEg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13900
sync
ups.analytics.yahoo.com/ups/55945/ Frame B018
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
0
20 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
date
Mon, 06 Dec 2021 23:11:16 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
397596.gif
idsync.rlcdn.com/ Frame 4506
Redirect Chain
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397596.gif?partner_uid=RpH3ncTKblLOO9DsNBGW4cv7hE_e7xxm
42 B
288 B
Image
General
Full URL
https://idsync.rlcdn.com/397596.gif?partner_uid=RpH3ncTKblLOO9DsNBGW4cv7hE_e7xxm
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 23:11:16 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/397596.gif?partner_uid=RpH3ncTKblLOO9DsNBGW4cv7hE_e7xxm
strict-transport-security
max-age=31536000
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2879
date
Mon, 06 Dec 2021 23:11:16 GMT
content-length
197
content-type
text/html; charset=utf-8
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 4506
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay04M1Vmd3ZERGFIbXBoengzLUVEUHNjTU1KMnc4ci1rNVRFc2NpQQ
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
341 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
content-type
image/gif
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
237419
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/ Frame 4506
43 B
464 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=617660&c=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b99313e891972f7-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
v1
ads.yahoo.com/cms/ Frame 4506
0
21 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
spp.pl
sp.analytics.yahoo.com/ Frame 4506
43 B
79 B
Image
General
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Mon, 06 Dec 2021 23:11:16 GMT
sync
ups.analytics.yahoo.com/ups/58301/ Frame 4506
0
18 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-s4gknvDDaHmphzx3-EDPscMMJ2we1vEQvPpf9g
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie-sync
sync.outbrain.com/ Frame 4506
0
313 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-MyAaIvDDaHmphzx3-EDPscMMJ2yl2n2-9z8SXg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:16 GMT
Cache-Control
no-cache
X-TraceId
90405e2a46210b5320d80dcca276c6cd
Content-Length
0
t.gif
cw.addthis.com/ Frame 4506
0
424 B
Image
General
Full URL
https://cw.addthis.com/t.gif?pid=113&pdid=k-MaK92PDDaHmphzx3-EDPscMMJ2wfS8bpL2vAnw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 06 Dec 2021 23:11:16 GMT
tap.php
pixel.rubiconproject.com/ Frame 4506
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-MaK92PDDaHmphzx3-EDPscMMJ2wfS8bpL2vAnw&expires=30
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
Content-Type
image/gif
setuid
secure.adnxs.com/ Frame 4506
43 B
1019 B
Image
General
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k-VRW-4fDDaHmphzx3-EDPscMMJ2wXn8SENDwQAg&seg=95287
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:16 GMT
X-Proxy-Origin
194.36.108.22; 194.36.108.22; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
5b9d6de2-fb9f-4332-8922-226ae0bd67f6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4506
42 B
113 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-1mDbNPDDaHmphzx3-EDPscMMJ2xnYZ2tUWMu2Q
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:473
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
xuid
eb2.3lift.com/ Frame 4506
37 B
353 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-IHfF0vDDaHmphzx3-EDPscMMJ2ze6_ZoSbLTNA&dongle=013b
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cksync.php
contextual.media.net/ Frame 4506
45 B
634 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-2781gPDDaHmphzx3-EDPscMMJ2yTRW9SU8GsvQ
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 06 Dec 2021 23:11:16 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 06 Dec 2021 23:11:16 GMT
rum
r.casalemedia.com/ Frame 4506
43 B
1 KB
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 06 Dec 2021 23:11:16 GMT
sync
x.bidswitch.net/ Frame 4506
43 B
220 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-cTtojPDDaHmphzx3-EDPscMMJ2xC6o945sFeXA&expires=30&user_group=5
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.209.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-209-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pixel_sync
trends.revcontent.com/cm/ Frame 4506
35 B
215 B
Image
General
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-ximRpPDDaHmphzx3-EDPscMMJ2yqfBRefEaVPA
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.164.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-164-0.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
x-powered-by
Express
content-length
35
content-type
image/gif
um
criteo-sync.teads.tv/ Frame 4506
23 B
172 B
Image
General
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-PxhGcvDDaHmphzx3-EDPscMMJ2yU-nosYjGWrw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 06 Dec 2021 23:11:16 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 4506
0
229 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-gmu0NvDDaHmphzx3-EDPscMMJ2y82y_vOrWrEg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13183
/
rtb-csync.smartadserver.com/redir/ Frame 4506
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-GmimnvDDaHmphzx3-EDPscMMJ2x0do6uErv3aw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
transfer-encoding
chunked
content-type
image/gif
v1
match.sharethrough.com/sync/ Frame 4506
68 B
262 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-J63fqvDDaHmphzx3-EDPscMMJ2zX0u7MvcpDRw
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.150.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-150-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
content-length
68
content-type
image/png
match
ad.360yield.com/ Frame 4506
43 B
446 B
Image
General
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jvwCv_DDaHmphzx3-EDPscMMJ2wh8Yutyt5n_g
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.218.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-218-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 23:11:16 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
28292
i6.liadm.com/s/ Frame 4506
Redirect Chain
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg&_li_chk=true&previous_uuid=f827bae69b004116af786208969438bb
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
43 B
447 B
Image
General
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Server
2600:1f18:444a:4602:b51a:2bef:14:5241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:16 GMT
Cache-Control
no-store
Connection
keep-alive
trace-id
3e400e9968773177
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-jJU3avDDaHmphzx3-EDPscMMJ2yyut9lpwF_gg
Date
Mon, 06 Dec 2021 23:11:16 GMT
Connection
keep-alive
trace-id
160178c303b65740
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
1017
jadserve.postrelease.com/suid/ Frame 4506
43 B
426 B
Image
General
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-mdt8BfDDaHmphzx3-EDPscMMJ2yYODucgoTCLQ
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55945/ Frame 4506
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
0
20 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k--zn9iPDDaHmphzx3-EDPscMMJ2wMfQzx1a0pGw&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
date
Mon, 06 Dec 2021 23:11:16 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
criteo-partners.tremorhub.com/ Frame 4506
43 B
182 B
Image
General
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-OR0G-PDDaHmphzx3-EDPscMMJ2xq_SEGmgooYg
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:7de5:38a9:e1be:23d8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
empty.gif
cdn.stickyadstv.com/one-shot/ Frame 4506
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-C04Ac_DDaHmphzx3-EDPscMMJ2zZ3wr9oHvjxw&redirectId=69
  • https://cdn.stickyadstv.com/one-shot/empty.gif?
43 B
438 B
Image
General
Full URL
https://cdn.stickyadstv.com/one-shot/empty.gif?
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:16 GMT
Last-Modified
Thu, 28 Feb 2013 15:45:35 GMT
ETag
"1362066335"
X-HW
1638832276.dop012.ml1.t,1638832276.cds009.ml1.shn,1638832276.cds009.ml1.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
43

Redirect headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:16 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1638832276182025-417
Expires
Mon, 06 Dec 2021 23:11:16 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 4506
43 B
219 B
Image
General
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-ZDxPAfDDaHmphzx3-EDPscMMJ2xHJbis2zHNJA&pn_id=criteo&ext=1
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.31.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-31-25.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
/
partner.mediawallahscript.com/ Frame 4506
0
638 B
Image
General
Full URL
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-83UfwvDDaHmphzx3-EDPscMMJ2w8r-k5TEsciA&custom=&tag_format=img&tag_action=sync&custom=&cb=fd0f97e8-ac29-447a-aa3e-34ebfcc542fb
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.54.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-54-140.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 23:11:16 GMT
Cache-Control
private, no-cache, must-revalidate, no-store, max-age=0
Server
nginx/1.18.0
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55945/ Frame A05F
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=k-m4THKfDDaHmphzx3-EDPscMMJ2yQB5NHTVF01Q&_origin=1
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-m4THKfDDaHmphzx3-EDPscMMJ2yQB5NHTVF01Q&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
0
20 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-m4THKfDDaHmphzx3-EDPscMMJ2yQB5NHTVF01Q&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-m4THKfDDaHmphzx3-EDPscMMJ2yQB5NHTVF01Q&_origin=1&apid=UPd003c762-56e9-11ec-91b4-069b4222f4ee
date
Mon, 06 Dec 2021 23:11:16 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
groovevideo-5d7b2e757118845b2765f38a25323909.mp4
videos.groovevideo.com/5ef02765e1ce590013d90067/ Frame 19F2
106 KB
0
Media
General
Full URL
https://videos.groovevideo.com/5ef02765e1ce590013d90067/groovevideo-5d7b2e757118845b2765f38a25323909.mp4
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b200:b:d801:7900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://app.groove.cm/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 06 Dec 2021 23:11:17 GMT
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
last-modified
Sun, 05 Dec 2021 23:09:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"f21c487fcdb18d7e39ba94591ffcb9e2"
x-cache
Miss from cloudfront
content-type
video/mp4
Content-Range
bytes 0-2983026/2983027
accept-ranges
bytes
Content-Length
2983027
x-amz-cf-id
RJz7OPopz6t_Lw_VyN2iSsW7utntzb6OdIRHAr73LdG4QROkPPEmWA==
groovevideo-590d2305db354b85b910985a1a3d2179.mp4
videos.groovevideo.com/5ef02765e1ce590013d90067/ Frame DE4C
106 KB
0
Media
General
Full URL
https://videos.groovevideo.com/5ef02765e1ce590013d90067/groovevideo-590d2305db354b85b910985a1a3d2179.mp4
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b200:b:d801:7900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://app.groove.cm/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 06 Dec 2021 23:11:17 GMT
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
last-modified
Sun, 05 Dec 2021 23:09:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"4e6ca8b6bfd915ff518d2511238187f3"
x-cache
Miss from cloudfront
content-type
video/mp4
Content-Range
bytes 0-3226448/3226449
accept-ranges
bytes
Content-Length
3226449
x-amz-cf-id
wmHm2OJ0V8sQ9k2IPAFmY46VKcv8By58FtUufgpILq2-I9P8LxVeQQ==
vendor.00021bae.js
beacon-v2.helpscout.net/static/js/ Frame 19F2
702 KB
196 KB
Script
General
Full URL
https://beacon-v2.helpscout.net/static/js/vendor.00021bae.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2ef7f9d5e2367c3eab4c00d3176681ce5cb08165c93b923ae1af79dd338ca0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:08:33 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 11:53:15 GMT
server
AmazonS3
age
164
etag
"562f9cf4d7301f22473859322a0284d1"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
199788
x-amz-cf-id
1nHnXpyGZLR9BsT1IaQWc8Hd-xIOgkjMGkY1SoRO6RWptsXb2kRWLg==
main.73fbc42b.js
beacon-v2.helpscout.net/static/js/ Frame 19F2
256 KB
64 KB
Script
General
Full URL
https://beacon-v2.helpscout.net/static/js/main.73fbc42b.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
485c6f41a2d2496161238f7ecdfc07355e14f46798febe3919537c7ef735919a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:10:18 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 11:53:15 GMT
server
AmazonS3
age
65
etag
"f0a424815d531ddbefbe5765d5d2d1c7"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
65368
x-amz-cf-id
tNezNcRm7rIUDJFck_M3FuOj-bVy5yiXhhqTUaHYlurIKn4WXermNw==
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame B018
Redirect Chain
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
43 B
342 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
content-type
image/gif
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1861119
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:16 GMT
X-Proxy-Origin
194.36.108.22; 194.36.108.22; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2640dd94-a790-4bba-a729-438969384c38
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vendor.00021bae.js
beacon-v2.helpscout.net/static/js/ Frame A047
702 KB
196 KB
Script
General
Full URL
https://beacon-v2.helpscout.net/static/js/vendor.00021bae.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2ef7f9d5e2367c3eab4c00d3176681ce5cb08165c93b923ae1af79dd338ca0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:08:33 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 11:53:15 GMT
server
AmazonS3
age
164
etag
"562f9cf4d7301f22473859322a0284d1"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
199788
x-amz-cf-id
f9PqHo5tEDjTTGlh1o4avhnS0n_xC2Q81tU2i80LhbdTTsfcNKwlwg==
main.73fbc42b.js
beacon-v2.helpscout.net/static/js/ Frame A047
256 KB
64 KB
Script
General
Full URL
https://beacon-v2.helpscout.net/static/js/main.73fbc42b.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
485c6f41a2d2496161238f7ecdfc07355e14f46798febe3919537c7ef735919a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:10:18 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 11:53:15 GMT
server
AmazonS3
age
65
etag
"f0a424815d531ddbefbe5765d5d2d1c7"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
65368
x-amz-cf-id
_ZJPxqGmydaGUBOzoFYKT3NxIelzvIdikCQ3WFT-IBzC3HsszsMFaQ==
matomo.php
matomo.groovetech.io/ Frame 2A80
43 B
217 B
Image
General
Full URL
https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=834040&h=23&m=11&s=16&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79654%2FjGx72GODkUqq1ZyTrN49&urlref=https%3A%2F%2Fposting4profitnow.com%2F&_id=a1cb82407eab6099&_idts=1638832276&_idvc=1&_idn=1&_refts=1638832276&_viewts=1638832276&_ref=https%3A%2F%2Fposting4profitnow.com%2F&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=197&pv_id=toetfH
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 Laval, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 / PHP/7.4.24
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
cache-control
no-store
server
nginx/1.19.2
x-powered-by
PHP/7.4.24
content-length
43
content-type
image/gif
matomo.php
matomo.groovetech.io/ Frame 3123
43 B
217 B
Image
General
Full URL
https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=872528&h=23&m=11&s=16&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79650%2Fdytj8Zl0tXGVRJ1e2VfN&urlref=https%3A%2F%2Fposting4profitnow.com%2F&_id=69bf6e5154fb0b58&_idts=1638832276&_idvc=1&_idn=1&_refts=1638832276&_viewts=1638832276&_ref=https%3A%2F%2Fposting4profitnow.com%2F&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=189&pv_id=arJWUX
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 Laval, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 / PHP/7.4.24
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
cache-control
no-store
server
nginx/1.19.2
x-powered-by
PHP/7.4.24
content-length
43
content-type
image/gif
matomo.php
matomo.groovetech.io/ Frame DE4C
43 B
217 B
Image
General
Full URL
https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=222473&h=23&m=11&s=16&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79645%2F1pRJ3JmNn0gEPIi1nIoY&urlref=https%3A%2F%2Fposting4profitnow.com%2F&_id=0f1a231d0d30edba&_idts=1638832276&_idvc=1&_idn=1&_refts=1638832276&_viewts=1638832276&_ref=https%3A%2F%2Fposting4profitnow.com%2F&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=193&pv_id=LCPT7m
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 Laval, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 / PHP/7.4.24
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
cache-control
no-store
server
nginx/1.19.2
x-powered-by
PHP/7.4.24
content-length
43
content-type
image/gif
matomo.php
matomo.groovetech.io/ Frame 5E6E
43 B
217 B
Image
General
Full URL
https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=474408&h=23&m=11&s=16&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79651%2FjZ9IfBVyFOKNxl9jU54M&urlref=https%3A%2F%2Fposting4profitnow.com%2F&_id=f6aa69031023365d&_idts=1638832276&_idvc=1&_idn=1&_refts=1638832276&_viewts=1638832276&_ref=https%3A%2F%2Fposting4profitnow.com%2F&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=197&pv_id=fR0dvt
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 Laval, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 / PHP/7.4.16
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
cache-control
no-store
server
nginx/1.19.2
x-powered-by
PHP/7.4.16
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 4506
Redirect Chain
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
43 B
342 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:15 GMT
content-type
image/gif
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1528908
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:16 GMT
X-Proxy-Origin
194.36.108.22; 194.36.108.22; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f6224b3d-6cf3-4b7e-9596-b8285064da34
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5026356722935433418
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
groovevideo-31835f41d1dc39bdcdb684f2dedb5908.mp4
videos.groovevideo.com/5ef02765e1ce590013d90067/ Frame 3123
106 KB
0
Media
General
Full URL
https://videos.groovevideo.com/5ef02765e1ce590013d90067/groovevideo-31835f41d1dc39bdcdb684f2dedb5908.mp4
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b200:b:d801:7900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://app.groove.cm/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 06 Dec 2021 23:11:17 GMT
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
last-modified
Sun, 05 Dec 2021 23:09:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"8e1275d330acb3e42692e540b00684df"
x-cache
Miss from cloudfront
content-type
video/mp4
Content-Range
bytes 0-3310933/3310934
accept-ranges
bytes
Content-Length
3310934
x-amz-cf-id
FKUltJomI3i4Q6LQA0nBiHdO-1bf4npRU7vly2CcJq8Jvmy8gx69gQ==
groovevideo-735ab2ea01538f47e999cb9a57e26e9d.mp4
videos.groovevideo.com/5ef02765e1ce590013d90067/ Frame 2A80
202 KB
0
Media
General
Full URL
https://videos.groovevideo.com/5ef02765e1ce590013d90067/groovevideo-735ab2ea01538f47e999cb9a57e26e9d.mp4
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b200:b:d801:7900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://app.groove.cm/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 06 Dec 2021 23:11:17 GMT
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
last-modified
Sun, 05 Dec 2021 23:09:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"f821a47d30bef435efc3501f8c73100c"
x-cache
Miss from cloudfront
content-type
video/mp4
Content-Range
bytes 0-16491288/16491289
accept-ranges
bytes
Content-Length
16491289
x-amz-cf-id
A5QNp5n7elOAs1mXTKFuiemuyos7wpUtjvLH9J9psscV25JvEBgCeA==
m
cm.mgid.com/ Frame 4506
43 B
464 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=617660&c=26236b88-6af0-4d77-9ded-e5cc34476a64
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b9931404be972f7-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
groovevideo-ca55890a8b9bac2550b081f1ab3ab6c5.mp4
videos.groovevideo.com/5ef02765e1ce590013d90067/ Frame 5E6E
150 KB
0
Media
General
Full URL
https://videos.groovevideo.com/5ef02765e1ce590013d90067/groovevideo-ca55890a8b9bac2550b081f1ab3ab6c5.mp4
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b200:b:d801:7900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://app.groove.cm/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 06 Dec 2021 23:11:17 GMT
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
last-modified
Sun, 05 Dec 2021 23:09:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"d4294111688759cba8195f9fa523f713"
x-cache
Miss from cloudfront
content-type
video/mp4
Content-Range
bytes 0-2858851/2858852
accept-ranges
bytes
Content-Length
2858852
x-amz-cf-id
ZlvjA8ZaIo_-7p-v55rZfkTWsx9nmQ8jmn0QmuDkfzawRSGm5mxMJg==
matomo.php
matomo.groovetech.io/ Frame 19F2
43 B
217 B
Image
General
Full URL
https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=229121&h=23&m=11&s=16&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79652%2FTot2pgPvI8YiKGUNLHCb&urlref=https%3A%2F%2Fposting4profitnow.com%2F&_id=7f57d22ea419e654&_idts=1638832276&_idvc=1&_idn=1&_refts=1638832276&_viewts=1638832276&_ref=https%3A%2F%2Fposting4profitnow.com%2F&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=198&pv_id=3dbPrK
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 Laval, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 / PHP/7.4.16
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
cache-control
no-store
server
nginx/1.19.2
x-powered-by
PHP/7.4.16
content-length
43
content-type
image/gif
sync
tags.bluekai.com/site/29001/ Frame B018
Redirect Chain
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=OhUaM8k4TdaZyS7E1cB4GTMrQ9L81uJr
62 B
660 B
Image
General
Full URL
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=OhUaM8k4TdaZyS7E1cB4GTMrQ9L81uJr
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Dec 2021 23:11:16 GMT
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
7a4c
Expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

location
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=OhUaM8k4TdaZyS7E1cB4GTMrQ9L81uJr
strict-transport-security
max-age=31536000
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3097
date
Mon, 06 Dec 2021 23:11:15 GMT
content-length
205
content-type
text/html; charset=utf-8
a
www.googletagmanager.com/ Frame 2A80
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-VQKC5VQTH1&cv=1&v=3&t=t&pid=221006700&rv=c10&e=gtm.load&eid=6&u=CAAAC&ut=C&tc=16&tr=5sdl&ti=1sdl&z=0
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
www.linkedin.com/li/ Frame E890
0
1 KB
Ping
General
Full URL
https://www.linkedin.com/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6862063190298259456?compact=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXSgl+xctdTb3ibGEHjCA==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 87A81142AF944D97B0EDC07704A35BF8 Ref B: FRAEDGE1214 Ref C: 2021-12-06T23:11:16Z
date
Mon, 06 Dec 2021 23:11:16 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.linkedin.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
x-li-proto
http/2
x-li-fabric
prod-ltx1
expires
Thu, 01 Jan 1970 00:00:00 GMT
track
www.linkedin.com/li/ Frame 117A
0
1 KB
Ping
General
Full URL
https://www.linkedin.com/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6846197346825588736?compact=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXSgl+xcr0MftlZ3u/B3g==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 3EADB12E567D42A4AC1A267DC06EF984 Ref B: FRAEDGE1214 Ref C: 2021-12-06T23:11:16Z
date
Mon, 06 Dec 2021 23:11:16 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.linkedin.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
x-li-fabric
prod-ltx1
expires
Thu, 01 Jan 1970 00:00:00 GMT
ts
t.paypal.com/ Frame DB7D
42 B
499 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Checkout%20%C2%B7%20Posting4ProfitNow&dh=1200&dw=1600&bh=466&bw=498&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1638832276532&g=0&completeurl=https%3A%2F%2Fposting4profitnow.groovesell.com%2Fcheckout-widget%2Fb24c91ff4a294541a19f193028759f8a%3Faskun%3D0%26askpw%3D0%26sb%3D0%26skip_payment_info%3D0%26st%3D0%26oai%3D0%26otp%3D%26sh%3D%26hcem%3D%26hcfn%3D%26hcln%3D%26gdsp%3D%26gdsf%3D%26gssp%3D&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://posting4profitnow.groovesell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:16 GMT
via
1.1 varnish, 1.1 varnish
x-timer
S1638832277.547468,VS0,VE161
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
65c83e51c0178
expires
Mon, 06 Dec 2021 23:11:16 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-cache-hits
0, 0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-lhr7353-LHR, cache-lon4251-LON
groovevideo-c0fb6213f89f91fa42b7d696befe661a.mp4
videos.groovevideo.com/5ef02765e1ce590013d90067/ Frame A047
117 KB
0
Media
General
Full URL
https://videos.groovevideo.com/5ef02765e1ce590013d90067/groovevideo-c0fb6213f89f91fa42b7d696befe661a.mp4
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b200:b:d801:7900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://app.groove.cm/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 06 Dec 2021 23:11:17 GMT
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
last-modified
Sun, 05 Dec 2021 23:09:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"a44a6e1b8e469ada0bc47b1916693480"
x-cache
Miss from cloudfront
content-type
video/mp4
Content-Range
bytes 0-2171823/2171824
accept-ranges
bytes
Content-Length
2171824
x-amz-cf-id
Cf4313NC4gbLfaPwmFyiK1EAMmddYn9zC-bAY7vbPEFkO6FuSuF7lA==
matomo.php
matomo.groovetech.io/ Frame A047
43 B
217 B
Image
General
Full URL
https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=683982&h=23&m=11&s=16&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F79647%2F6RU0RcHbRRAQUOkM9eE8&urlref=https%3A%2F%2Fposting4profitnow.com%2F&_id=8650ffdb39de8c59&_idts=1638832276&_idvc=1&_idn=1&_refts=1638832276&_viewts=1638832276&_ref=https%3A%2F%2Fposting4profitnow.com%2F&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=206&pv_id=Rygz1p
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 Laval, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 / PHP/7.4.16
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 23:11:16 GMT
cache-control
no-store
server
nginx/1.19.2
x-powered-by
PHP/7.4.16
content-length
43
content-type
image/gif
a
www.googletagmanager.com/ Frame 2A80
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-VQKC5VQTH1&cv=1&v=3&t=t&pid=221006700&rv=c10&es=1&e=gtm.historyChange-v2&eid=16&u=CAAAC&ut=C&tc=16&z=0
Requested by
Host: posting4profitnow.com
URL: https://posting4profitnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 23:11:17 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
www.linkedin.com/li/ Frame E890
0
249 B
Ping
General
Full URL
https://www.linkedin.com/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6862063190298259456?compact=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXSgl/NiCaY/4i2YoUhqA==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E201032FC31F49AEA9B84CA6B300BB26 Ref B: FRAEDGE1214 Ref C: 2021-12-06T23:11:18Z
date
Mon, 06 Dec 2021 23:11:18 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.linkedin.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
x-li-fabric
prod-ltx1
expires
Thu, 01 Jan 1970 00:00:00 GMT
track
www.linkedin.com/li/ Frame 117A
0
127 B
Ping
General
Full URL
https://www.linkedin.com/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6846197346825588736?compact=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXSgl/NlKU3GEtYBwgs/w==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: DE7F08F722DD4766A2274CFD31139559 Ref B: FRAEDGE1214 Ref C: 2021-12-06T23:11:18Z
date
Mon, 06 Dec 2021 23:11:18 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.linkedin.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
x-li-proto
http/2
x-li-fabric
prod-ltx1
expires
Thu, 01 Jan 1970 00:00:00 GMT
track
www.linkedin.com/li/ Frame E890
0
1 KB
Ping
General
Full URL
https://www.linkedin.com/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6862063190298259456?compact=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXSgl/sDqgjscmkhCWcrg==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 41CA99C4D5C54186A44ABBF00D4B3ECF Ref B: FRAEDGE1214 Ref C: 2021-12-06T23:11:20Z
date
Mon, 06 Dec 2021 23:11:20 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.linkedin.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
x-li-proto
http/2
x-li-fabric
prod-ltx1
expires
Thu, 01 Jan 1970 00:00:00 GMT
track
www.linkedin.com/li/ Frame 117A
0
1 KB
Ping
General
Full URL
https://www.linkedin.com/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1do6zzumecnl1wz319skt1m9k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.linkedin.com/embed/feed/update/urn:li:ugcPost:6846197346825588736?compact=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXSgl/sGVR0rWFNriHqUw==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 707618B8F7FF4C11A33F3D51205EAD62 Ref B: FRAEDGE1214 Ref C: 2021-12-06T23:11:20Z
date
Mon, 06 Dec 2021 23:11:20 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.linkedin.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
x-li-fabric
prod-ltx1
expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
posting4profitnow.groovesell.com
URL
https://posting4profitnow.groovesell.com/admin/css/gdui_styles.d4f43a.css
Domain
posting4profitnow.groovesell.com
URL
https://posting4profitnow.groovesell.com/admin/css/app.d4f43a.css
Domain
posting4profitnow.groovesell.com
URL
https://posting4profitnow.groovesell.com/admin/css/iconfont.css
Domain
posting4profitnow.groovesell.com
URL
https://posting4profitnow.groovesell.com/admin/css/material-icons/material-icons.css
Domain
gitcdn.link
URL
https://gitcdn.link/repo/lykmapipo/themify-icons/master/css/themify-icons.css
Domain
js.stripe.com
URL
https://js.stripe.com/v3/
Domain
js.stripe.com
URL
https://js.stripe.com/terminal/v1/
Domain
www.paypalobjects.com
URL
https://www.paypalobjects.com/api/checkout.js
Domain
js.authorize.net
URL
https://js.authorize.net/v1/Accept.js
Domain
js.braintreegateway.com
URL
https://js.braintreegateway.com/web/3.68.0/js/client.min.js
Domain
js.braintreegateway.com
URL
https://js.braintreegateway.com/web/3.68.0/js/hosted-fields.min.js
Domain
kit.fontawesome.com
URL
https://kit.fontawesome.com/4c9b43643d.js
Domain
posting4profitnow.groovesell.com
URL
https://posting4profitnow.groovesell.com/admin/js_new/app.503b59.js

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| FontAwesomeKitConfig string| websiteurl undefined| encodeSite object| _paq function| mergeContentSettings function| setImmediate function| clearImmediate object| regeneratorRuntime function| iFrameResize object| FontAwesomeConfig object| ___FONT_AWESOME___ object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log function| setupCountdown object| $cookies boolean| isFreeUser function| setvIframe function| setupSlider object| contentBuilderSettings object| site function| onYouTubeIframeAPIReady object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions

78 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: MgkI_____wcQhRE
posting4profitnow.com/ Name: _pk_id.4.a3b4
Value: 8ecb8e30db11f38c.1638832270.1.1638832270.1638832270.
posting4profitnow.com/ Name: _pk_ses.4.a3b4
Value: 1
posting4profitnow.com/ Name: first-visit
Value: 1638832270005
.youtube.com/ Name: YSC
Value: o37Sfv5Ck3c
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: vPi7miOPRHk
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.linkedin.com/ Name: lidc
Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2416:u=1:x=1:i=1638832270:t=1638918670:v=2:sig=AQG1eiCtnlZjdR8sym_GXmWc1ELozr2U"
.www.linkedin.com/ Name: JSESSIONID
Value: ajax:0216511238671321817
.linkedin.com/ Name: bcookie
Value: "v=2&e14210cd-6541-44cf-8b64-f2bab0a85709"
.www.linkedin.com/ Name: bscookie
Value: "v=1&202112062311106d3feba5-a56b-479d-82b6-191d66d581b6AQHKSThHNChTPm5-Iuy6yjUwws3U2TfZ"
.linkedin.com/ Name: li_gc
Value: MTswOzE2Mzg4MzIyNzA7MjswMjHb8cE49C+KUrsInMQ7e2fhgx+DiLwqiDVQdfwIOAzAZg==
.authorize.net/ Name: __cfruid
Value: d45ca1f189593d41c6650cec377f2414a7c44ac5-1638832270
posting4profitnow.com/ Name: hasVisitedPopupPage
Value: true
.paypal.com/ Name: LANG
Value: de_DE%3BDE
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: tsrce
Value: tagmanagernodeweb
www.paypal.com/ Name: nsid
Value: s%3AZ7OtQrwBeK1ALtAaBdQTP_ScIkxOpTZx.AKixgzOBE6eBbGAdIBkItrf1RTRa%2F2u7nhl1JFLOigg
.paypal.com/ Name: l7_az
Value: dcg02.phx
.paypal.com/ Name: ts_c
Value: vr%3D9203f16e17d0a760ab308e80f85c9f8b%26vt%3D9203f16e17d0a760ab308e80f85c9f8a
.bing.com/ Name: MUID
Value: 1D79CBF19611620E31E5DAF4977A63BA
.doubleclick.net/ Name: IDE
Value: AHWqTUnCpmhwyy9Nq8bKCt7jRfpnXLQhCC-wFS0yWCtrnuUOIUPFR69rBBoRib9e
.criteo.com/ Name: uid
Value: 26236b88-6af0-4d77-9ded-e5cc34476a64
.yahoo.com/ Name: A3
Value: d=AQABBJGYrmECEIO0SUt8Hn4pNOBrWF9aAyoFEgEBAQHqr2G4YQAAAAAA_eMAAA&S=AQAAAm7yJnD5uGNohafNdbw8GI8
175592.tracking.hyros.com/ Name: __mh_tt_s
Value: HB-ET_589feffb62720ba252b67ccb65d912335475d911495e8b7ef7f4bcf1a2ccdbf4
m.stripe.com/ Name: m
Value: a902b094-9363-40f3-ba82-d93466f5566a517859
.adnxs.com/ Name: uuid2
Value: 5026356722935433418
.3lift.com/ Name: tluid
Value: 12615958124779980793
.dmxleo.com/ Name: dmxId
Value: 2325486FF3A231400GLVUGAMGBQGBZCRU
.bidswitch.net/ Name: tuuid
Value: 294bad35-047a-4611-ac5c-ebc4e62cc9e1
.bidswitch.net/ Name: c
Value: 1638832275
.bidswitch.net/ Name: tuuid_lu
Value: 1638832275
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-1mDbNPDDaHmphzx3-EDPscMMJ2xnYZ2tUWMu2Q&KRTB&23286-uid:k-1mDbNPDDaHmphzx3-EDPscMMJ2xnYZ2tUWMu2Q&KRTB&23287-uid:k-1mDbNPDDaHmphzx3-EDPscMMJ2xnYZ2tUWMu2Q&KRTB&23288-uid:k-1mDbNPDDaHmphzx3-EDPscMMJ2xnYZ2tUWMu2Q
.pubmatic.com/ Name: PUBMDCID
Value: 3
.mgid.com/ Name: muidn
Value: lb6fPQcTcBbf
.mgid.com/ Name: __cf_bm
Value: noW63Q7IP18ucd2KyQ6Q4.cXC6.TNG_h8SLELrRbDHI-1638832275-0-ASo/KaWC598W7iknhREK5vgU6zTLOoOSwr4Fp3GeiBGfSsRtU807JVfiJgcLkHfuYLGYP7b5D4hpO/piqbbPei0=
.rlcdn.com/ Name: pxrc
Value: CAA=
.casalemedia.com/ Name: CMPS
Value: 5223
.media.net/ Name: data-c
Value: k-2781gPDDaHmphzx3-EDPscMMJ2yTRW9SU8GsvQ~~3
.media.net/ Name: visitor-id
Value: 2818338756687075000V10
.casalemedia.com/ Name: CMID
Value: Ya6Yk7mmwWxOEvsAwdRvVwAA
.revcontent.com/ Name: v1_151
Value: 1
.revcontent.com/ Name: __ID
Value: 550f5e61180a49aebe0fcbdc29e6985f
.casalemedia.com/ Name: CMPRO
Value: 1209
.mediawallahscript.com/ Name: mCookie
Value: cfff8180-56e9-11ec-8a42-672da2a98bfa
.mediawallahscript.com/ Name: mUserCookie
Value: %7B%22undefined%22%3A%5B%22%22%2C%22%22%2C%22%22%5D%7D
.advertising.com/ Name: APID
Value: UPd003c762-56e9-11ec-91b4-069b4222f4ee
.sharethrough.com/ Name: stx_user_id
Value: 18fb572c-9974-4510-9dfe-7290e57e83b3
.taboola.com/ Name: t_gid
Value: b8f104b1-1dcf-4cc1-af2b-e482da254c86-tuct8a81e13
cm.mgid.com/ Name: mg_sync
Value: {"617660":1638832275}
.360yield.com/ Name: tuuid_lu
Value: 1638832275
.360yield.com/ Name: tuuid
Value: e6e23188-5954-425c-b461-c38410d58cc7
.addthis.com/ Name: ouid
Value: 61ae989300015f62a9178962821def8be3ab0d2eb294d80939f6
.addthis.com/ Name: uid
Value: 61ae98936e4bd02b
.addthis.com/ Name: na_id
Value: 2021120623111579400432407207
.outbrain.com/ Name: criteo
Value: k-MyAaIvDDaHmphzx3-EDPscMMJ2yl2n2-9z8SXg
.analytics.yahoo.com/ Name: IDSYNC
Value: "18zh~21xz:1761~21xz"
.yahoo.com/ Name: APID
Value: UPd003c762-56e9-11ec-91b4-069b4222f4ee
.yahoo.com/ Name: APIDTS
Value: 1638832276
ads.stickyadstv.com/ Name: uid-bp-11554
Value: k-C04Ac_DDaHmphzx3-EDPscMMJ2zZ3wr9oHvjxw
.360yield.com/ Name: umeh
Value: !38,0,1701040276,-1
ads.stickyadstv.com/ Name: UID
Value: d5aa7faa268d6c3fc0d9f6bd956ecab7
ads.stickyadstv.com/ Name: sessionId
Value: 3aa4c0b3e5abe2f715a9cf62238ccc8
.outbrain.com/ Name: obuid
Value: b8e00401-f6a1-4502-b075-098517ce24e9
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bku
Value: uUW99JuRgZaOriLr
.postrelease.com/ Name: opt_out
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2GVSiCizz!]taq8i_it:z!9CUYaI%AE_R4<]gU4Y1=+j:XK2M^/g5aIS+iSUZn$wWokqfX4fM(E'OMCRSxQn/X%W#.wL4W1Qw2AA?oJ+
.pubmatic.com/ Name: PugT
Value: 1638832276
.casalemedia.com/ Name: CMRUM3
Value: 1461ae98942760k-uvSDZfDDaHmphzx3-EDPscMMJ2zQkNBp6TL7pA
.casalemedia.com/ Name: CMST
Value: Ya6Yk2GumJQA
.media.net/ Name: data-c-ts
Value: 1638832276
.360yield.com/ Name: um
Value: !38,nau9vp5Lw09CiqyDJV6e7JuhaevJU5BaUrLdkDTg5E0EPPIAXpiStJG19p2TMba2Zz-n-FDC,1646608276
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTYzODgzMjI3NjE5MiIsImwiOiIwIiwibSI6IjAifQ
.www.paypal.com/ Name: akavpau_ppsd
Value: 1638832876~id=e7aff420fdb1482977370083e9f29d47
.rlcdn.com/ Name: rlas3
Value: DUrF4YxS+VTi1dSMZHZKE2FKBwf6roumQXzF9lRO13Y=
.liadm.com/ Name: lidid
Value: f827bae6-9b00-4116-af78-6208969438bb
.paypal.com/ Name: ts
Value: vreXpYrS%3D1733526676%26vteXpYrS%3D1638834076%26vr%3D9203f16e17d0a760ab308e80f85c9f8b%26vt%3D9203f16e17d0a760ab308e80f85c9f8a%26vtyp%3Dnew

7 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='".
security error URL: https://widget.groovevideo.com/widget/app.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://app.groovefunnels.com') does not match the recipient window's origin ('https://app.groove.cm').
security error URL: https://widget.groovevideo.com/widget/app.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://app.groovefunnels.com') does not match the recipient window's origin ('https://app.groove.cm').
security error URL: https://widget.groovevideo.com/widget/app.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://app.groovefunnels.com') does not match the recipient window's origin ('https://app.groove.cm').
security error URL: https://widget.groovevideo.com/widget/app.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://app.groovefunnels.com') does not match the recipient window's origin ('https://app.groove.cm').
security error URL: https://widget.groovevideo.com/widget/app.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://app.groovefunnels.com') does not match the recipient window's origin ('https://app.groove.cm').
security error URL: https://widget.groovevideo.com/widget/app.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://app.groovefunnels.com') does not match the recipient window's origin ('https://app.groove.cm').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

175592.tracking.hyros.com
ad.360yield.com
ade.clmbtech.com
ads.stickyadstv.com
ads.yahoo.com
api.loopedin.io
app.groove.cm
app.groovefunnels.com
assets.grooveapps.com
bat.bing.com
beacon-v2.helpscout.net
cdn.productstash.io
cdn.stickyadstv.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.mgid.com
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cw.addthis.com
dis.criteo.com
dms.licdn.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gitcdn.link
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
i.ytimg.com
i6.liadm.com
idsync.rlcdn.com
jadserve.postrelease.com
js.authorize.net
js.braintreegateway.com
js.stripe.com
ka-f.fontawesome.com
kit.fontawesome.com
m.stripe.com
m.stripe.network
match.sharethrough.com
matomo.groovetech.io
media-exp1.licdn.com
mug.criteo.com
partner.mediawallahscript.com
pixel.advertising.com
pixel.rubiconproject.com
posting4profitnow.com
posting4profitnow.groovesell.com
proof.groovesell.com
public-prod-dspcookiematching.dmxleo.com
q.stripe.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.yimg.com
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static-exp1.licdn.com
static.criteo.net
static.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
t.paypal.com
tags.bluekai.com
tracking.groovesell.com
trends.revcontent.com
ups.analytics.yahoo.com
us-u.openx.net
v1.gdapis.com
videos.groovevideo.com
widget.groovevideo.com
widget.us.criteo.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.paypal.com
www.paypalobjects.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
gitcdn.link
js.authorize.net
js.braintreegateway.com
js.stripe.com
kit.fontawesome.com
posting4profitnow.groovesell.com
www.paypalobjects.com
104.111.215.191
104.111.228.123
104.111.242.245
104.18.9.127
104.19.132.78
104.75.88.126
108.128.72.146
13.32.22.59
13.35.253.30
141.226.228.48
142.250.181.226
142.250.186.34
151.101.193.35
151.101.64.176
178.250.0.157
178.250.0.163
178.250.2.151
18.156.0.31
18.157.150.79
185.64.190.80
185.86.137.132
188.65.124.38
2.18.234.21
2.18.234.233
2.18.235.93
2001:4de0:ac19::1:b:1a
212.82.100.181
2600:1f18:444a:4602:b51a:2bef:14:5241
2600:1f18:612b:4216:7de5:38a9:e1be:23d8
2600:9000:211e:6200:1b:5138:8a40:93a1
2600:9000:211e:b200:b:d801:7900:93a1
2606:4700:3033::ac43:8b0d
2606:4700:3034::6815:7d7
2606:4700:3034::ac43:d90a
2606:4700:3035::ac43:c0e6
2606:4700:3037::ac43:a12f
2606:4700:3038::6815:ea37
2606:4700::6810:125e
2606:4700::6811:661
2606:4700::6811:ce4f
2606:4700::6812:14b4
2606:4700::6812:1634
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:803::200a
2a00:1450:4001:809::2006
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2004
2a00:1450:4001:812::2003
2a00:1450:4001:812::2016
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2008
2a02:2638::1c
2a02:2638::3
2a02:26f0:6c00:296::25ea
2a02:26f0:6c00::210:ba11
2a02:26f0:6c00::210:bb22
3.127.209.187
3.220.31.25
34.200.155.146
34.255.54.140
34.98.64.218
35.157.240.53
35.167.194.245
35.244.174.68
37.252.173.62
51.161.92.183
52.211.218.251
52.70.96.75
54.187.119.242
54.81.135.237
69.173.151.100
70.42.32.127
74.119.119.150
76.223.111.18
89.187.169.47
99.80.164.0
000e93badb3626183cb9302710ef294e8e2c904e5775caeb435587baf0994c95
0423d4ef57f29acb7a710aa87d0652e1272ec8ae1d2105d0f87dcd744e263847
04d16a4678b667182d1705aa061109e59f2effaf886b1cb6564b80b4a5b7b861
0985da82ccdc18d43f21767b56b9d399a2199213bf1b16a0800fb359ebf082a7
09beb243bc525f7408a734441a247a66b49e2dfec0c93c408a481d032f28da7f
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ec5dddd968957faac72de4f8937dbbe564403e379cd293852f2e9110117fd80
135ddf3be68cbef0e9cceae5236cc19c7d000626bfb1eeb22f2848b16bc956d5
18ad35e38621a05c5ccfbc72f34228b56ede8f702f2637e4319993af18930998
19688e9d9d52d558cac1f2b17bcfca69905c0bfb678531bbfb208912110eb5df
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
19bd09a46cd5735572bec1a138df1d0c1d408767e59c890581a417bdfcd29b25
1ce9221782513d3845a3a5b77d37ab8ec9d39ee1e7fb585f638530d9e1406e0a
1f61724b0bacc9702251ea70613bd8765bd880591dc18542d1ebc7491f7d4b2f
219d55b0a442e35619d798a9cb86c13c8d266a52b7d57da0454b9fcaff4ba0a5
232c74c685722aebd899fad3b7d35f72e2388d07bcbaeac2c6736d5ec914db74
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
2858677c804dd9b1aa29bd4074c32cd05b69efb52e1d3237bbf6823ab81ca7ae
28a367ad31b0c6d2f4f3811be3a1b0f222edf79f01e4908a92dd0cac1ce781b7
298375a6aad6c061fdc30efc6a888fa72e74ba70a783ed54cffd361bb85a8d9c
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2b8978faf7eed6722bd148468c7f5f6a9cedfabbd4282652d0e7629222a79c55
2c41038e03265a32ad8514c3f33613e118c518ce073d8664c949320db812ed52
2c7520a69a964496388ef6a3e458f81520ec71be0a0ad2921f44e5ab27dd8774
2cb26ba8466692013b851804e166293acdc65b9282524aea0109e4b15f80da96
2ce52e71de9cc9b738b21da87e2bc54efd4d4838896209eff6f5fa527c235bf9
2dddee4c43ef19390c3a24a21c2b4bd293d98de6c375b2f22bbc273d09aae3d2
2fe8f6af40e88b5e53e6fa8a94b4d9ef22c670c6700e8380a9dcfe6bb7291a62
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
352b29ef9e282df7984ac8fc8f6de02c8568a1f54f7476670c6703044f558d36
358f9298ddae494bfe9c1d804bcaeaf40c9447ce40f92c138719744421906c89
35af9a27f80bffb6417fa2de898eb862ffb73c5294eaae895326c1e9065dc898
35b78d910acf249b52bc249132f01ddb13a48ac44a5fb7d33ce1ee2ba669d55a
3697e3d917558effa3f5954febde4851eaedce36c31ba854ef067187c875829e
37bfda3c0c864b494a99c32cd4ad3c6743120bb9b619685c553ceda63ae06a8d
39246f8765241fdc8a3609f458a6d5778a8f80e84f4ba3d5ab6fb918d0686637
3a2ef7f9d5e2367c3eab4c00d3176681ce5cb08165c93b923ae1af79dd338ca0
3a8ff2bfb19b26a3a78fc00836753ee76bbdfdad6261861e28dc3c8cc394881c
3c14d03c22a3efff598e04e7c02c14e6517e98d32156fd9601683997e7ff81cc
3e115db586cb8af4f7295eff8bebaf5da24bf3568764c9b63ba8a047e09625d1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e43cc1d04dd927b53e589be9261549e529ad72cb5c14241bad2c7a234345d7c
3f05db6aee4045654ed90e8a6f87e7d703f326ede4af5e72737a30463b572b76
3f0761c93cc380765235624ae5cf89909f4cc7d1811b9d4e8cf82f928ec1d324
3f45e784f99c68c16018fea1b2bdb6aca693cf80c5a89d90666f38480b4e61ca
41a71c9780ed50d3ff378bd2bbd586fd4abf53dc96b46c62dd17c1123dd11b0a
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42ea5536b0636eb2350fe15c40a03709b787ccc703ae2be90b48d2fb76bd9856
436ffab971d8583a8b6f381a5982ccb1e50a565417e677e2a30af42807fe604a
43a2da152319c12198c459a9909de60b9ccf8eae977e6023da25565ce133f45e
43af1fa52c4f677a1d92cd0602e06b67de6f62cc8d63cb1e7336906cff63fd81
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
442035f71c10d96bf7fa6efe89aca7705495cfc40909bb70ad22fc4a9c091781
447f7cbdbdaf9a9e2aa1b6f4c92bd2db6885bc4a4eab23ad0ea69d6f426c5cb7
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
452e236eb929e43213926695c66e53e6d37b0453a4938754a3b6b2c9475414b7
458692a3d91886d83b287a433c5b536bb7aadf55de38d91b53e6915cbf90543b
485c6f41a2d2496161238f7ecdfc07355e14f46798febe3919537c7ef735919a
48b63a86dbf057c0dfe41a58fb4df58c6a5739b61fdc3f3dc99fa8558aca2428
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b
4a80ca7e45929459010d4813ace7e0fb724a44f739e7d9f615057bea9f0573b1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c3adb86cfa340f1bc98bc36d09dd5d1aad7590641f4fcf893328d1e9da6b7f0
4c66642179d9eb50a18dc0356926b6d045f7ecfaccb66a0dc7dfbf398ee06c78
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
531f301668ee7111b426e6153575cd0b3ad3f6f5a608040f37a7f85df0b1fb4e
5445b3f775e66a08a1554e0e59e78ec31bac411ec2761b9cf3e992916255a803
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5588e70845a78f7e4eb2520630ba8c7640cc4c08140bd3cdd4361558d7a0f7d2
56991a2d7d45bd8a267d4ff5f16de8983c51901c50caccfaa4b1e9ee2da45fdd
57487b63a88922427ffe1f85fae766e1b7869e41f644695b667d819df4b689c3
5843ed3527bc1e0e105b4e4b15fbbff78c6d44efa024e2ae4a08a0e8c82e5d4c
585973c00dd84bc11b7e79d718d1e1f26a5a41db9766f175f812cd24e2860897
5945be7c51c12e0a1066a37a45cb91e8a3f31341826c9e95369ccbcd115d94fa
5bf26f137ec7b4c5ac45b9436148fe0017201732659c163841bbcb7fcaf04853
5d7560c8b33f798d429fa0e84d88e11aff034ec7ab72a758d3ed52fc9b285a18
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
5fdd431164083bc93ddc3a108b2cf12e939dbd75018410f851da642d410f895c
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6072a3994e1df5ddbf6eba5621930805c95cc0f3a27d9ffa62d440f81c3c3bb9
61bcb49e0e5eeb7c6756111054b15c9e9b8d3917396573a73165060b6319ad13
638ba25a2d7569d19baf5e3a26b5f3427f450a5547957fdfbe75f2976a041d1e
64c4990ff050aa54a5b8d156e98888ee541111d8ee19902812643981c1ef520d
65d18f4ff4f91588c6f982c7c3406c528ba9b1a5ff1cad205f85b3f6d2045401
65ee53e3811cb0fa507afda499bd12321a6d424e723626a8372fcd71caaf2923
674c54a80e8101724b4f692785cc009918c079cc7fc313cd3a4e545bb677ebe6
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67f95083b1a9b454edfb246c56f8e5f5a090d2443506198f921829253971ffd3
68685d1fa84322a42413024bc6792ae3d97f4daf63a881fea3502895c6d0a416
688be2f424e60178801b24c2e81b5fd6e73a94f15355946d444e6dea987618f3
68fed142b211b51c4d2e9b610dd4d09bc4812739b5beaa63535d88e38e90a946
69bf0e8b906adbf76c8847fd208a6c25ef4f2d4ad6dd1613ca6d2a4e91f1890d
6a78b43ec005d899f44d443fc2cc382d7bdd3ea4d2647aeee8884054ed5a0e8c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
6b669821b43d99d2c6a8eac812b9c57377e4646719030a9f27355d5023acf719
6b79dedcd9e48e0977603301bb9dd2809400389cc0978578e6001c91dfaec993
6ba28aa206fe515a3b0ab9739ee5c5191644a6ea6ff85b8bf4fc5edbf154cb3e
6cdefb09aa8ed6fcfcb5ee50239a85d38f1a700653ce9f0420878508c07925ea
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6e87f9fea22bfe6bd6f115fbd6c37eee7d0741ca1b61a7079ec0b87e2ef18e85
73d658daa32915eaf0771ba48e7d619da21030ce7108e5f1e25932f685ebf3ec
7470e23afe8b590dbe5a5350a2ebd6593b4d652f5b49399b94eae371bd9d8264
74bd1062da373eabae4c6bb2e0da3831272ca2b25ac3a19649b65dd188bd5fe8
759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62
75f178f77629054e2a812e7a490749e9cbdbb6e7389fe823703fce196f43b11e
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81
7a7249a1f634a0ecfc772e774a158a0ab74c354609558c382b130bf37a91b346
7ae979524c72d4dddb9eb671d8fd41c8e46b0df00111d65cc421ffd54e92f26c
7b0a6ade825ec2aef7d070918358e485c0c8690e15c8bd542f660664c362a616
7d98f374ed7e23d2e1b7a8c0d8d8f1ba3ca616cf1a34bbfc6b9cbdf7edfc8a7d
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
80ad2515a632f3ba0837f6f54a10919e138694e485e0d93516e79dd4f93293cb
81d4b4f24fb3f8b129fb7af486e3f70658e8a86dc82c9e1c190e07045085dd0b
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
84d62b519d048a9b094ad6ba3d5632ebc193ed4b1725fca7e4322668b068a3a5
85a2384595926a0d1306834e955dceff74b539d22f78e06a276c3c6c5d8a09cc
87608a8dea58460e4b38f3445a737f999eb6a62dee361be55e06625d505c4e5c
8796e1b1f79080cbb8112a0cf3d1d6cb6ff8dd4b096a323b1486d1702f41020d
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8951d0251b2da3fac33b1b143bc7e037c86dffcd45b0dcb0dd04549709c5a259
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bd4a9f952e5929601bd170da52e68f0e6313e954091cd5a87c10fdda17979e9
8cfda587b6ff4d82ce74e7c3a139112bc6b0a7a3b5a5bd632a8626aefdbd1409
8f63a8046717a7cd1f9e5b3b8b47b2d3cb7bf1b707a505766bad48da80eee67f
8f6e01983ff5ec719afd2a44a3fbcad69ec8c8182bf6cd3d4213389732991095
911cedca4de02342bd10e87598103fccdb14b5965a91a4b21a1310082e8f9076
91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21
938e3e20c94051c714c276b047eab4adbe5b771c62bb45b95f1d8d3a75331021
94bc5af79ea99205d32fc0d2a73684cbd9ff4715249bd2e3f0137f798c7828f5
97ff2c8409d7e79057a474aea4113aa26d49bd8a805a257ca3e71366f1ae4589
980a26bd7cee6bd580c152a21b014817b94f702a0355cb6b7bd9acd137b8a25a
9941b03296572d472f2626686ab783c34eb1d7b87bc57aeab62d0d02b4a93266
997bec119f3b06459fdcc30db3be356ab3363410af61ba01c12bac6d055c7804
9a2f5170e220b04696e924807efec37215a932d0c6862d23aad231cf5d724a5f
9b4489e8399daf86985372967ecc91c13f6eaa955aeaed2d50270d28225bd5e0
9d9f8ace2331bb85ead119f0ca083ec82d50eb73beab3e738f88ad1c74525f06
9f4501c6e024ec5ecc8ec86d5a09b9e603e226ab83149c8f481708bffcbd3f8e
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11c788458e98c99a1a1f38b4f6c07260f31e4e382a25a24d062c1a4e5dd3aea
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1fddf4d5fec5f577b977db5c16c6582c1768324262382650fce903a37d73ab6
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a62e2f770838fc7f8d4708a5e27fc496c9928f0767ea4c6c17958e335de24be4
a813d054cb6a81a06d99b09522ce055245f9fe1e22967e2a7eeecccefc0bc665
a8420247bcd42facb01542f3b4560859531da5de681cb5c7a3cb665a572cfefd
a964dfd18d7e78a1c45e9f4b60e4090c5f33c6633694872d629547ca3b1d2b7b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aab703f193cae7b4772ab108fb1d86a32358555c097b7701b4b48a9c70049c0b
ab59b1ab6cc029da3bac5141e8f11980854466ff57b2be6109cdd40a491cc277
abedc9bbc41385de00656cb65f1455b28c538a1f96425619f2f4e03b1e990e7c
ac9c76359aed5260993e3f6626dff2cbcea1e8110fb442b1c6f6a752ae975f5c
adfb8ca1967444db58f13ae76e98aaae549e0e3baf2c276caa36f68d6155740d
aeb8be443d15d89fe2d2200d261cec21470952b0d7799d821f435778036eb0d6
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b278a9cc7ce454987aeef433435b4729971f9ca2812e9ba8879bb3ab39353dc4
b54d20ab40591e93a610d8817912222c29f38f2083b7ac6ea70b128507558315
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b76ffa9ec8fc1d4d4c76cafcbc553b96f50bfb939d6b2114a78037dd170697e3
b902f36d6cc67f5274d0b3af4d1e1db34a6c71a3de93ff25d8da2d4040005171
b909ba3f68d54f87ebf0356c665ab74ae0024e0e5ff3c3fbb9e25293f3500898
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc4778fe383942bc1f38ac5bda189a0c15783f3d51ac8c8e5ee83108dd152683
bc79d5f36badeb299e770c10eb24c43088005cb12971346463daea56aaed0391
bd14a6dddb1f04c09ec74fa2cb7da24d2d34d95291ec2855da3a88ddc9e5b3a1
c100ebbbb34b73f2c4672e3130019d5f3f7de3129332578f7094c9ff36dc69bc
c203d1249b1decc01d2cbc954e54adb658fc9a44ef0681502210d50d91832707
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c43c9a9fc605deeb17d53e33ed9b1fbb2aa9fd845d55d91bf6641a7778be7e35
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c76fad26c9a58db698fd234d82e9deb7cd7034aea9462c45357174594aad1ba3
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb8dfe31c1772278d6e6c6237aa0bdf1d686bf1464cc3c40ed925c6193ec62f1
cc522beed4b205cbd6cfea53a308f2d1b1d5377973ea09b7e14e32832b9f0b9c
cdb88ed8b08973ffde9d9b5b89b7cdb1d7b40969ec52901acf3148e3f74e8ef2
cdbdd4eb73a277bcbf241221bed8c3b7b444eb2024f3f6f16a8673169edc3e00
d1ebd6170ff87a060b59dd88028270514fae65352599f3e27c287130d49ff9ee
d29172f2fb05b6bf32998d8021bb10e09f6d7561c7580c64aeff95624d36ec10
d32c1f2bb336b8133c77136240970713f8a160de0a1a61babf6e7c7d8a251439
d5f90d562a7a85c5cff7b8fc6190ee9e5fea65a896f45ac9790134659560f622
d63a1ba9cb9aeb58cba4adb0793451c4a4c830300cb946d96b69592524f77475
d63cab8dd9c99c89c84113d2139db1fc13b4dd0f8b0e62eb15ea3e64a37904e5
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d98637a1c12b32b467e6238367e35c66a1af6ee1d7cf1ec86fa8762b5e613fe3
d9f9bd83e9f6cf0298b1acb1c5e464426f92ecc9e24064ba11ba3205602fdc0f
dabcf5ba4a4e23f5fd3d8ab8f8f837589b482031c55133e98b9d15cc570130cb
db3d7cca43f18907ca60fbe5e15a2c8ef50942f78e8cff7db3c4ff296137d89a
dc1f81962975fa38dcbd3ffd82822ccbc2c6737f14ff9fa7b3770fdf0cd92f91
dcbdbc61b2c7efef6a4ed1a24bfcb9353f8afaa4ac70394f9b407e3b3bcab00d
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df33806df3d2a449ea32154f3da5985ca8e7df1c2341bafed46347577faadc8e
dfb416f542c3ed137ea4e44f1bf97101652d271887060f5d971bdfedd20aadda
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e0e89eab313aa1fbab7b18eb43b8783b24d0ceef5bcbcaf9609d8207daaad54e
e29f8ea47a8fa583bad13819fe4954cd827edb852742fe533f3352fabe083956
e2f13665e8ba61f667b58de7b04ac6e7bcb8f2095933fa301675fc0abc5bae66
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5399697f8d75c5763a9ec0f8e739c08ec1c6898c9bbf53a3f212bc935e0b500
e8e9fa3e6c415f7fbf3cf8de366eebd0357a2a8345ae13db9c4cfe02f86ce303
ebd665d12fafd384e3a9d3ec3f6bef1d2004feaf93723a9968bca9700d0d6f3f
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ec82a71992aa64b77ec2a84f76fec382a34505cda562bb2497a7dda603d3d024
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f46352a414ffc31b3d48eb8261f9ab8163ed296bca542ca077263ec37fdde92d
fa654c1b25f1dae724626b9c50b6f709feb3144f63763cbccb830e176279fb0c
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fdd4dfc8ac108d5ab8f4f7d3083621c2c1c6986a2056d5aca70a2120329eed54
ff45e2da2449c5191385f6412bcd621590a8503050887866354d077a48443adc