profitablemessages.com Open in urlscan Pro
2a02:4780:23:c4e6:96df:5527:f682:4841 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/?rtkcid=&rtkcmpid=&utm_source=facebook&utm_campaign=MR_EN_(Paramet...
Submission: On January 16 via manual (January 16th 2024, 4:24:15 pm UTC) from US — Scanned from DE

Summary HTTP 119 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 21 domains to perform 119 HTTP transactions. The main IP is 2a02:4780:23:c4e6:96df:5527:f682:4841, located in Meppel, Netherlands and belongs to AS-HOSTINGER, CY. The main domain is profitablemessages.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on December 6th 2023. Valid for: 3 months.

This is the only time profitablemessages.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2a02:4780:23:... 2a02:4780:23:c4e6:96df:5527:f682:4841	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
3	37.48.87.182 37.48.87.182	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	18.245.60.106 18.245.60.106	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.237.33.51 178.237.33.51	8455 (ATOM86-AS...) (ATOM86-AS ATOM86)
2	100.24.80.31 100.24.80.31	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.224.103.117 13.224.103.117	16509 (AMAZON-02) (AMAZON-02)
24	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
13	2a02:26f0:480... 2a02:26f0:480:f::213:7ee2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e4:... 2606:4700:e4::ac40:a407	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.1.105.221 52.1.105.221	14618 (AMAZON-AES) (AMAZON-AES)
2	3.93.115.181 3.93.115.181	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2016	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	34.199.85.45 34.199.85.45	14618 (AMAZON-AES) (AMAZON-AES)
1	52.204.167.57 52.204.167.57	14618 (AMAZON-AES) (AMAZON-AES)
119	32

5 2a02:4780:23:c4e6:96df:5527:f682:4841 (Meppel, Netherlands)

ASN47583 (AS-HOSTINGER, CY)

profitablemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.48.87.182 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rfwzx.rdtk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-106.fra60.r.cloudfront.net

images.converteai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.237.33.51 (Netherlands)

ASN8455 (ATOM86-AS ATOM86, NL)

ssl.geoplugin.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 100.24.80.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-80-31.compute-1.amazonaws.com

launcher.hotmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.103.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-117.zrh50.r.cloudfront.net

scripts.converteai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:26f0:480:f::213:7ee2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.converteai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e4::ac40:a407 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.1.105.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-105-221.compute-1.amazonaws.com

a.vturb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.93.115.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-115-181.compute-1.amazonaws.com

api.vturb.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.199.85.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-85-45.compute-1.amazonaws.com

identification.hotmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.204.167.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-167-57.compute-1.amazonaws.com

tracking-api.hotmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	youtube.com www.youtube.com — Cisco Umbrella Rank: 75	3 MB
15	converteai.net images.converteai.net — Cisco Umbrella Rank: 151895 scripts.converteai.net — Cisco Umbrella Rank: 148564 cdn.converteai.net — Cisco Umbrella Rank: 112596	2 MB
13	gstatic.com fonts.gstatic.com www.gstatic.com	173 KB
13	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 jnn-pa.googleapis.com — Cisco Umbrella Rank: 220	122 KB
11	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 static.doubleclick.net — Cisco Umbrella Rank: 263	2 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2	59 KB
5	hotmart.com launcher.hotmart.com — Cisco Umbrella Rank: 198232 identification.hotmart.com — Cisco Umbrella Rank: 212793 tracking-api.hotmart.com — Cisco Umbrella Rank: 76794	9 KB
5	profitablemessages.com profitablemessages.com	284 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1448 ka-f.fontawesome.com — Cisco Umbrella Rank: 3140	24 KB
3	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 93	8 KB
3	rdtk.io rfwzx.rdtk.io	5 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	217 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	216 B
2	vturb.com.br api.vturb.com.br — Cisco Umbrella Rank: 148378	133 B
2	vturb.net a.vturb.net — Cisco Umbrella Rank: 125593
2	google.de www.google.de — Cisco Umbrella Rank: 6518	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	92 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	41 KB
1	geoplugin.net ssl.geoplugin.net — Cisco Umbrella Rank: 42436	806 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	30 KB
119	21

	Domain	Requested by
24	www.youtube.com	profitablemessages.com www.youtube.com
13	cdn.converteai.net	scripts.converteai.net cdn.converteai.net
12	jnn-pa.googleapis.com	www.youtube.com
7	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
6	www.gstatic.com	www.youtube.com www.gstatic.com
6	googleads.g.doubleclick.net	3 redirects www.youtube.com
5	profitablemessages.com	profitablemessages.com
4	www.google.com	profitablemessages.com www.youtube.com
3	i.ytimg.com	www.youtube.com
3	static.doubleclick.net	www.youtube.com
3	ka-f.fontawesome.com	kit.fontawesome.com
3	rfwzx.rdtk.io	profitablemessages.com rfwzx.rdtk.io
3	www.googletagmanager.com	profitablemessages.com www.googletagmanager.com
2	identification.hotmart.com	launcher.hotmart.com profitablemessages.com
2	www.facebook.com	profitablemessages.com
2	api.vturb.com.br	cdn.converteai.net
2	a.vturb.net	cdn.converteai.net
2	www.google.de	profitablemessages.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	profitablemessages.com connect.facebook.net
2	launcher.hotmart.com	profitablemessages.com launcher.hotmart.com
2	cdn.jsdelivr.net	profitablemessages.com
1	tracking-api.hotmart.com	launcher.hotmart.com
1	region1.analytics.google.com	www.googletagmanager.com
1	scripts.converteai.net	profitablemessages.com
1	ssl.geoplugin.net	profitablemessages.com
1	kit.fontawesome.com	profitablemessages.com
1	code.jquery.com	profitablemessages.com
1	images.converteai.net	profitablemessages.com
1	fonts.googleapis.com	profitablemessages.com
119	31

This site contains links to these domains. Also see Links.

Domain
vturb.com
rfwzx.rdtk.io

Subject Issuer	Validity	Valid
profitablemessages.com ZeroSSL RSA Domain Secure Site CA	`2023-12-06` - `2024-03-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.rdtk.io GoGetSSL RSA DV CA	`2023-07-19` - `2024-07-19`	a year	crt.sh
*.converteai.net Amazon RSA 2048 M01	`2023-08-21` - `2024-09-18`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
ssl.geoplugin.net Sectigo RSA Domain Validation Secure Server CA	`2023-04-14` - `2024-04-21`	a year	crt.sh
data.hotmart.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-25` - `2024-01-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
converteai.net R3	`2023-12-14` - `2024-03-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.vturb.net Amazon RSA 2048 M02	`2024-01-14` - `2025-02-12`	a year	crt.sh
*.vturb.com.br Amazon RSA 2048 M03	`2023-10-20` - `2024-11-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/?rtkcid=&rtkcmpid=&utm_source=facebook&utm_campaign=MR_EN_(Parametro)_I35_N00354&sub1=120203840597300577&sub2=120203840597230577&sub3=120203840597480577&sub4=I35&sub5=Feirao_MR_I35%20%E2%80%94%20C%C3%B3pia%20%E2%80%94%20C%C3%B3pia&sub6=&sub7=Facebook_Mobile_Reels&sub8=fb&fbclid=IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w&cmpid=&utm_medium=paid&mk=t777
Frame ID: 3C7C5B355249BBE9BA62019E8E23215B
Requests: 59 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Uln6u4B2Zsk
Frame ID: BFBFF188FFFEA891270DBFD95BE797C1
Requests: 18 HTTP requests in this frame

Frame: https://www.youtube.com/embed/OyZmkGrVbeY
Frame ID: 479A683E3B734879326E46B844D313E2
Requests: 18 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ELiCpkHV968
Frame ID: 83B4B13A0CD076E3A465A62604C910EC
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New Profession

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

119
Requests

96 %
HTTPS

71 %
IPv6

21
Domains

31
Subdomains

32
IPs

4
Countries

6404 kB
Transfer

15541 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://vturb.com/?via=player
Title: Powered by Vturb

Search URL Search Domain Scan URL

URL: https://rfwzx.rdtk.io/click?clickid=65a6ada9dc3a8c000136ac51&rtkck=1705422249&rtkcid=&rtkcmpid=&utm_source=facebook&utm_campaign=MR_EN_%28Parametro%29_I35_N00354&sub1=120203840597300577&sub2=120203840597230577&sub3=120203840597480577&sub4=I35&sub5=Feirao_MR_I35+%E2%80%94+C%C3%B3pia+%E2%80%94+C%C3%B3pia&sub6=&sub7=Facebook_Mobile_Reels&sub8=fb&fbclid=IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w&cmpid=&utm_medium=paid&mk=t777
Title: I WANT ACCESS TO THE APP!

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 71

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 73

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

119 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/ 25 KB
8 KB 1545ms
1304ms Document
text/html 2a02:4780:23:c4e6:96df:5527:f682:4841
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/?rtkcid=&rtkcmpid=&utm_source=facebook&utm_campaign=MR_EN_(Parametro)_I35_N00354&sub1=120203840597300577&sub2=120203840597230577&sub3=120203840597480577&sub4=I35&sub5=Feirao_MR_I35%20%E2%80%94%20C%C3%B3pia%20%E2%80%94%20C%C3%B3pia&sub6=&sub7=Facebook_Mobile_Reels&sub8=fb&fbclid=IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w&cmpid=&utm_medium=paid&mk=t777

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:23:c4e6:96df:5527:f682:4841 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn / PHP/8.1.18

Resource Hash

0a374b07268710cf82e1419f638ae6343024d46a69e7425cfc64f1ab196eff4b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-length: 7524
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 16 Jan 2024 16:24:08 GMT
platform: hostinger
server: hcdn
x-hcdn-cache-status: BYPASS
x-hcdn-request-id: d98f868dc2bdc4285ef41ab02c1178b7-srv-edge1
x-hcdn-upstream-rt: 1.290
x-powered-by: PHP/8.1.18
x-turbo-charged-by: LiteSpeed

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 41ms
21ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;500;800&display=swap

Requested by

Host: profitablemessages.com
URL: https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/?rtkcid=&rtkcmpid=&utm_source=facebook&utm_campaign=MR_EN_(Parametro)_I35_N00354&sub1=120203840597300577&sub2=120203840597230577&sub3=120203840597480577&sub4=I35&sub5=Feirao_MR_I35%20%E2%80%94%20C%C3%B3pia%20%E2%80%94%20C%C3%B3pia&sub6=&sub7=Facebook_Mobile_Reels&sub8=fb&fbclid=IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w&cmpid=&utm_medium=paid&mk=t777

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5734fb2f9ed95c5e57e0700c3caf47c3131af31d8a5ca82d6833042856603e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 16:24:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 16:24:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 16:24:08 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ 158 KB
25 KB 36ms
19ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://profitablemessages.com/
Origin: https://profitablemessages.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5669428
x-jsd-version: 4.6.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZkeKhuBfKS5LCRD7ZFwQi303hiNPM4bqRcKLLG0iN%2BVa4qr19%2Fw0PRl5gmXjOoh0Qvnk94wwHz57ICDEt14C7etTVFUlf2%2FNZ9uMrSFIV2TfP8wMEAiseCqC%2Fp%2FM%2FKrirrRrSdk%2FdIWZX5vMO0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8467b4fcb921bbc2-FRA

GET
H2 200 estilos.css
profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/css/ 5 KB
2 KB 918ms
917ms Stylesheet
text/css 2a02:4780:23:c4e6:96df:5527:f682:4841
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/css/estilos.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:23:c4e6:96df:5527:f682:4841 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

d8831773afec368b8ed1ee209c87989b7a1c185d0439284667aa1b03c8003e67

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/?rtkcid=&rtkcmpid=&utm_source=facebook&utm_campaign=MR_EN_(Parametro)_I35_N00354&sub1=120203840597300577&sub2=120203840597230577&sub3=120203840597480577&sub4=I35&sub5=Feirao_MR_I35%20%E2%80%94%20C%C3%B3pia%20%E2%80%94%20C%C3%B3pia&sub6=&sub7=Facebook_Mobile_Reels&sub8=fb&fbclid=IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w&cmpid=&utm_medium=paid&mk=t777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 1144
x-hcdn-cache-status: BYPASS
last-modified: Thu, 14 Dec 2023 12:56:51 GMT
server: hcdn
etag: "146d-657afb93-492eb49db7815dc8;br"
x-hcdn-request-id: 863082f0e8ff3fa2cca1223f0eb1361e-srv-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.903
accept-ranges: bytes
platform: hostinger
expires: Tue, 23 Jan 2024 16:24:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 41ms
20ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-238176933-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35564730d6ade1c97240c67118d504b70a3125c6be35012ab9a35bd033503351

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69395
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Jan 2024 16:24:09 GMT

GET
H/1.1 200
OK track.js Show response
rfwzx.rdtk.io/ 4 KB
4 KB 120ms
14ms Script
text/plain 37.48.87.182
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://rfwzx.rdtk.io/track.js?rtkcmpid=65777478c0699800014479e8
Requested by: Host: profitablemessages.com
URL: https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/?rtkcid=&rtkcmpid=&utm_source=facebook&utm_campaign=MR_EN_(Parametro)_I35_N00354&sub1=120203840597300577&sub2=120203840597230577&sub3=120203840597480577&sub4=I35&sub5=Feirao_MR_I35%20%E2%80%94%20C%C3%B3pia%20%E2%80%94%20C%C3%B3pia&sub6=&sub7=Facebook_Mobile_Reels&sub8=fb&fbclid=IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w&cmpid=&utm_medium=paid&mk=t777
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 37.48.87.182 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 8c477b9cb71d32b1d91172001f72c232cbd72f5ca14f4bf50ba8622cf2fc34de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 16:24:08 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 thumbnail.jpg
images.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/players/657781c70bb9f400092acc20/ 2 KB
2 KB 62ms
7ms Image
image/jpeg 18.245.60.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/players/657781c70bb9f400092acc20/thumbnail.jpg
Requested by: Host: profitablemessages.com
URL: https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/?rtkcid=&rtkcmpid=&utm_source=facebook&utm_campaign=MR_EN_(Parametro)_I35_N00354&sub1=120203840597300577&sub2=120203840597230577&sub3=120203840597480577&sub4=I35&sub5=Feirao_MR_I35%20%E2%80%94%20C%C3%B3pia%20%E2%80%94%20C%C3%B3pia&sub6=&sub7=Facebook_Mobile_Reels&sub8=fb&fbclid=IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w&cmpid=&utm_medium=paid&mk=t777
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-106.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ed0d8441dc34824a1e7361cc202eb6e51fdf037e687bd521efcf95e47c1995e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:54:27 GMT
via: 1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 21:40:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 1881
x-amz-server-side-encryption: AES256
etag: "7ea2c2fdd99c51721d90facf8f5e53cf"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 1614
x-amz-cf-id: 2Tp3u9QAUozM9Ilq5Sl5-Lx3W6oJA6zkPeosVgJyCh5Hh_APCFjOlQ==

GET
H2 200 WHATS-pr6nlx5jc77wlk2x4ihfswe7pywf9tbp8elqgqfyrk.webp
profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/imagens/ 5 KB
6 KB 1168ms
1168ms Image
image/webp 2a02:4780:23:c4e6:96df:5527:f682:4841
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/imagens/WHATS-pr6nlx5jc77wlk2x4ihfswe7pywf9tbp8elqgqfyrk.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:23:c4e6:96df:5527:f682:4841 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

9d1879730d401c98086be7ffb18ac6b785cb4bab2fb5e5ffb4eec082460bb4aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/?rtkcid=&rtkcmpid=&utm_source=facebook&utm_campaign=MR_EN_(Parametro)_I35_N00354&sub1=120203840597300577&sub2=120203840597230577&sub3=120203840597480577&sub4=I35&sub5=Feirao_MR_I35%20%E2%80%94%20C%C3%B3pia%20%E2%80%94%20C%C3%B3pia&sub6=&sub7=Facebook_Mobile_Reels&sub8=fb&fbclid=IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w&cmpid=&utm_medium=paid&mk=t777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 5424
x-hcdn-cache-status: BYPASS
last-modified: Thu, 14 Dec 2023 12:56:51 GMT
server: hcdn
etag: "1530-657afb93-52b2862c5a09a804;;;"
x-hcdn-request-id: 1969e80e9c6a25343ab5e5c5c38b19e7-srv-edge1
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 1.154
accept-ranges: bytes
platform: hostinger
expires: Tue, 23 Jan 2024 16:24:09 GMT

GET
H3 200 73-733815_30-day-money-back-guarantee-icon-30-day-150x150-1.png
profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/imagens/ 16 KB
17 KB 1122ms
1122ms Image
image/png 2a02:4780:23:c4e6:96df:5527:f682:4841
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/imagens/73-733815_30-day-money-back-guarantee-icon-30-day-150x150-1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:c4e6:96df:5527:f682:4841 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

dff8bb4dd29c6f0999031bd17f8da0c4ce402bd612ba83a06a5b969cd5ee137c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/?rtkcid=&rtkcmpid=&utm_source=facebook&utm_campaign=MR_EN_(Parametro)_I35_N00354&sub1=120203840597300577&sub2=120203840597230577&sub3=120203840597480577&sub4=I35&sub5=Feirao_MR_I35%20%E2%80%94%20C%C3%B3pia%20%E2%80%94%20C%C3%B3pia&sub6=&sub7=Facebook_Mobile_Reels&sub8=fb&fbclid=IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w&cmpid=&utm_medium=paid&mk=t777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 16861
x-hcdn-cache-status: BYPASS
last-modified: Thu, 14 Dec 2023 12:56:51 GMT
server: hcdn
etag: "41dd-657afb93-bdb63fbd702e6b8a;;;"
x-hcdn-request-id: 616541be612408b0ee39bc0d013da8a7-srv-edge1
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 1.099
accept-ranges: bytes
platform: hostinger
expires: Tue, 23 Jan 2024 16:24:09 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 23ms
6ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: profitablemessages.com
URL: https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/?rtkcid=&rtkcmpid=&utm_source=facebook&utm_campaign=MR_EN_(Parametro)_I35_N00354&sub1=120203840597300577&sub2=120203840597230577&sub3=120203840597480577&sub4=I35&sub5=Feirao_MR_I35%20%E2%80%94%20C%C3%B3pia%20%E2%80%94%20C%C3%B3pia&sub6=&sub7=Facebook_Mobile_Reels&sub8=fb&fbclid=IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w&cmpid=&utm_medium=paid&mk=t777
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4819632
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-fra-etou8220095-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1705422249.354434,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 4, 316244

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 62 KB
16 KB 19ms
17ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://profitablemessages.com/
Origin: https://profitablemessages.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5840454
x-jsd-version: 4.6.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230075-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"f7eb-O+7WjtfXU8a/T2HCY4bd15KboDA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3KrNRXD2rAk0TZ3qzQrD6CSy8c9%2FnRPFmgDk%2F33Om13xpRbEPWSa3JhyudmQzEjovBCsTmMU8PkqqkRigxUpKP0BSwJzkMQu9PCUukxWYCPDL4G5ZGUZ51tHaUbwwWUTewNLhNXyDbszdatq2w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8467b5026fecbbc2-FRA

GET
H2 200 c16a16eb1d.js Show response
kit.fontawesome.com/ 12 KB
5 KB 163ms
145ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/c16a16eb1d.js
Requested by: Host: profitablemessages.com
URL: https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/?rtkcid=&rtkcmpid=&utm_source=facebook&utm_campaign=MR_EN_(Parametro)_I35_N00354&sub1=120203840597300577&sub2=120203840597230577&sub3=120203840597480577&sub4=I35&sub5=Feirao_MR_I35%20%E2%80%94%20C%C3%B3pia%20%E2%80%94%20C%C3%B3pia&sub6=&sub7=Facebook_Mobile_Reels&sub8=fb&fbclid=IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w&cmpid=&utm_medium=paid&mk=t777
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f56fa6f3601bd0417d8794864cfaff1ef020396aadcc93377e5bbbe81cf9dfae

Request headers

Referer: https://profitablemessages.com/
Origin: https://profitablemessages.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8467b5027fb203e4-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F58r8uqBiExsqs8A64vC

GET
H/1.1 200
OK javascript.gp Show response
ssl.geoplugin.net/ 2 KB
806 B 89ms
15ms Script
application/javascript 178.237.33.51
ATOM86-AS ATOM86

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.geoplugin.net/javascript.gp?k=c9c9adbc57fda145
Requested by: Host: profitablemessages.com
URL: https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/?rtkcid=&rtkcmpid=&utm_source=facebook&utm_campaign=MR_EN_(Parametro)_I35_N00354&sub1=120203840597300577&sub2=120203840597230577&sub3=120203840597480577&sub4=I35&sub5=Feirao_MR_I35%20%E2%80%94%20C%C3%B3pia%20%E2%80%94%20C%C3%B3pia&sub6=&sub7=Facebook_Mobile_Reels&sub8=fb&fbclid=IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w&cmpid=&utm_medium=paid&mk=t777
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.237.33.51 , Netherlands, ASN8455 (ATOM86-AS ATOM86, NL),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 05ac302fdfd88e6b8d94808abea78bad8741d0c4ef117f17368ed81ba6c57c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
content-encoding: gzip
server: Apache/2.4.52 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-length: 529

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 207 KB
69 KB 49ms
28ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WMS86WV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e674b498f4763c49604271b74fcaf160d887414589c8e77dd6caa74269087d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70531
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Jan 2024 16:24:09 GMT

GET
H2 200 launcher.js Show response
launcher.hotmart.com/ 6 KB
3 KB 304ms
96ms Script
application/javascript 100.24.80.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://launcher.hotmart.com/launcher.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.24.80.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-24-80-31.compute-1.amazonaws.com

Software

Resource Hash

1690d9be98a0d0eae94c70bac71dbe9a8ba67fd946fb4f5ef3245d2c09253c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Tue, 16 Jan 2024 16:24:09 GMT
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 2619
x-xss-protection: 1; mode=block
expires: Tue, 16 Jan 2024 16:24:09 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 212 KB
57 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 Jan 2024 16:24:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56915
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: HFj3FUDCVxDInCPJZW+JKn7RXkvSaUmQQgs59XvPr1DaT2uaOpUQadWoqahYkjuqa8pahj4K2dEhV3I6/li3hQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 player.js Show response
scripts.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/players/657781c70bb9f400092acc20/ 8 KB
3 KB 69ms
29ms Script
text/javascript 13.224.103.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/players/657781c70bb9f400092acc20/player.js
Requested by: Host: profitablemessages.com
URL: https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/?rtkcid=&rtkcmpid=&utm_source=facebook&utm_campaign=MR_EN_(Parametro)_I35_N00354&sub1=120203840597300577&sub2=120203840597230577&sub3=120203840597480577&sub4=I35&sub5=Feirao_MR_I35%20%E2%80%94%20C%C3%B3pia%20%E2%80%94%20C%C3%B3pia&sub6=&sub7=Facebook_Mobile_Reels&sub8=fb&fbclid=IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w&cmpid=&utm_medium=paid&mk=t777
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-117.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c60c5ded4c3e600ed2c12cd3c11519f8b8592f3518e27fc9bb4ffbd4fb9a4113

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
content-encoding: br
via: 1.1 cd66c5a89ae3376f15c155e3b52a758c.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 21:40:59 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
age: 2145
x-amz-server-side-encryption: AES256
etag: W/"5e2eceb5ec14e42aec3e5f5df021e6aa"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: g4Yd68Bp6Je-ybl8b1KqGeF50u2IJz462sF9HpS_eztZlHaOJr9Bug==

GET
H2 200 Uln6u4B2Zsk Show response
www.youtube.com/embed/ Frame BFBF 94 KB
40 KB 138ms
116ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Uln6u4B2Zsk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f6c75a7150a6b76b6bbd31bd53d0b00aac853cb980fd1ea6fe9c222c776128f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://profitablemessages.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 16:24:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 OyZmkGrVbeY Show response
www.youtube.com/embed/ Frame 479A 93 KB
40 KB 136ms
115ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/OyZmkGrVbeY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d857e95bfe355202cb59fce959eb68363eeee8d0b2008f7165aa7c775893b8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://profitablemessages.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 16:24:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ELiCpkHV968 Show response
www.youtube.com/embed/ Frame 83B4 93 KB
41 KB 86ms
65ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ELiCpkHV968

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48498dbcf8db1303ad1837cc3275b807f8af0975cbe088f82d311f119b1021df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://profitablemessages.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 16:24:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 hBIMxl1544416.png
profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/imagens/ 252 KB
252 KB 931ms
931ms Image
image/png 2a02:4780:23:c4e6:96df:5527:f682:4841
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/imagens/hBIMxl1544416.png

Requested by

Host: profitablemessages.com
URL: https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/css/estilos.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:23:c4e6:96df:5527:f682:4841 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

1ac0659f1f94674dc49a3a04eef1bfdb0d9577cbc55a6689a84acb8a42146855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/css/estilos.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:10 GMT
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 257770
x-hcdn-cache-status: BYPASS
last-modified: Thu, 14 Dec 2023 12:56:51 GMT
server: hcdn
etag: "3eeea-657afb93-74a7037bc32a7d10;;;"
x-hcdn-request-id: 648adc5247b56b72145f8e3ee89727a9-srv-edge1
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.730
accept-ranges: bytes
platform: hostinger
expires: Tue, 23 Jan 2024 16:24:09 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 33ms
12ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;500;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://profitablemessages.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 17:34:04 GMT
x-content-type-options: nosniff
age: 82205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 17:34:04 GMT

GET
H2 200 174111725532320 Show response
connect.facebook.net/signals/config/ 136 KB
35 KB 218ms
217ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/174111725532320?v=2.9.140&r=stable&domain=profitablemessages.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

706d133e61468bdef584ccaea3c845f92f6b0e447b934c9017c0510ed6aea79a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 Jan 2024 16:24:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: deYZmOlBmTmZ4dI7TzdHkMpblqQfPtC/Q8nk+5dn68ez8t2GM80H11M6sNz94uGmWRAr+qWH061KxBMB75WWMQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 65777478c0699800014479e8 Show response
rfwzx.rdtk.io/ 186 B
1 KB 54ms
28ms XHR
application/json 37.48.87.182
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://rfwzx.rdtk.io/65777478c0699800014479e8?format=json&rtkcid=&rtkcmpid=&utm_source=facebook&utm_campaign=MR_EN_(Parametro)_I35_N00354&sub1=120203840597300577&sub2=120203840597230577&sub3=120203840597480577&sub4=I35&sub5=Feirao_MR_I35%20%E2%80%94%20C%C3%B3pia%20%E2%80%94%20C%C3%B3pia&sub6=&sub7=Facebook_Mobile_Reels&sub8=fb&fbclid=IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w&cmpid=&utm_medium=paid&mk=t777
Requested by: Host: rfwzx.rdtk.io
URL: https://rfwzx.rdtk.io/track.js?rtkcmpid=65777478c0699800014479e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 37.48.87.182 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 76cdac14f001021502098c212c59f713aaf13ddf12cf3c874525fc4fdfcf9b30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 16:24:09 GMT
Server: nginx/1.20.2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 186

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 24ms
22ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JV74G4HYGV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-238176933-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7de1f220853e1db6393150dc7794a9394a31114fd42b424e8936ca253a196115

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81593
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 16:24:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-238176933-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 16 Jan 2024 15:48:13 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2156
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 16 Jan 2024 17:48:13 GMT

GET
H/1.1 200
OK smartplayer.min.js Show response
cdn.converteai.net/lib/js/smartplayer/v1/ 667 KB
175 KB 68ms
7ms Script
text/javascript 2a02:26f0:480:f::213:7ee2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/players/657781c70bb9f400092acc20/player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d22d03d790ee9aae5c0c8bc7cff5e12bb5e94068caed4ffb66fea35482a571a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 16:24:09 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: EWR53-C2
x-amz-server-side-encryption: AES256
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1429301
Content-Length: 178633
Last-Modified: Wed, 10 Jan 2024 20:56:14 GMT
Server: AmazonS3
ETag: W/"e2ac2429198b06e27226b1b3e67afde8"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31034848
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
X-Amz-Cf-Id: 4WKULEnY4lQQ634qTPRVOTFpd9m8wil3jyf8bYcMioGb2EsIuePhCw==

GET
H2 200 www-player.css
www.youtube.com/s/player/80b90bfd/ Frame 83B4 358 KB
47 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ELiCpkHV968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681a187d0cb0a97d9b58ebe82409396f2d4cbb5f797c0de299e4e3f23f8c1724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ELiCpkHV968
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 10:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22465
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47453
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Jan 2025 10:09:44 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 83B4 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ELiCpkHV968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 406633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 83B4 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ELiCpkHV968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 72398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 20:17:31 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame 83B4 52 KB
16 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ELiCpkHV968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3401b7cf66d3054cd4e206cc8eb15fc6526750591846b9947baa655fc940d910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ELiCpkHV968
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:42:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 290483
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16447
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 07:42:46 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/ Frame 83B4 323 KB
97 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ELiCpkHV968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

899192d31cbdaa61c8bab2e4e28c1118b1a2404ea87bc3e4854a53bea37b94ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ELiCpkHV968
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 02:16:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50836
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98905
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Jan 2025 02:16:53 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame 83B4 2 MB
770 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ELiCpkHV968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b41e9d926f671cea3deb26ad3ddb93ae28ba5eca5f299bea5a59b482fee3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ELiCpkHV968
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 13:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788283
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Jan 2025 13:10:09 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 16ms
15ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=49684930&t=pageview&_s=1&dl=https%3A%2F%2Fprofitablemessages.com%2Fmr-en-ld3-rdtk-prmt-feirao%2F02%2F%3Frtkcid%3D%26rtkcmpid%3D%26utm_source%3Dfacebook%26utm_campaign%3DMR_EN_(Parametro)_I35_N00354%26sub1%3D120203840597300577%26sub2%3D120203840597230577%26sub3%3D120203840597480577%26sub4%3DI35%26sub5%3DFeirao_MR_I35%2520%25E2%2580%2594%2520C%25C3%25B3pia%2520%25E2%2580%2594%2520C%25C3%25B3pia%26sub6%3D%26sub7%3DFacebook_Mobile_Reels%26sub8%3Dfb%26fbclid%3DIwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w%26cmpid%3D%26utm_medium%3Dpaid%26mk%3Dt777&ul=en-us&de=UTF-8&dt=New%20Profession&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=1782736575&gjid=961135012&cid=1536519601.1705422249&tid=UA-238176933-1&_gid=966226977.1705422249&_r=1&gtm=457e41a0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=631711650

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://profitablemessages.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 16:24:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://profitablemessages.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content view Show response
rfwzx.rdtk.io/ 0
306 B 220ms
220ms XHR
text/plain 37.48.87.182
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://rfwzx.rdtk.io/view?clickid=65a6ada9dc3a8c000136ac51
Requested by: Host: rfwzx.rdtk.io
URL: https://rfwzx.rdtk.io/track.js?rtkcmpid=65777478c0699800014479e8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 37.48.87.182 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 16 Jan 2024 16:24:09 GMT
Server: nginx/1.20.2
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 35ms
12ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JV74G4HYGV&gtm=45je41a0v9128791356&_p=1705422249335&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1536519601.1705422249&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1705422249&sct=1&seg=0&dl=https%3A%2F%2Fprofitablemessages.com%2Fmr-en-ld3-rdtk-prmt-feirao%2F02%2F%3Frtkcid%3D%26rtkcmpid%3D%26utm_source%3Dfacebook%26utm_campaign%3DMR_EN_(Parametro)_I35_N00354%26sub1%3D120203840597300577%26sub2%3D120203840597230577%26sub3%3D120203840597480577%26sub4%3DI35%26sub5%3DFeirao_MR_I35%2520%25E2%2580%2594%2520C%25C3%25B3pia%2520%25E2%2580%2594%2520C%25C3%25B3pia%26sub6%3D%26sub7%3DFacebook_Mobile_Reels%26sub8%3Dfb%26fbclid%3DIwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w%26cmpid%3D%26utm_medium%3Dpaid%26mk%3Dt777&dt=New%20Profession&en=page_view&_fv=1&_ss=1&tfd=2612
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JV74G4HYGV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 16:24:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://profitablemessages.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 56ms
22ms Ping
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JV74G4HYGV&cid=1536519601.1705422249&gtm=45je41a0v9128791356&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JV74G4HYGV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 16:24:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://profitablemessages.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 90ms
48ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JV74G4HYGV&cid=1536519601.1705422249&gtm=45je41a0v9128791356&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=375043936

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 16:24:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 50ms
21ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-238176933-1&cid=1536519601.1705422249&jid=1782736575&gjid=961135012&_gid=966226977.1705422249&_u=YGBACUAABAAAACAAI~&z=1652316514

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://profitablemessages.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 16 Jan 2024 16:24:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://profitablemessages.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/80b90bfd/ Frame 479A 358 KB
46 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OyZmkGrVbeY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681a187d0cb0a97d9b58ebe82409396f2d4cbb5f797c0de299e4e3f23f8c1724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OyZmkGrVbeY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 10:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22465
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47453
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Jan 2025 10:09:44 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame 479A 52 KB
16 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OyZmkGrVbeY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3401b7cf66d3054cd4e206cc8eb15fc6526750591846b9947baa655fc940d910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OyZmkGrVbeY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:42:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 290483
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16447
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 07:42:46 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/ Frame 479A 323 KB
97 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OyZmkGrVbeY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

899192d31cbdaa61c8bab2e4e28c1118b1a2404ea87bc3e4854a53bea37b94ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OyZmkGrVbeY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 02:16:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50836
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98905
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Jan 2025 02:16:53 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame 479A 2 MB
770 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OyZmkGrVbeY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b41e9d926f671cea3deb26ad3ddb93ae28ba5eca5f299bea5a59b482fee3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OyZmkGrVbeY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 13:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788283
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Jan 2025 13:10:09 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/80b90bfd/ Frame BFBF 358 KB
46 KB 12ms
12ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Uln6u4B2Zsk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681a187d0cb0a97d9b58ebe82409396f2d4cbb5f797c0de299e4e3f23f8c1724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Uln6u4B2Zsk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 10:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22465
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47453
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Jan 2025 10:09:44 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame BFBF 52 KB
16 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Uln6u4B2Zsk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3401b7cf66d3054cd4e206cc8eb15fc6526750591846b9947baa655fc940d910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Uln6u4B2Zsk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:42:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 290483
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16447
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 07:42:46 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/ Frame BFBF 323 KB
97 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Uln6u4B2Zsk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

899192d31cbdaa61c8bab2e4e28c1118b1a2404ea87bc3e4854a53bea37b94ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Uln6u4B2Zsk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 02:16:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50836
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98905
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Jan 2025 02:16:53 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame BFBF 2 MB
770 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Uln6u4B2Zsk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b41e9d926f671cea3deb26ad3ddb93ae28ba5eca5f299bea5a59b482fee3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Uln6u4B2Zsk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 13:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788283
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Jan 2025 13:10:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 479A 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OyZmkGrVbeY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 406633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 479A 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OyZmkGrVbeY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 72398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 20:17:31 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BFBF 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Uln6u4B2Zsk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 406633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BFBF 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Uln6u4B2Zsk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 72398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 20:17:31 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 35ms
17ms Fetch
text/css 2606:4700:e4::ac40:a407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=c16a16eb1d
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c16a16eb1d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
via: 1.1 df792ea3bbbe656e2f5c7b61aa85cc46.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: TXL52-C1
age: 3526342
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQVvCjbD3WkjzMxm%2BcNlA89iP1aAPh98WfRswoccBHSsoBcbRxdbUI8AHopbyPf08zdnXyW8Htr3VMR2GayW2qkmxlXV9mmI69Emoz7f98YClXDVmDEfowQrc1igmXz1jO8AOLXGvYiRUnaNzkjsAzUJJg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8467b5038ab79118-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: LI8WmYB_6PlgP87Rw1jRt8ATWQAIav7hlFURdYOvkoB3dsvKyVtbEg==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 34ms
16ms Fetch
text/css 2606:4700:e4::ac40:a407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=c16a16eb1d
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c16a16eb1d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
via: 1.1 3b9e149724e93026c0277288bbe3906a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: TXL52-C1
age: 3526342
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmpjLjkQALTrAbeZWgVKRpVMbgJ2nzqbKuJMIgvKYAep1KPUs%2BPpYd38%2BRVPWTFnYr0yHGkxWww%2F5tq3xZlD6tsjiUUvW2jo%2F5sPtC6Co57VNZGGjqIvjDOa%2Flm4W3c8DYQUFLs8pZ6Stc1vT9rt1z5GQg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8467b5038aba9118-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: uWtC_gMjCQKPBeNBawYgY4_Pphj7Jb4_RQ9eQ5Jb2w7RDwrdxcQ1wA==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 34ms
16ms Fetch
text/css 2606:4700:e4::ac40:a407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=c16a16eb1d
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c16a16eb1d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
via: 1.1 fa133af2508a341e1ff6bfff526ba094.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: TXL52-C1
age: 3526345
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Z8Jrml9hiyWvD7rNPO2WXDruCY9f20eD3VhMRM0GO3GDwzBisZDVK1u4jR9bFIuUefXPkLeFOYrxR8ZE4uMyIM8S8APuEpLtA%2FeyBejaa%2FntCPZIOUhcyaq7k6r11zfY1wViuv71RIBT3QOSs%2FDJcigKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8467b5038ab99118-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 0wfcujEN5Q4X_InvqeRnCBPsYBEONcKyG4tdI5n0zaMQdfmpQYKTow==

OPTIONS
H2 204 x
a.vturb.net/ Frame 0
0 288ms
94ms Preflight 52.1.105.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vturb.net/x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.105.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-105-221.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://profitablemessages.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Origin,Content-Length,Content-Type
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin: *
access-control-max-age: 43200
date: Tue, 16 Jan 2024 16:24:09 GMT

GET
H/1.1 200
OK main.m3u8 Show response
cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/ 711 B
1 KB 32ms
7ms XHR
application/x-mpegurl 2a02:26f0:480:f::213:7ee2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/main.m3u8
Requested by: Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cefc397249695fbcf83a7e3117f2f98249d464e421f350bb30c1e719a5481f5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 16:24:09 GMT
Content-Encoding: gzip
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1429301
Content-Length: 332
Last-Modified: Thu, 30 Nov 2023 01:28:48 GMT
Server: AkamaiNetStorage
ETag: "8f357bf8cd4a460dccf3c07f00cd6a21:1701307728.953314"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31500953
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

POST
H2 204 x
a.vturb.net/ 0
0 94ms
93ms Fetch 52.1.105.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vturb.net/x
Requested by: Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.105.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-105-221.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: application/json
Referer: https://profitablemessages.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 16 Jan 2024 16:24:09 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0affbb23c9b2a2053a07949c5fde48d763d0dfaaebcb47143fad4c4a8f12081

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 check Show response
api.vturb.com.br/vturb/ 0
133 B 91ms
90ms XHR
text/plain 3.93.115.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vturb.com.br/vturb/check
Requested by: Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.93.115.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-115-181.compute-1.amazonaws.com
Software: Caddy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://profitablemessages.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Jan 2024 16:24:10 GMT
access-control-expose-headers: Content-Length
access-control-allow-credentials: true
server: Caddy
content-length: 0

OPTIONS
H2 204 check
api.vturb.com.br/vturb/ Frame 0
0 423ms
90ms Preflight 3.93.115.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vturb.com.br/vturb/check
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.93.115.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-115-181.compute-1.amazonaws.com
Software: Caddy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://profitablemessages.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Origin
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 43200
date: Tue, 16 Jan 2024 16:24:09 GMT
server: Caddy

GET
DATA 200
OK truncated
/ 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 51ms
32ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-238176933-1&cid=1536519601.1705422249&jid=1782736575&_u=YGBACUAABAAAACAAI~&z=847350739

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 16:24:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 44ms
43ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-238176933-1&cid=1536519601.1705422249&jid=1782736575&_u=YGBACUAABAAAACAAI~&z=847350739

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 16:24:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK h264_360p_750.m3u8 Show response
cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/ 10 KB
2 KB 7ms
7ms XHR
application/x-mpegurl 2a02:26f0:480:f::213:7ee2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/h264_360p_750.m3u8
Requested by: Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 264321987cf9934f5a754a4fde826fdae44b120d3ee026e48ebcdda0698d87ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 16:24:09 GMT
Content-Encoding: gzip
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1429301
Content-Length: 774
Last-Modified: Thu, 30 Nov 2023 01:28:48 GMT
Server: AkamaiNetStorage
ETag: "872d3dfd9791bfb3dcb07206d1e31eea:1701307728.955356"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30351798
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK audio_media.m3u8 Show response
cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/ 12 KB
2 KB 15ms
6ms XHR
application/x-mpegurl 2a02:26f0:480:f::213:7ee2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/audio_media.m3u8
Requested by: Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 74a028bfd3f96a4cdb7cbd82e00f2dca637e55dcac57abde28517dbb130a23b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 16:24:09 GMT
Content-Encoding: gzip
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1429301
Content-Length: 828
Last-Modified: Thu, 30 Nov 2023 01:28:48 GMT
Server: AkamaiNetStorage
ETag: "8e7a7a2cf75cae9b1c0b218d17c5d167:1701307728.976282"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=29708535
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 83B4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

14ms
14ms

XHR
application/json

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ELiCpkHV968

Protocol

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dedef19bdf9be251eda57cbfd7a0fba571e661ed551706ef799c3a111490e5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 16 Jan 2024 16:24:09 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 83B4 29 B
494 B 26ms
6ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:17:08 GMT
x-content-type-options: nosniff
age: 421
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jan 2024 16:32:08 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 45ms
25ms Preflight
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 16 Jan 2024 16:24:09 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 83B4 87 KB
40 KB 35ms
34ms XHR
application/json+protobuf 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

728b003f08802a772cd8e7bcda0284340935550ec37cbc1bfa91b128685e5e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40896
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame 83B4 117 KB
33 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b6c8a53cb4841326e9fb05b33f3aaead9cc0eb705c4de88d717bb15da0d7993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ELiCpkHV968
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:04:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 303558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33877
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 04:04:51 GMT

GET
H2 200 QaMcj-JulTnv9WX-ZKiswnw1NZ6KstGU-WkCl6294a4.js Show response
www.google.com/js/th/ Frame 83B4 51 KB
20 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/QaMcj-JulTnv9WX-ZKiswnw1NZ6KstGU-WkCl6294a4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41a31c8fe26e9539eff565fe64a8acc27c35359e8ab2d194f9690297adbde1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:15:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 410898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19869
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jan 2025 22:15:51 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/ELiCpkHV968/ Frame 83B4 2 KB
2 KB 125ms
14ms Image
image/jpeg 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/ELiCpkHV968/default.jpg?sqp=-oaymwEkCHgQWvKriqkDGvABAfgB_gmAAtAFigIMCAAQARhlIFcoSDAP&rs=AOn4CLB_jjNd_AqgU1uP1AV4oCC_anWPQA

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ELiCpkHV968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee1caf8f5e0e01f2555bcce10ed7730eacee2cdc5b260703812fbfed48df98f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:17:33 GMT
x-content-type-options: nosniff
age: 3996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2012
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 16 Jan 2024 17:17:33 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 479A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

14ms
14ms

XHR
application/json

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OyZmkGrVbeY

Protocol

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

359acf8a94743ee41a91191c338e93a85386111c02ecd2ec3c238ee57929257a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 16 Jan 2024 16:24:09 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 479A 29 B
89 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:17:08 GMT
x-content-type-options: nosniff
age: 421
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jan 2024 16:32:08 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame BFBF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

15ms
15ms

XHR
application/json

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Uln6u4B2Zsk

Protocol

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3b6c125f4fdff7a6da6f4c8c54fbc19eb6a207f7190a407875d748d26876c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 16 Jan 2024 16:24:09 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame BFBF 29 B
89 B 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:17:08 GMT
x-content-type-options: nosniff
age: 421
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jan 2024 16:32:08 GMT

GET
H/1.1 200
OK segment_0.ts Show response
cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/h264_360p_750/ 764 KB
765 KB 8ms
8ms XHR
video/mp2t 2a02:26f0:480:f::213:7ee2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/h264_360p_750/segment_0.ts
Requested by: Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ebd92fa9b6aeed7a218d6adafdd44adabdf62ba8859997b76b1222f9d8ff4a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 16:24:09 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1429301
Content-Length: 782456
Last-Modified: Thu, 30 Nov 2023 01:27:43 GMT
Server: AkamaiNetStorage
ETag: "1302d3f3f6f91acc261b7505c74e62d2:1701307663.427104"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30262700
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK segment_0.ts Show response
cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/audio/aac/ 83 KB
83 KB 9ms
9ms XHR
video/mp2t 2a02:26f0:480:f::213:7ee2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/audio/aac/segment_0.ts
Requested by: Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5e508507ea13ec83f983aada7e3613acef3a5a67f1f52a3cef3ae60e2a37108d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 16:24:09 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1429301
Content-Length: 84600
Last-Modified: Thu, 30 Nov 2023 01:27:29 GMT
Server: AkamaiNetStorage
ETag: "7c03ee69f708d1eb824edc773ed532ec:1701307649.652962"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30211120
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 479A 87 KB
40 KB 26ms
26ms XHR
application/json+protobuf 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb89c0185c3e068b8b8ae3fa047d5cae172e4fe099aa6644c90f476fe0b325ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41032
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame 479A 117 KB
33 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b6c8a53cb4841326e9fb05b33f3aaead9cc0eb705c4de88d717bb15da0d7993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OyZmkGrVbeY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:04:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 303558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33877
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 04:04:51 GMT

GET
H2 200 QaMcj-JulTnv9WX-ZKiswnw1NZ6KstGU-WkCl6294a4.js Show response
www.google.com/js/th/ Frame 479A 51 KB
19 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/QaMcj-JulTnv9WX-ZKiswnw1NZ6KstGU-WkCl6294a4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41a31c8fe26e9539eff565fe64a8acc27c35359e8ab2d194f9690297adbde1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:15:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 410898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19869
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jan 2025 22:15:51 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/OyZmkGrVbeY/ Frame 479A 3 KB
3 KB 57ms
13ms Image
image/jpeg 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/OyZmkGrVbeY/default.jpg?sqp=-oaymwEkCHgQWvKriqkDGvABAfgB_gmAAtAFigIMCAAQARhlIFEoQTAP&rs=AOn4CLAVzsW6HfSiZuEryl6nAiBCEfoULQ

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OyZmkGrVbeY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f600e1ca8e3a278a87cb1286fd616dd1d8c3ac78dc42b36ceee42426e7d9a257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:17:32 GMT
x-content-type-options: nosniff
age: 3997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2589
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 16 Jan 2024 17:17:32 GMT

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BFBF 87 KB
40 KB 23ms
23ms XHR
application/json+protobuf 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

951d9f40d4080272df61f28f41bf9d120c707639821f747e54a464876442b272

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41101
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame BFBF 117 KB
33 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b6c8a53cb4841326e9fb05b33f3aaead9cc0eb705c4de88d717bb15da0d7993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Uln6u4B2Zsk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:04:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 303558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33877
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 04:04:51 GMT

GET
H2 200 QaMcj-JulTnv9WX-ZKiswnw1NZ6KstGU-WkCl6294a4.js Show response
www.google.com/js/th/ Frame BFBF 51 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/QaMcj-JulTnv9WX-ZKiswnw1NZ6KstGU-WkCl6294a4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41a31c8fe26e9539eff565fe64a8acc27c35359e8ab2d194f9690297adbde1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:15:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 410898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19869
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jan 2025 22:15:51 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/Uln6u4B2Zsk/ Frame BFBF 2 KB
3 KB 23ms
15ms Image
image/jpeg 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Uln6u4B2Zsk/default.jpg?sqp=-oaymwEkCHgQWvKriqkDGvABAfgB_gmAAtAFigIMCAAQARhjIGUoWjAP&rs=AOn4CLAgLYnk9cDRYE1Zf3esEeuZ4Vp2ZA

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Uln6u4B2Zsk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d9b6306cd7c17aa50ea7bec6ae893e9314ea1c4a8245fef9444ef53db133d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:37:37 GMT
x-content-type-options: nosniff
age: 6392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2508
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 16 Jan 2024 16:37:37 GMT

GET
H2 200 load-js Show response
launcher.hotmart.com/rest/v1/module/ 48 B
486 B 274ms
96ms XHR
application/json 100.24.80.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://launcher.hotmart.com/rest/v1/module/load-js?hotid=eyJzaWQiOiJkYTQ4ZmM0YjIzNDY0YjkwOWIwMzk5MWZiNjJkYWM0ZiIsInBhZ2V2aWV3X2lkIjoiUFYwN3BzdHRuZ2wzOWxscmdrZGh0eSIsInRyYWNlX2lkIjoiTFR0NW1tNDRlajZscmdrZGh0eSJ9&locationHref=https%3A%2F%2Fprofitablemessages.com%2Fmr-en-ld3-rdtk-prmt-feirao%2F02%2F%3Frtkcid%3D%26rtkcmpid%3D%26utm_source%3Dfacebook%26utm_campaign%3DMR_EN_(Parametro)_I35_N00354%26sub1%3D120203840597300577%26sub2%3D120203840597230577%26sub3%3D120203840597480577%26sub4%3DI35%26sub5%3DFeirao_MR_I35%2520%25E2%2580%2594%2520C%25C3%25B3pia%2520%25E2%2580%2594%2520C%25C3%25B3pia%26sub6%3D%26sub7%3DFacebook_Mobile_Reels%26sub8%3Dfb%26fbclid%3DIwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w%26cmpid%3D%26utm_medium%3Dpaid%26mk%3Dt777&account=96d1b4b4-8b2c-3440-9e25-57f81a5d76f2

Requested by

Host: launcher.hotmart.com
URL: https://launcher.hotmart.com/launcher.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.24.80.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-24-80-31.compute-1.amazonaws.com

Software

Resource Hash

597d29c545d7a79da6b84b08603de509450bb81d0e88d3d9766b3cfae368120e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://profitablemessages.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 16:24:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Location, Link, ETag
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 16 Jan 2024 16:24:09 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
14ms Preflight
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 16 Jan 2024 16:24:09 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
14ms Preflight
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 16 Jan 2024 16:24:09 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 83B4 90 B
134 B 17ms
17ms XHR
application/json+protobuf 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b93271756619702f91fbce6be864fc6d581afa7a8b12e234e3ca280b0a668d25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 16 Jan 2024 16:24:09 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 479A 90 B
134 B 19ms
19ms XHR
application/json+protobuf 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64f6d010655596eeb27dffd4d2813d118ddaade9d3c744aba34084167c8ec668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 16 Jan 2024 16:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 16 Jan 2024 16:24:09 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BFBF 90 B
134 B 18ms
17ms XHR
application/json+protobuf 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d48c0d6cee37d3ce6586e691d8f8014c126c567a35ce1543daaf0b246d6a4e8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 16 Jan 2024 16:24:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
BLOB 200
OK 04382e38-558e-4e0f-b6e4-e473bd819b44
https://profitablemessages.com/ 80 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://profitablemessages.com/04382e38-558e-4e0f-b6e4-e473bd819b44
Requested by: Host: profitablemessages.com
URL: https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/?rtkcid=&rtkcmpid=&utm_source=facebook&utm_campaign=MR_EN_(Parametro)_I35_N00354&sub1=120203840597300577&sub2=120203840597230577&sub3=120203840597480577&sub4=I35&sub5=Feirao_MR_I35%20%E2%80%94%20C%C3%B3pia%20%E2%80%94%20C%C3%B3pia&sub6=&sub7=Facebook_Mobile_Reels&sub8=fb&fbclid=IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w&cmpid=&utm_medium=paid&mk=t777
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 422c5ab181cedf4b6795d392a1d86dc3861d3d8a74b5ae383cde0773ac415e05

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 81521
Content-Type: text/javascript

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 83B4 4 KB
2 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Jan 2024 16:24:10 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 42ms
10ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=174111725532320&ev=PageView&dl=https%3A%2F%2Fprofitablemessages.com%2Fmr-en-ld3-rdtk-prmt-feirao%2F02%2F%3Frtkcid%3D%26rtkcmpid%3D%26utm_source%3Dfacebook%26utm_campaign%3DMR_EN_(Parametro)_I35_N00354%26sub1%3D120203840597300577%26sub2%3D120203840597230577%26sub3%3D120203840597480577%26sub4%3DI35%26sub5%3DFeirao_MR_I35%2520%25E2%2580%2594%2520C%25C3%25B3pia%2520%25E2%2580%2594%2520C%25C3%25B3pia%26sub6%3D%26sub7%3DFacebook_Mobile_Reels%26sub8%3Dfb%26fbclid%3DIwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w%26cmpid%3D%26utm_medium%3Dpaid%26mk%3Dt777&rl=&if=false&ts=1705422249994&sw=1600&sh=1200&v=2.9.140&r=stable&ec=0&o=4126&fbc=fb.1.1705422249784.IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w&fbp=fb.1.1705422249784.1451870218&ler=empty&it=1705422249379&coo=false&cdl=&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 16 Jan 2024 16:24:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 42ms
10ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=174111725532320&ev=ViewContent&dl=https%3A%2F%2Fprofitablemessages.com%2Fmr-en-ld3-rdtk-prmt-feirao%2F02%2F%3Frtkcid%3D%26rtkcmpid%3D%26utm_source%3Dfacebook%26utm_campaign%3DMR_EN_(Parametro)_I35_N00354%26sub1%3D120203840597300577%26sub2%3D120203840597230577%26sub3%3D120203840597480577%26sub4%3DI35%26sub5%3DFeirao_MR_I35%2520%25E2%2580%2594%2520C%25C3%25B3pia%2520%25E2%2580%2594%2520C%25C3%25B3pia%26sub6%3D%26sub7%3DFacebook_Mobile_Reels%26sub8%3Dfb%26fbclid%3DIwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w%26cmpid%3D%26utm_medium%3Dpaid%26mk%3Dt777&rl=&if=false&ts=1705422249995&sw=1600&sh=1200&v=2.9.140&r=stable&ec=1&o=4126&fbc=fb.1.1705422249784.IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w&fbp=fb.1.1705422249784.1451870218&ler=empty&it=1705422249379&coo=false&cdl=&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 16 Jan 2024 16:24:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
BLOB 200
OK dae5bfc4-45f0-4c46-8153-c55c133d8998
https://profitablemessages.com/ 80 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://profitablemessages.com/dae5bfc4-45f0-4c46-8153-c55c133d8998
Requested by: Host: profitablemessages.com
URL: https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/?rtkcid=&rtkcmpid=&utm_source=facebook&utm_campaign=MR_EN_(Parametro)_I35_N00354&sub1=120203840597300577&sub2=120203840597230577&sub3=120203840597480577&sub4=I35&sub5=Feirao_MR_I35%20%E2%80%94%20C%C3%B3pia%20%E2%80%94%20C%C3%B3pia&sub6=&sub7=Facebook_Mobile_Reels&sub8=fb&fbclid=IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w&cmpid=&utm_medium=paid&mk=t777
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 422c5ab181cedf4b6795d392a1d86dc3861d3d8a74b5ae383cde0773ac415e05

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 81521
Content-Type: text/javascript

GET
H3 204 generate_204
www.youtube.com/ Frame 83B4 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?zGQdWw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/ELiCpkHV968
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ELiCpkHV968
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 479A 4 KB
2 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Jan 2024 16:24:10 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame BFBF 4 KB
2 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Jan 2024 16:24:10 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 479A 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?B6Ct-A
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/OyZmkGrVbeY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OyZmkGrVbeY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame BFBF 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?R72Zow
Requested by: Host: profitablemessages.com
URL: https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/?rtkcid=&rtkcmpid=&utm_source=facebook&utm_campaign=MR_EN_(Parametro)_I35_N00354&sub1=120203840597300577&sub2=120203840597230577&sub3=120203840597480577&sub4=I35&sub5=Feirao_MR_I35%20%E2%80%94%20C%C3%B3pia%20%E2%80%94%20C%C3%B3pia&sub6=&sub7=Facebook_Mobile_Reels&sub8=fb&fbclid=IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w&cmpid=&utm_medium=paid&mk=t777
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Uln6u4B2Zsk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 83B4 50 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 12:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 17 Jan 2024 12:40:19 GMT

GET
H2 200 id.min.js Show response
identification.hotmart.com/ 5 KB
5 KB 300ms
98ms Script
text/html 34.199.85.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://identification.hotmart.com/id.min.js?account=96d1b4b4-8b2c-3440-9e25-57f81a5d76f2
Requested by: Host: launcher.hotmart.com
URL: https://launcher.hotmart.com/launcher.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.85.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-85-45.compute-1.amazonaws.com
Software: WildFly/9 / Undertow/1
Resource Hash: 22abb44ac609885ebd5ed2f512451085dc43e8457e9a2cfdf8bd86dd82073258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:10 GMT
last-modified: Tue, 16 Jan 2024 15:17:30 GMT
server: WildFly/9
x-powered-by: Undertow/1
content-type: text/html;charset=utf-8
cache-control: max-age=60
content-length: 5404
expires: 170542225042460000

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 479A 50 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 12:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 17 Jan 2024 12:40:19 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame BFBF 50 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 12:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 17 Jan 2024 12:40:19 GMT

GET
H/1.1 200
OK segment_1.ts Show response
cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/audio/aac/ 80 KB
80 KB 7ms
7ms XHR
video/mp2t 2a02:26f0:480:f::213:7ee2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/audio/aac/segment_1.ts
Requested by: Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 395ef4ebbbc54fa9e7e7a5ca612b0c3677c7a0b56a3e6a28371238b7eab4abb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 16:24:10 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1429301
Content-Length: 81592
Last-Modified: Thu, 30 Nov 2023 01:27:29 GMT
Server: AkamaiNetStorage
ETag: "ca901dc4601e6b22233f4271c6afe84b:1701307649.673618"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=29708769
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK h264_432p_1000.m3u8 Show response
cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/ 10 KB
2 KB 7ms
7ms XHR
application/x-mpegurl 2a02:26f0:480:f::213:7ee2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/h264_432p_1000.m3u8
Requested by: Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: eedab59798e6f70b4b0cd6c608cfb388bac886dd30b135c9feae2478efd4f573

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 16:24:10 GMT
Content-Encoding: gzip
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1429301
Content-Length: 785
Last-Modified: Thu, 30 Nov 2023 01:28:48 GMT
Server: AkamaiNetStorage
ETag: "5da35b7f78539ad2753a5646ae1075f2:1701307728.95162"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30283096
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK segment_2.ts Show response
cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/audio/aac/ 80 KB
80 KB 8ms
7ms XHR
video/mp2t 2a02:26f0:480:f::213:7ee2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/audio/aac/segment_2.ts
Requested by: Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b3155f5c5e1498e94d2ea943ba7f2f5e3db205385a4d0e5c26e6e670eed75f84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 16:24:10 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1429301
Content-Length: 81592
Last-Modified: Thu, 30 Nov 2023 01:27:29 GMT
Server: AkamaiNetStorage
ETag: "f044c563ade8262ea439ddfe456598a4:1701307649.682307"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30106533
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK segment_1.ts Show response
cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/h264_432p_1000/ 221 KB
221 KB 7ms
7ms XHR
video/mp2t 2a02:26f0:480:f::213:7ee2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/h264_432p_1000/segment_1.ts
Requested by: Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 27b9c183140bddc30e8d5fb2045a870486342ff1e7959523e36b383d0a2b5df4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 16:24:10 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1429301
Content-Length: 225976
Last-Modified: Thu, 30 Nov 2023 01:27:44 GMT
Server: AkamaiNetStorage
ETag: "5fe6e52f7d15e455ae1d1eb5927afd41:1701307664.849841"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30282444
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK segment_2.ts Show response
cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/h264_432p_1000/ 370 KB
371 KB 7ms
7ms XHR
video/mp2t 2a02:26f0:480:f::213:7ee2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/h264_432p_1000/segment_2.ts
Requested by: Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6ab7f5c478d4dfaad2b59c4de99edb3d1104f075afc50cdbfb4051044f97c1bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 16:24:10 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1429301
Content-Length: 379384
Last-Modified: Thu, 30 Nov 2023 01:27:46 GMT
Server: AkamaiNetStorage
ETag: "9a5bc899774c806a5b42efbed96aa0a0:1701307666.277074"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30282527
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK segment_3.ts Show response
cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/audio/aac/ 83 KB
83 KB 8ms
7ms XHR
video/mp2t 2a02:26f0:480:f::213:7ee2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/audio/aac/segment_3.ts
Requested by: Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 936eb4bfd81d9b7f1732f4dee3b621ba102a7cf4cc76acb111f8a153ceee087b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 16:24:10 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1429301
Content-Length: 84600
Last-Modified: Thu, 30 Nov 2023 01:27:29 GMT
Server: AkamaiNetStorage
ETag: "4e991b74a02a217f4346b06abb40d31d:1701307649.811116"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=29708613
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 track Show response
tracking-api.hotmart.com/rest/ 0
94 B 282ms
92ms XHR
application/json 52.204.167.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking-api.hotmart.com/rest/track?hotid=eyJzaWQiOiJkYTQ4ZmM0YjIzNDY0YjkwOWIwMzk5MWZiNjJkYWM0ZiIsImNpZCI6IjE3MDU0MjIyNTA0NzU5NTU1NDQwMjIwNTMxNjI0MDAiLCJiaWQiOiIxNzA1NDIyMjUwNDc1OTU1NTQ0MDIyMDUzMTYyNDAwIiwicGFnZXZpZXdfaWQiOiJQVjA3cHN0dG5nbDM5bGxyZ2tkaHR5IiwidHJhY2VfaWQiOiJMVHczbnExOGI2Zm1scmdrZGliMCJ9&sid=da48fc4b23464b909b03991fb62dac4f&cid=1705422250475955544022053162400&bid=1705422250475955544022053162400&account=96d1b4b4-8b2c-3440-9e25-57f81a5d76f2&locationHref=https%3A%2F%2Fprofitablemessages.com%2Fmr-en-ld3-rdtk-prmt-feirao%2F02%2F%3Frtkcid%3D%26rtkcmpid%3D%26utm_source%3Dfacebook%26utm_campaign%3DMR_EN_(Parametro)_I35_N00354%26sub1%3D120203840597300577%26sub2%3D120203840597230577%26sub3%3D120203840597480577%26sub4%3DI35%26sub5%3DFeirao_MR_I35%2520%25E2%2580%2594%2520C%25C3%25B3pia%2520%25E2%2580%2594%2520C%25C3%25B3pia%26sub6%3D%26sub7%3DFacebook_Mobile_Reels%26sub8%3Dfb%26fbclid%3DIwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w%26cmpid%3D%26utm_medium%3Dpaid%26mk%3Dt777
Requested by: Host: launcher.hotmart.com
URL: https://launcher.hotmart.com/launcher.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.167.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-167-57.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://profitablemessages.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://profitablemessages.com
date: Tue, 16 Jan 2024 16:24:10 GMT
content-length: 0
content-type: application/json

GET
H2 200 id.gif
identification.hotmart.com/ 43 B
161 B 95ms
94ms Image
image/gif 34.199.85.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://identification.hotmart.com/id.gif?cid=1705422250475955544022053162400&bid=1705422250475955544022053162400
Requested by: Host: profitablemessages.com
URL: https://profitablemessages.com/mr-en-ld3-rdtk-prmt-feirao/02/?rtkcid=&rtkcmpid=&utm_source=facebook&utm_campaign=MR_EN_(Parametro)_I35_N00354&sub1=120203840597300577&sub2=120203840597230577&sub3=120203840597480577&sub4=I35&sub5=Feirao_MR_I35%20%E2%80%94%20C%C3%B3pia%20%E2%80%94%20C%C3%B3pia&sub6=&sub7=Facebook_Mobile_Reels&sub8=fb&fbclid=IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w&cmpid=&utm_medium=paid&mk=t777
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.85.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-85-45.compute-1.amazonaws.com
Software: WildFly/9 / Undertow/1
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:10 GMT
cache-control: no-cache
server: WildFly/9
x-powered-by: Undertow/1
content-length: 43
content-type: image/gif

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 83B4 28 B
54 B 33ms
33ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
X-Goog-Request-Time: 1705422251767
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ELiCpkHV968
X-YouTube-Client-Version: 1.20240109.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtTZEQzQThyQ2pDYyip25qtBjIKCgJERRIEEgAgOw%3D%3D
X-YouTube-Ad-Signals: dt=1705422249481&flash=0&frm=2&u_tz=60&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 16 Jan 2024 16:24:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Tue, 16 Jan 2024 16:24:11 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 479A 28 B
54 B 26ms
26ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
X-Goog-Request-Time: 1705422251830
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/OyZmkGrVbeY
X-YouTube-Client-Version: 1.20240109.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtHN0NpZ3dlZFFQcyip25qtBjIKCgJERRIEEgAgTQ%3D%3D
X-YouTube-Ad-Signals: dt=1705422249691&flash=0&frm=2&u_tz=60&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 16 Jan 2024 16:24:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Tue, 16 Jan 2024 16:24:11 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame BFBF 28 B
54 B 30ms
30ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
X-Goog-Request-Time: 1705422252055
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Uln6u4B2Zsk
X-YouTube-Client-Version: 1.20240109.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtVMDJfSEs1RmRVMCip25qtBjIKCgJERRIEEgAgDA%3D%3D
X-YouTube-Ad-Signals: dt=1705422249696&flash=0&frm=2&u_tz=60&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 16 Jan 2024 16:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Tue, 16 Jan 2024 16:24:12 GMT

GET
H/1.1 200
OK segment_3.ts Show response
cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/h264_432p_1000/ 435 KB
436 KB 8ms
8ms XHR
video/mp2t 2a02:26f0:480:f::213:7ee2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/88355dfc-e335-4238-aae6-ebbd07ab6339/6567e487f87262000851f2e2/h264_432p_1000/segment_3.ts
Requested by: Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d3e6615d7310f1bd52d80c3aa7bf5286384b725a867550ee88e7bddff5718815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitablemessages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 16:24:14 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1429301
Content-Length: 445560
Last-Modified: Thu, 30 Nov 2023 01:27:47 GMT
Server: AkamaiNetStorage
ETag: "7cca94bee12d2161d1552cab03f8c913:1701307667.678996"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30282547
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.profitablemessages.com/	1970-01-20 19:53:18	Name: _gcl_au Value: 1.1.1852340722.1705422249
.profitablemessages.com/	1970-01-20 17:45:08	Name: _gid Value: GA1.2.966226977.1705422249
.profitablemessages.com/	1970-01-20 17:43:42	Name: _gat_gtag_UA_238176933_1 Value: 1
profitablemessages.com/	1970-01-20 18:26:54	Name: rtkclickid-store Value: 65a6ada9dc3a8c000136ac51
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: _ixmSs6ecZg
.youtube.com/	1970-01-20 22:02:54	Name: VISITOR_INFO1_LIVE Value: U02_HK5FdU0
.profitablemessages.com/	1970-01-21 03:19:42	Name: _ga_JV74G4HYGV Value: GS1.1.1705422249.1.0.1705422249.60.0.0
.profitablemessages.com/	1970-01-21 03:19:42	Name: _ga Value: GA1.1.1536519601.1705422249
.profitablemessages.com/	1970-01-20 19:53:18	Name: _fbc Value: fb.1.1705422249784.IwAR3MUHwjaVmvhxfFM5p-5EtGcT-UzgwObImzznXxMNTd8485TSfwD1cR0bU_aem_AdcYlGLxcUsOZAAL5tHpeogS6cwvuUl-L_F-jtFVteNR5A7JLmR7HXyrIIyknrnsbfG2_FkdeYeFRXHX-cEPHt9w
.profitablemessages.com/	1970-01-20 19:53:18	Name: _fbp Value: fb.1.1705422249784.1451870218
.profitablemessages.com/	1970-01-21 03:19:42	Name: hotid Value: eyJzaWQiOiJkYTQ4ZmM0YjIzNDY0YjkwOWIwMzk5MWZiNjJkYWM0ZiIsImNpZCI6IjE3MDU0MjIyNTA0NzU5NTU1NDQwMjIwNTMxNjI0MDAiLCJiaWQiOiIxNzA1NDIyMjUwNDc1OTU1NTQ0MDIyMDUzMTYyNDAwIn0=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js Message: Specifying 'overflow: visible' on img, video and canvas tags may cause them to produce visual content outside of the element bounds. See https://github.com/WICG/view-transitions/blob/main/debugging_overflow_on_images.md for details.
other	warning	URL: https://connect.facebook.net/signals/config/174111725532320?v=2.9.140&r=stable&domain=profitablemessages.com(Line 127) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vturb.net
api.vturb.com.br
cdn.converteai.net
cdn.jsdelivr.net
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
identification.hotmart.com
images.converteai.net
jnn-pa.googleapis.com
ka-f.fontawesome.com
kit.fontawesome.com
launcher.hotmart.com
profitablemessages.com
region1.analytics.google.com
rfwzx.rdtk.io
scripts.converteai.net
ssl.geoplugin.net
static.doubleclick.net
stats.g.doubleclick.net
tracking-api.hotmart.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
100.24.80.31
13.224.103.117
178.237.33.51
18.245.60.106
2001:4860:4802:34::36
2606:4700:4400::6812:2844
2606:4700::6810:5814
2606:4700:e4::ac40:a407
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2008
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::2016
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2004
2a00:1450:400c:c07::9c
2a02:26f0:480:f::213:7ee2
2a02:4780:23:c4e6:96df:5527:f682:4841
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::649
3.93.115.181
34.199.85.45
37.48.87.182
52.1.105.221
52.204.167.57
05ac302fdfd88e6b8d94808abea78bad8741d0c4ef117f17368ed81ba6c57c05
0a374b07268710cf82e1419f638ae6343024d46a69e7425cfc64f1ab196eff4b
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
1690d9be98a0d0eae94c70bac71dbe9a8ba67fd946fb4f5ef3245d2c09253c27
1ac0659f1f94674dc49a3a04eef1bfdb0d9577cbc55a6689a84acb8a42146855
22abb44ac609885ebd5ed2f512451085dc43e8457e9a2cfdf8bd86dd82073258
264321987cf9934f5a754a4fde826fdae44b120d3ee026e48ebcdda0698d87ec
27b9c183140bddc30e8d5fb2045a870486342ff1e7959523e36b383d0a2b5df4
3401b7cf66d3054cd4e206cc8eb15fc6526750591846b9947baa655fc940d910
35564730d6ade1c97240c67118d504b70a3125c6be35012ab9a35bd033503351
359acf8a94743ee41a91191c338e93a85386111c02ecd2ec3c238ee57929257a
395ef4ebbbc54fa9e7e7a5ca612b0c3677c7a0b56a3e6a28371238b7eab4abb8
3d857e95bfe355202cb59fce959eb68363eeee8d0b2008f7165aa7c775893b8a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41a31c8fe26e9539eff565fe64a8acc27c35359e8ab2d194f9690297adbde1ae
422c5ab181cedf4b6795d392a1d86dc3861d3d8a74b5ae383cde0773ac415e05
45b41e9d926f671cea3deb26ad3ddb93ae28ba5eca5f299bea5a59b482fee3d9
48498dbcf8db1303ad1837cc3275b807f8af0975cbe088f82d311f119b1021df
4dedef19bdf9be251eda57cbfd7a0fba571e661ed551706ef799c3a111490e5d
4ed0d8441dc34824a1e7361cc202eb6e51fdf037e687bd521efcf95e47c1995e
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5734fb2f9ed95c5e57e0700c3caf47c3131af31d8a5ca82d6833042856603e3a
597d29c545d7a79da6b84b08603de509450bb81d0e88d3d9766b3cfae368120e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e508507ea13ec83f983aada7e3613acef3a5a67f1f52a3cef3ae60e2a37108d
64f6d010655596eeb27dffd4d2813d118ddaade9d3c744aba34084167c8ec668
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
681a187d0cb0a97d9b58ebe82409396f2d4cbb5f797c0de299e4e3f23f8c1724
6ab7f5c478d4dfaad2b59c4de99edb3d1104f075afc50cdbfb4051044f97c1bd
6b6c8a53cb4841326e9fb05b33f3aaead9cc0eb705c4de88d717bb15da0d7993
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
706d133e61468bdef584ccaea3c845f92f6b0e447b934c9017c0510ed6aea79a
728b003f08802a772cd8e7bcda0284340935550ec37cbc1bfa91b128685e5e04
74a028bfd3f96a4cdb7cbd82e00f2dca637e55dcac57abde28517dbb130a23b4
76cdac14f001021502098c212c59f713aaf13ddf12cf3c874525fc4fdfcf9b30
7de1f220853e1db6393150dc7794a9394a31114fd42b424e8936ca253a196115
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
899192d31cbdaa61c8bab2e4e28c1118b1a2404ea87bc3e4854a53bea37b94ed
8c477b9cb71d32b1d91172001f72c232cbd72f5ca14f4bf50ba8622cf2fc34de
8d9b6306cd7c17aa50ea7bec6ae893e9314ea1c4a8245fef9444ef53db133d0e
936eb4bfd81d9b7f1732f4dee3b621ba102a7cf4cc76acb111f8a153ceee087b
951d9f40d4080272df61f28f41bf9d120c707639821f747e54a464876442b272
9d1879730d401c98086be7ffb18ac6b785cb4bab2fb5e5ffb4eec082460bb4aa
9d22d03d790ee9aae5c0c8bc7cff5e12bb5e94068caed4ffb66fea35482a571a
b3155f5c5e1498e94d2ea943ba7f2f5e3db205385a4d0e5c26e6e670eed75f84
b93271756619702f91fbce6be864fc6d581afa7a8b12e234e3ca280b0a668d25
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c0affbb23c9b2a2053a07949c5fde48d763d0dfaaebcb47143fad4c4a8f12081
c60c5ded4c3e600ed2c12cd3c11519f8b8592f3518e27fc9bb4ffbd4fb9a4113
cefc397249695fbcf83a7e3117f2f98249d464e421f350bb30c1e719a5481f5b
d3e6615d7310f1bd52d80c3aa7bf5286384b725a867550ee88e7bddff5718815
d48c0d6cee37d3ce6586e691d8f8014c126c567a35ce1543daaf0b246d6a4e8a
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8831773afec368b8ed1ee209c87989b7a1c185d0439284667aa1b03c8003e67
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dff8bb4dd29c6f0999031bd17f8da0c4ce402bd612ba83a06a5b969cd5ee137c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e674b498f4763c49604271b74fcaf160d887414589c8e77dd6caa74269087d5c
eb89c0185c3e068b8b8ae3fa047d5cae172e4fe099aa6644c90f476fe0b325ac
ebd92fa9b6aeed7a218d6adafdd44adabdf62ba8859997b76b1222f9d8ff4a22
edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee1caf8f5e0e01f2555bcce10ed7730eacee2cdc5b260703812fbfed48df98f0
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eedab59798e6f70b4b0cd6c608cfb388bac886dd30b135c9feae2478efd4f573
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3b6c125f4fdff7a6da6f4c8c54fbc19eb6a207f7190a407875d748d26876c53
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f56fa6f3601bd0417d8794864cfaff1ef020396aadcc93377e5bbbe81cf9dfae
f600e1ca8e3a278a87cb1286fd616dd1d8c3ac78dc42b36ceee42426e7d9a257
f6c75a7150a6b76b6bbd31bd53d0b00aac853cb980fd1ea6fe9c222c776128f9
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

profitablemessages.com Open in urlscan Pro 2a02:4780:23:c4e6:96df:5527:f682:4841 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

119 Requests

96 %HTTPS

71 %IPv6

21 Domains

31 Subdomains

32 IPs

4 Countries

6404 kBTransfer

15541 kBSize

11 Cookies

2 Outgoing links

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

profitablemessages.com Open in urlscan Pro
2a02:4780:23:c4e6:96df:5527:f682:4841 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

96 %
HTTPS

71 %
IPv6

21
Domains

31
Subdomains

32
IPs

4
Countries

6404 kB
Transfer

15541 kB
Size

11
Cookies

119 HTTP transactions
2 data transactions