urlscan.io logo urlscan.io
SecurityTrails logo

1kdayprofitz-bfc01.gr8.com Open in urlscan Pro
104.160.64.15  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://750creditplug.com/
Effective URL: https://1kdayprofitz-bfc01.gr8.com/
Submission: On August 02 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 12 domains to perform 36 HTTP transactions. The main IP is 104.160.64.15, located in United States and belongs to GETRESPONSE-IMPLIX, US. The main domain is 1kdayprofitz-bfc01.gr8.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on August 9th 2021. Valid for: a year.
This is the only time 1kdayprofitz-bfc01.gr8.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2607:f1c0:100f:f000::29f (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
750creditplug.com
2    104.160.64.15 (United States)

ASN46469 (GETRESPONSE-IMPLIX, US)
PTR: norevdns.getresponse.com
1kdayprofitz-bfc01.gr8.com
8    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
us-as.gr-cdn.com
us-an.gr-cdn.com
2    34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
2    178.16.117.14 (Poland)

ASN198881 (IMPLIX-PL-AS, PL)
PTR: 14.117.16.178.implix.com
ga.getresponse.com
ga2.getresponse.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
youtube.com
9    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:82f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
10 youtube.com
youtube.com — Cisco Umbrella Rank: 62
www.youtube.com — Cisco Umbrella Rank: 89
782 KB
8 gr-cdn.com
us-as.gr-cdn.com — Cisco Umbrella Rank: 75895
us-an.gr-cdn.com — Cisco Umbrella Rank: 76349
450 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 330
30 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 69
static.doubleclick.net — Cisco Umbrella Rank: 434
1 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
33 KB
2 getresponse.com
ga.getresponse.com — Cisco Umbrella Rank: 66288
sentry.int.getresponse.com Failed
ga2.getresponse.com — Cisco Umbrella Rank: 69769
1 KB
2 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5759
2 KB
2 gr8.com
1kdayprofitz-bfc01.gr8.com
9 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 104
30 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 194
4 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 20
14 KB
1 750creditplug.com
750creditplug.com
114 B
36 12
Domain Requested by
9 www.youtube.com 1kdayprofitz-bfc01.gr8.com
www.youtube.com
7 us-as.gr-cdn.com 1kdayprofitz-bfc01.gr8.com
4 jnn-pa.googleapis.com www.youtube.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 dev.visualwebsiteoptimizer.com 1kdayprofitz-bfc01.gr8.com
2 1kdayprofitz-bfc01.gr8.com us-as.gr-cdn.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 ga2.getresponse.com us-as.gr-cdn.com
1 fonts.gstatic.com www.youtube.com
1 us-an.gr-cdn.com ga.getresponse.com
1 youtube.com 1 redirects
1 ga.getresponse.com 1kdayprofitz-bfc01.gr8.com
1 750creditplug.com 1 redirects
0 sentry.int.getresponse.com Failed us-as.gr-cdn.com
36 18

This site contains no links.

Subject Issuer Validity Valid
*.gr8.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-08-09 -
2022-08-29		 a year crt.sh
*.gr-cdn.com
Go Daddy Secure Certificate Authority - G2		 2022-03-30 -
2023-04-10		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2022-07-04 -
2023-08-05		 a year crt.sh
*.getresponse.com
Go Daddy Secure Certificate Authority - G2		 2022-03-30 -
2023-04-11		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://1kdayprofitz-bfc01.gr8.com/
Frame ID: 8407DAB166CD1C0469B9AB6D8B728711
Requests: 15 HTTP requests in this frame

Frame: https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
Frame ID: 6A454AF1F97CDEF57A3C8FC6B8A19DDF
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Credit Repair Bridge

Page URL History Show full URLs

  1. https://750creditplug.com/ HTTP 302
    https://1kdayprofitz-bfc01.gr8.com/ Page URL

Page Statistics

36
Requests

94 %
HTTPS

73 %
IPv6

12
Domains

18
Subdomains

14
IPs

3
Countries

1355 kB
Transfer

4807 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://750creditplug.com/ HTTP 302
    https://1kdayprofitz-bfc01.gr8.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0 HTTP 301
  • https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
Request Chain 19
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1kdayprofitz-bfc01.gr8.com/
Redirect Chain
  • https://750creditplug.com/
  • https://1kdayprofitz-bfc01.gr8.com/
33 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1kdayprofitz-bfc01.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.160.64.15 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
norevdns.getresponse.com
Software
nginx /
Resource Hash
e004840c7d6a3aea8bdece266e3c77362aa9832b496d6595120ea90c99491369

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 02 Aug 2022 03:52:58 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
content-type
text/html
date
Tue, 02 Aug 2022 03:52:57 GMT
location
https://1kdayprofitz-bfc01.gr8.com/
server
Apache
reset-styles.4e0fef0f9b48c52a8fa6.css
us-as.gr-cdn.com/javascripts/core/lps/dist/ 		925 B
722 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/reset-styles.4e0fef0f9b48c52a8fa6.css
Requested by
Host: 1kdayprofitz-bfc01.gr8.com
URL: https://1kdayprofitz-bfc01.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1ce5f3fe604178444613f80a6398d8c55abe621d453b1241b575194023466396
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://1kdayprofitz-bfc01.gr8.com/
Origin
https://1kdayprofitz-bfc01.gr8.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 03:52:58 GMT
content-encoding
gzip
last-modified
Fri, 29 Jul 2022 07:36:14 GMT
etag
W/"62e38dee-39d"
strict-transport-security
max-age=63072000; includeSubDomains
x-hw
1659412378.dop056.lo4.t,1659412378.cds245.lo4.hn,1659412378.cds251.lo4.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
501
core-styles.6196b138305acf87cd5a.css
us-as.gr-cdn.com/javascripts/core/lps/dist/ 		26 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/core-styles.6196b138305acf87cd5a.css
Requested by
Host: 1kdayprofitz-bfc01.gr8.com
URL: https://1kdayprofitz-bfc01.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1c1594980fc5fbb5b764a70b6089aa62f4a707a90854aa8aaad3919bab8e0420
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://1kdayprofitz-bfc01.gr8.com/
Origin
https://1kdayprofitz-bfc01.gr8.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 03:52:58 GMT
content-encoding
gzip
last-modified
Fri, 29 Jul 2022 07:36:11 GMT
etag
W/"62e38deb-6914"
strict-transport-security
max-age=63072000; includeSubDomains
x-hw
1659412378.dop056.lo4.t,1659412378.cds245.lo4.hn,1659412378.cds083.lo4.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
6977
webform-styles.e12f0156febbf1214cd9.css
us-as.gr-cdn.com/javascripts/core/lps/dist/ 		31 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/webform-styles.e12f0156febbf1214cd9.css
Requested by
Host: 1kdayprofitz-bfc01.gr8.com
URL: https://1kdayprofitz-bfc01.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4fa1aa25efe41149e52124787df5c8eb50f24f79c778a1c344510eb0e8850e6c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://1kdayprofitz-bfc01.gr8.com/
Origin
https://1kdayprofitz-bfc01.gr8.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 03:52:58 GMT
content-encoding
gzip
last-modified
Fri, 29 Jul 2022 07:36:14 GMT
etag
W/"62e38dee-7ba0"
strict-transport-security
max-age=63072000; includeSubDomains
x-hw
1659412378.dop056.lo4.t,1659412378.cds245.lo4.hn,1659412378.cds253.lo4.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
server-timing
dtSInfo;desc="1"
accept-ranges
bytes
content-length
4814
style.css
us-as.gr-cdn.com/images/common/templates/landing/158/1/css/ 		5 KB
942 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us-as.gr-cdn.com/images/common/templates/landing/158/1/css/style.css
Requested by
Host: 1kdayprofitz-bfc01.gr8.com
URL: https://1kdayprofitz-bfc01.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4e94ea32ad013ea276444a49d539ed754be9cdc2ca634857226b5663f34c807f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://1kdayprofitz-bfc01.gr8.com/
Origin
https://1kdayprofitz-bfc01.gr8.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 03:52:58 GMT
content-encoding
gzip
last-modified
Fri, 22 Jul 2022 08:37:03 GMT
etag
"62da61af-1285"
strict-transport-security
max-age=63072000; includeSubDomains
x-hw
1659412378.dop056.lo4.t,1659412378.cds245.lo4.hn,1659412378.cds318.lo4.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400, public
server-timing
dtSInfo;desc="1"
accept-ranges
bytes
content-length
794
manifest.e4ede1ba9f22a9bf0b42.js
us-as.gr-cdn.com/javascripts/core/lps/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/manifest.e4ede1ba9f22a9bf0b42.js
Requested by
Host: 1kdayprofitz-bfc01.gr8.com
URL: https://1kdayprofitz-bfc01.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
db9b621f49633ca7e93a6211b683e00fd699295acae0269bee83d7a2f0f72e6f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1kdayprofitz-bfc01.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 03:52:58 GMT
content-encoding
gzip
last-modified
Fri, 29 Jul 2022 07:36:20 GMT
etag
W/"62e38df4-12c6"
strict-transport-security
max-age=63072000; includeSubDomains
x-hw
1659412378.dop210.lo4.t,1659412378.cds245.lo4.hn,1659412378.cds001.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2277
vendor.chunk.d2c3f5e1323ef369866c.js
us-as.gr-cdn.com/javascripts/core/lps/dist/ 		680 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/vendor.chunk.d2c3f5e1323ef369866c.js
Requested by
Host: 1kdayprofitz-bfc01.gr8.com
URL: https://1kdayprofitz-bfc01.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d090a860c13c9136c7f2b03707a9c17999e2c2319f9cfcb737ffc5d8e8d39f7d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1kdayprofitz-bfc01.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 03:52:58 GMT
content-encoding
gzip
last-modified
Fri, 29 Jul 2022 07:36:22 GMT
etag
W/"62e38df6-a9edf"
strict-transport-security
max-age=63072000; includeSubDomains
x-hw
1659412378.dop210.lo4.t,1659412378.cds245.lo4.hn,1659412378.cds261.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
191570
show.chunk.bdbbcc789bb858d6929a.js
us-as.gr-cdn.com/javascripts/core/lps/dist/ 		958 KB
242 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/show.chunk.bdbbcc789bb858d6929a.js
Requested by
Host: 1kdayprofitz-bfc01.gr8.com
URL: https://1kdayprofitz-bfc01.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
7cf3f84bd91910ab21318fe27593fcdf37b802ce8b4eb8ae1e05c0018a36eea9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1kdayprofitz-bfc01.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 03:52:58 GMT
content-encoding
gzip
last-modified
Fri, 29 Jul 2022 07:36:22 GMT
etag
W/"62e38df6-ef6b2"
strict-transport-security
max-age=63072000; includeSubDomains
x-hw
1659412378.dop210.lo4.t,1659412378.cds245.lo4.hn,1659412378.cds288.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
247943
j.php
dev.visualwebsiteoptimizer.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=4859&u=https%3A%2F%2F1kdayprofitz-bfc01.gr8.com%2F&r=0.10366836858851447
Requested by
Host: 1kdayprofitz-bfc01.gr8.com
URL: https://1kdayprofitz-bfc01.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
4f148221a9e9f84603e45a502960e9e36bfa2c152d2a24a138374ff075cbe530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1kdayprofitz-bfc01.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Aug 2022 03:52:57 GMT
via
1.1 google
server
gfra1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
ga.js
ga.getresponse.com/script/b106177f-6ff2-4fd4-a081-b6043318be9c/ 		371 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ga.getresponse.com/script/b106177f-6ff2-4fd4-a081-b6043318be9c/ga.js
Requested by
Host: 1kdayprofitz-bfc01.gr8.com
URL: https://1kdayprofitz-bfc01.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.16.117.14 , Poland, ASN198881 (IMPLIX-PL-AS, PL),
Reverse DNS
14.117.16.178.implix.com
Software
/
Resource Hash
5bc5cfb9f620d221334ea456af45bc66825e63f8f8a83882e3ba6a944529ed14
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://1kdayprofitz-bfc01.gr8.com/
Origin
https://1kdayprofitz-bfc01.gr8.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-response-id
1df9442e-e02a-4a97-afec-ce769d6fe92b
content-length
371
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Tue, 02 Aug 2022 03:52:58 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://1kdayprofitz-bfc01.gr8.com
access-control-allow-credentials
true
etag
W/"173-jhBpWj40FeZNggf7WYxpftn07Zc"
CwqBnVh4BRk
www.youtube.com/embed/ Frame 6A45
Redirect Chain
  • https://youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
  • https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
62 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
Requested by
Host: 1kdayprofitz-bfc01.gr8.com
URL: https://1kdayprofitz-bfc01.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7d1a64bd610ba802e181e3b9e135737b558a2ee78ad6cc2d1afbde35b9c14baa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1kdayprofitz-bfc01.gr8.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Tue, 02 Aug 2022 03:52:58 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=31536000
content-length
0
content-type
application/binary
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Tue, 02 Aug 2022 03:52:58 GMT
expires
Tue, 02 Aug 2022 03:52:58 GMT
location
https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=4859&d=1kdayprofitz-bfc01.gr8.com&u=DBF8D26B60F59FF2642188C60601C9C97&h=26e452878d4c2b723115e96b64e8ffd7&t=false&r=0.14330436578509054
Requested by
Host: 1kdayprofitz-bfc01.gr8.com
URL: https://1kdayprofitz-bfc01.gr8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1kdayprofitz-bfc01.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Aug 2022 03:52:58 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
/
sentry.int.getresponse.com/api/229/envelope/ 		0
0
v2.1.14.0.umd.js
us-an.gr-cdn.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us-an.gr-cdn.com/v2.1.14.0.umd.js
Requested by
Host: ga.getresponse.com
URL: https://ga.getresponse.com/script/b106177f-6ff2-4fd4-a081-b6043318be9c/ga.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
AmazonS3 /
Resource Hash
a81f9e6cda398e7592c42ed31206ab9f614a749bfa833bf68a511f31bc4ecb39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1kdayprofitz-bfc01.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 03:52:58 GMT
content-encoding
gzip
last-modified
Fri, 08 Jul 2022 08:06:35 GMT
server
AmazonS3
x-amz-request-id
8K0KBKR2ZDWJD3Z7
etag
"6f1108c8a62d374adc6fded6c4b71e9f"
x-hw
1659412378.dop210.lo4.t,1659412378.cds245.lo4.hn,1659412378.cds299.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=29392141
accept-ranges
bytes
content-length
4491
x-amz-id-2
5kZ/NuwnvQicErreX78gdMbE3IrDNwM6suekRBAK6owfQkCDRVxI0Xn+I6juTC0D0CkyEnvwllg=
www-player.css
www.youtube.com/s/player/7a7465f5/ Frame 6A45 		340 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7a7465f5/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8af5b01db369432e13c4fc7fd732a09338294d39668f7dd3d4c0c063db3a18be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 14:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
47016
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47818
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 00:20:36 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 01 Aug 2023 14:49:22 GMT
www-embed-player.js
www.youtube.com/s/player/7a7465f5/www-embed-player.vflset/ Frame 6A45 		307 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7a7465f5/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2623028b608ddfeee51b931f3b9e12237167c360ad64d7f069b65055f9feaeea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 14:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
47016
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96877
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 00:20:36 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 01 Aug 2023 14:49:22 GMT
base.js
www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/ Frame 6A45 		2 MB
565 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1372e99784f1a09da0cfe05bdaf2eb4dc4cae8e68b37bc5ae5780636331f32b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 14:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
47016
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
578743
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 00:20:36 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 01 Aug 2023 14:49:22 GMT
fetch-polyfill.js
www.youtube.com/s/player/7a7465f5/fetch-polyfill.vflset/ Frame 6A45 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7a7465f5/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 14:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
47016
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 00:20:36 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 01 Aug 2023 14:49:22 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6A45 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 17:06:41 GMT
x-content-type-options
nosniff
age
557177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 26 Jul 2023 17:06:41 GMT
index.php
ga2.getresponse.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ga2.getresponse.com/index.php?ver=3&url=https%3A%2F%2F1kdayprofitz-bfc01.gr8.com%2F&uid=%7B%22uuid%22%3A%22a36bcef1-17a5-4b4e-914c-4da69710d8b8%22%2C%22email%22%3A%22%22%2C%22xsid%22%3A%22%22%2C%22list_token%22%3A%22%22%2C%22gr_x%22%3A%22%22%2C%22gr_s%22%3A%22%22%2C%22gr_m%22%3A%22%22%2C%22valuable%22%3A0%2C%22domain%22%3A%22gr8.com%22%7D&_cvar=%7B%221%22%3A%5B%22grid%22%2C%22%22%5D%2C%222%22%3A%5B%22aid%22%2C%22b106177f-6ff2-4fd4-a081-b6043318be9c%22%5D%7D&h=3&m=52&s=58&res=1600x1200&gt_ms=195
Requested by
Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/show.chunk.bdbbcc789bb858d6929a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.16.117.14 , Poland, ASN198881 (IMPLIX-PL-AS, PL),
Reverse DNS
14.117.16.178.implix.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1kdayprofitz-bfc01.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
date
Tue, 02 Aug 2022 03:52:58 GMT
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-download-options
noopen
x-response-id
fb8cde3b-bf61-4449-9d7b-347ade755d6b
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
x-xss-protection
0
id
googleads.g.doubleclick.net/pagead/ Frame 6A45
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
Protocol
H3
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8362cd3afa547cc5b14a18c5ce18b00c90764e766002751bac117d1cc139110f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 03:52:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 02 Aug 2022 03:52:58 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 6A45 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 03:49:42 GMT
x-content-type-options
nosniff
age
197
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Aug 2022 04:04:42 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 02 Aug 2022 03:52:59 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6A45 		64 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
55a9995e022c32182748477ae4fd97d16d257d4ecac42be23df9fa2c0839777c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 02 Aug 2022 03:52:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
30287
x-xss-protection
0
remote.js
www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/ Frame 6A45 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d2c4e47d312ed9081170f9d3726d3334c0ed97022b18012e199d9e5e0d0ebb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 14:51:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
46906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37730
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 00:20:36 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 01 Aug 2023 14:51:12 GMT
IruI-nnR9cApON5NnX4a6Rk2hklUovmjhYf98lhYBDk.js
www.google.com/js/th/ Frame 6A45 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/IruI-nnR9cApON5NnX4a6Rk2hklUovmjhYf98lhYBDk.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22bb88fa79d1f5c02938de4d9d7e1ae91936864954a2f9a38587fdf258580439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 10:42:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
321015
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13936
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 13:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 29 Jul 2023 10:42:44 GMT
embed.js
www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/ Frame 6A45 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6eec341c9c241a1081597ada35bc20370b48a3ef4ba97fc4d59fb7d37302a1f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 14:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
47017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8114
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 00:20:36 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 01 Aug 2023 14:49:22 GMT
truncated
/ Frame 6A45 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
AMLnZu_Wazx1IuYzsBFsl7ix3aqqOZzFgragF50O11UiXw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 6A45 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AMLnZu_Wazx1IuYzsBFsl7ix3aqqOZzFgragF50O11UiXw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9c11d037384b72852c5d3538a78c0bd89719cf8e65b81bd4de2b5300c89222b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 03:52:59 GMT
x-content-type-options
nosniff
server
fife
etag
"va03"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3389
x-xss-protection
0
expires
Wed, 03 Aug 2022 03:52:59 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/CwqBnVh4BRk/ Frame 6A45 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/CwqBnVh4BRk/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e9a3167eaa829dfb6497252c086097c05386f12fcfbc467127289cc7b3a78a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 03:52:59 GMT
x-content-type-options
nosniff
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30078
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 02 Aug 2022 05:52:59 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 6A45 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 03:52:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 02 Aug 2022 03:52:59 GMT
generate_204
www.youtube.com/ Frame 6A45 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?VzBhRg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 03:52:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/103/ Frame 6A45 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/103/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 16:52:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15123
x-xss-protection
0
last-modified
Mon, 02 May 2022 15:04:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 02 Aug 2022 16:52:13 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6A45 		98 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aca74470195bc534140f1ca0e2bdf772ed56b87605fb86168cda6989a69d6778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 02 Aug 2022 03:52:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 02 Aug 2022 03:52:59 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
/
1kdayprofitz-bfc01.gr8.com/ 		0
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1kdayprofitz-bfc01.gr8.com/
Requested by
Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/show.chunk.bdbbcc789bb858d6929a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.160.64.15 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
norevdns.getresponse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://1kdayprofitz-bfc01.gr8.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Aug 2022 03:52:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-frame-options
sameorigin
content-type
application/json
cache-control
no-store, no-cache, must-revalidate
feature-policy
accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
strict-transport-security
max-age=31536000
csrf-token
2863abf7-0271-4a21-9021-4583cbd7b59a
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
expires
Thu, 19 Nov 1981 08:52:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 6A45 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/CwqBnVh4BRk?controls=1&autoplay=0&loop=0&showinfo=1&rel=0
X-YouTube-Client-Version
1.20220731.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtuTWJORlJzS3JOOCiav6KXBg%3D%3D
X-YouTube-Ad-Signals
dt=1659412378913&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C797%2C532&vis=1&wgl=true&ca_type=image

Response headers

date
Tue, 02 Aug 2022 03:53:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Tue, 02 Aug 2022 03:53:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sentry.int.getresponse.com
URL
https://sentry.int.getresponse.com/api/229/envelope/?sentry_key=d3b7043693de4d2f8b9eb6d463c4e0a5&sentry_version=7

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _vwo_code number| settings_timer number| _vwo_settings_timer string| __GetResponseAnalyticsObject function| GrTracking object| grLpsInitialData object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery object| Backbone function| _ undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| __SENTRY__ object| socialButtonsStorage function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps object| GRV2 object| __grIntegrationConfig function| gaSetUserId function| gaPush

9 Cookies

Domain/Path Name / Value
1kdayprofitz-bfc01.gr8.com/ Name: squeeze-page
Value: 0tfc2opfmecu0e4fsgaot0ngch
1kdayprofitz-bfc01.gr8.com/ Name: SK2X2[variantVersion]
Value: 0
.1kdayprofitz-bfc01.gr8.com/ Name: _vwo_uuid_v2
Value: DBF8D26B60F59FF2642188C60601C9C97|26e452878d4c2b723115e96b64e8ffd7
.youtube.com/ Name: YSC
Value: s0cOla7VvBI
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: nMbNFRsKrN8
.gr8.com/ Name: w-Y-ZY
Value: tPI9yW
.gr8.com/ Name: gaVisitorUuid
Value: a36bcef1-17a5-4b4e-914c-4da69710d8b8
1kdayprofitz-bfc01.gr8.com/ Name: SK2X2[visit]
Value: hzzaC
1kdayprofitz-bfc01.gr8.com/ Name: SK2X2[uniqueVisit]
Value: hzzaC

2 Console Messages

Source Level URL
Text
javascript error URL: https://1kdayprofitz-bfc01.gr8.com/
Message:
Access to fetch at 'https://sentry.int.getresponse.com/api/229/envelope/?sentry_key=d3b7043693de4d2f8b9eb6d463c4e0a5&sentry_version=7' from origin 'https://1kdayprofitz-bfc01.gr8.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://sentry.int.getresponse.com/api/229/envelope/?sentry_key=d3b7043693de4d2f8b9eb6d463c4e0a5&sentry_version=7
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1kdayprofitz-bfc01.gr8.com
750creditplug.com
dev.visualwebsiteoptimizer.com
fonts.gstatic.com
ga.getresponse.com
ga2.getresponse.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
sentry.int.getresponse.com
static.doubleclick.net
us-an.gr-cdn.com
us-as.gr-cdn.com
www.google.com
www.gstatic.com
www.youtube.com
youtube.com
yt3.ggpht.com
sentry.int.getresponse.com
104.160.64.15
178.16.117.14
205.185.216.10
2607:f1c0:100f:f000::29f
2a00:1450:4001:803::2001
2a00:1450:4001:803::200e
2a00:1450:4001:808::2006
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:827::200a
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2016
2a00:1450:4001:830::2003
34.96.102.137
0e9a3167eaa829dfb6497252c086097c05386f12fcfbc467127289cc7b3a78a2
1372e99784f1a09da0cfe05bdaf2eb4dc4cae8e68b37bc5ae5780636331f32b1
1c1594980fc5fbb5b764a70b6089aa62f4a707a90854aa8aaad3919bab8e0420
1ce5f3fe604178444613f80a6398d8c55abe621d453b1241b575194023466396
22bb88fa79d1f5c02938de4d9d7e1ae91936864954a2f9a38587fdf258580439
2623028b608ddfeee51b931f3b9e12237167c360ad64d7f069b65055f9feaeea
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4e94ea32ad013ea276444a49d539ed754be9cdc2ca634857226b5663f34c807f
4f148221a9e9f84603e45a502960e9e36bfa2c152d2a24a138374ff075cbe530
4fa1aa25efe41149e52124787df5c8eb50f24f79c778a1c344510eb0e8850e6c
55a9995e022c32182748477ae4fd97d16d257d4ecac42be23df9fa2c0839777c
5bc5cfb9f620d221334ea456af45bc66825e63f8f8a83882e3ba6a944529ed14
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6eec341c9c241a1081597ada35bc20370b48a3ef4ba97fc4d59fb7d37302a1f0
7cf3f84bd91910ab21318fe27593fcdf37b802ce8b4eb8ae1e05c0018a36eea9
7d1a64bd610ba802e181e3b9e135737b558a2ee78ad6cc2d1afbde35b9c14baa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8362cd3afa547cc5b14a18c5ce18b00c90764e766002751bac117d1cc139110f
8af5b01db369432e13c4fc7fd732a09338294d39668f7dd3d4c0c063db3a18be
9c11d037384b72852c5d3538a78c0bd89719cf8e65b81bd4de2b5300c89222b0
9d2c4e47d312ed9081170f9d3726d3334c0ed97022b18012e199d9e5e0d0ebb4
a81f9e6cda398e7592c42ed31206ab9f614a749bfa833bf68a511f31bc4ecb39
aca74470195bc534140f1ca0e2bdf772ed56b87605fb86168cda6989a69d6778
b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95
d090a860c13c9136c7f2b03707a9c17999e2c2319f9cfcb737ffc5d8e8d39f7d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db9b621f49633ca7e93a6211b683e00fd699295acae0269bee83d7a2f0f72e6f
e004840c7d6a3aea8bdece266e3c77362aa9832b496d6595120ea90c99491369
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9