profitablemessages.com Open in urlscan Pro
185.139.2.43 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://profitablemessages.com/mr-en-ia-amicci-octs/?sub1=120211435540730533&sub2=120211435540640533&sub3=120211272405100533&su...
Submission: On June 20 via manual (June 20th 2024, 7:15:50 am UTC) from US — Scanned from DE

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 13 domains to perform 33 HTTP transactions. The main IP is 185.139.2.43, located in São Paulo, Brazil and belongs to AS-HOSTINGER, CY. The main domain is profitablemessages.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on April 26th 2024. Valid for: 3 months.

This is the only time profitablemessages.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	185.139.2.43 185.139.2.43	47583 (AS-HOSTINGER) (AS-HOSTINGER)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2001:1af8:510... 2001:1af8:5100:a003:2::	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
2	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
4	172.67.139.119 172.67.139.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
33	15

7 185.139.2.43 (São Paulo, Brazil)

ASN47583 (AS-HOSTINGER, CY)

profitablemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:1af8:5100:a003:2:: (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rfwzx.rdtk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	profitablemessages.com profitablemessages.com	767 KB
5	gstatic.com fonts.gstatic.com	39 KB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2060 ka-f.fontawesome.com — Cisco Umbrella Rank: 5357	101 KB
2	google.de www.google.de — Cisco Umbrella Rank: 8088	126 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	409 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3125 www.google.com — Cisco Umbrella Rank: 5	63 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71	21 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	46 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	165 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 816	30 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	1 KB
1	rdtk.io rfwzx.rdtk.io	4 KB
0	codes-messages.online Failed codes-messages.online Failed
33	13

	Domain	Requested by
7	profitablemessages.com	profitablemessages.com
5	fonts.gstatic.com	fonts.googleapis.com
4	ka-f.fontawesome.com	kit.fontawesome.com profitablemessages.com
2	www.google.de	profitablemessages.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.jsdelivr.net	profitablemessages.com
2	www.googletagmanager.com	profitablemessages.com www.googletagmanager.com
1	www.google.com	profitablemessages.com
1	region1.analytics.google.com	www.googletagmanager.com
1	kit.fontawesome.com	profitablemessages.com
1	code.jquery.com	profitablemessages.com
1	fonts.googleapis.com	profitablemessages.com
1	rfwzx.rdtk.io	profitablemessages.com
0	codes-messages.online Failed	profitablemessages.com
33	15

This site contains no links.

Subject Issuer	Validity	Valid
profitablemessages.com ZeroSSL RSA Domain Secure Site CA	`2024-04-26` - `2024-07-25`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.rdtk.io GoGetSSL RSA DV CA	`2023-07-19` - `2024-07-19`	a year	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.google.de WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-05-03` - `2024-08-01`	3 months	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://profitablemessages.com/mr-en-ia-amicci-octs/?sub1=120211435540730533&sub2=120211435540640533&sub3=120211272405100533&sub4=175&sub5=AMICCI_CA-1_T-I-ikea+cpe_175__X0002285&utm_campaign=AMICCI_CA-1_T-INTERESSES_10/06+-+GABRIEL&utm_content=175&utm_source=amicci&utm_medium=paid&mk=t777&fbclid=PAAaYsHeFv5c8fCFw7KMp4fMM1qBNS7qwKyRgu3Slr4R4TK3tC4lNHxlZJExI_aem_dv5Vh-urMYIY9lFrPdLAQg&code=-1202&domain=NSURLErrorDomain&description=The%20certificate%20for%20this%20server%20is%20invalid.%20You%20might%20be%20connecting%20to%20a%20server%20that%20is%20pretending%20to%20be%20%E2%80%9Cprofitablemessages.com%E2%80%9D%20which%20could%20put%20your%20confidential%20information%20at%20risk.&timestamp=1718867486534&badcert=MIIB/TCCAYOgAwIBAgIQDZZNInm9wGy8WM8g3G9vgTAKBggqhkjOPQQDAzAxMRIwEAYDVQQKDAlOZXRBbGVydHMxGzAZBgNVBAMMEk5ldEFsZXJ0cyBTZXJ2aWNlczAeFw0yNDA2MTkxNDAxNTBaFw0yNDA2MjAxNDA2NTBaMDUxEjAQBgNVBAoTCU5ldEFsZXJ0czEfMB0GA1UEAxMWcHJvZml0YWJsZW1lc3NhZ2VzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGAkLGtL3E33FpZP7TvGXbxHOqY4kDaGbB+ekwa3PgQBYeEFG7sHKEjlXBdKZwO1xh5JuacXpYRkb5HR5yg3/ACjeTB3MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPfGRKcRcZqQCAmjZCYoOI9U2li/MCEGA1UdEQQaMBiCFnByb2ZpdGFibGVtZXNzYWdlcy5jb20wCgYIKoZIzj0EAwMDaAAwZQIxALspuZQXJeuJkqLaPJr4urVAklRphfkqpuraHefwC0yIuKjGU+yCV2ajwTqB0W4QAQIwZ6H8nBy2BBRRQyzUdMIVi+HfVhF6mTI0RtUaZUXUPMdnfdoAjxiaIxDvjlWuBGOT&certerror=&uuidkey=11F05C46-57E9-4D84-AD72-DF458468380D
Frame ID: 1036C74EE0E664A6A54457B4105241E6
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

01 Inicio

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

33
Requests

97 %
HTTPS

71 %
IPv6

13
Domains

15
Subdomains

15
IPs

5
Countries

1176 kB
Transfer

1884 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://rfwzx.rdtk.io/64cd97367e9d3300018cebd9?format=json&sub1=120211435540730533&sub2=120211435540640533&sub3=120211272405100533&sub4=175&sub5=AMICCI_CA-1_T-I-ikea+cpe_175__X0002285&utm_campaign=AMICCI_CA-1_T-INTERESSES_10/06+-+GABRIEL&utm_content=175&utm_source=amicci&utm_medium=paid&mk=t777&fbclid=PAAaYsHeFv5c8fCFw7KMp4fMM1qBNS7qwKyRgu3Slr4R4TK3tC4lNHxlZJExI_aem_dv5Vh-urMYIY9lFrPdLAQg&code=-1202&domain=NSURLErrorDomain&description=The%20certificate%20for%20this%20server%20is%20invalid.%20You%20might%20be%20connecting%20to%20a%20server%20that%20is%20pretending%20to%20be%20%E2%80%9Cprofitablemessages.com%E2%80%9D%20which%20could%20put%20your%20confidential%20information%20at%20risk.&timestamp=1718867486534&badcert=MIIB/TCCAYOgAwIBAgIQDZZNInm9wGy8WM8g3G9vgTAKBggqhkjOPQQDAzAxMRIwEAYDVQQKDAlOZXRBbGVydHMxGzAZBgNVBAMMEk5ldEFsZXJ0cyBTZXJ2aWNlczAeFw0yNDA2MTkxNDAxNTBaFw0yNDA2MjAxNDA2NTBaMDUxEjAQBgNVBAoTCU5ldEFsZXJ0czEfMB0GA1UEAxMWcHJvZml0YWJsZW1lc3NhZ2VzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGAkLGtL3E33FpZP7TvGXbxHOqY4kDaGbB+ekwa3PgQBYeEFG7sHKEjlXBdKZwO1xh5JuacXpYRkb5HR5yg3/ACjeTB3MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPfGRKcRcZqQCAmjZCYoOI9U2li/MCEGA1UdEQQaMBiCFnByb2ZpdGFibGVtZXNzYWdlcy5jb20wCgYIKoZIzj0EAwMDaAAwZQIxALspuZQXJeuJkqLaPJr4urVAklRphfkqpuraHefwC0yIuKjGU+yCV2ajwTqB0W4QAQIwZ6H8nBy2BBRRQyzUdMIVi+HfVhF6mTI0RtUaZUXUPMdnfdoAjxiaIxDvjlWuBGOT&certerror=&uuidkey=11F05C46-57E9-4D84-AD72-DF458468380D&sub19=&sub20= HTTP 302
https://codes-messages.online/pv-mr-cp121/

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
profitablemessages.com/mr-en-ia-amicci-octs/ 27 KB
6 KB 1244ms
623ms Document
text/html 185.139.2.43
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://profitablemessages.com/mr-en-ia-amicci-octs/?sub1=120211435540730533&sub2=120211435540640533&sub3=120211272405100533&sub4=175&sub5=AMICCI_CA-1_T-I-ikea+cpe_175__X0002285&utm_campaign=AMICCI_CA-1_T-INTERESSES_10/06+-+GABRIEL&utm_content=175&utm_source=amicci&utm_medium=paid&mk=t777&fbclid=PAAaYsHeFv5c8fCFw7KMp4fMM1qBNS7qwKyRgu3Slr4R4TK3tC4lNHxlZJExI_aem_dv5Vh-urMYIY9lFrPdLAQg&code=-1202&domain=NSURLErrorDomain&description=The%20certificate%20for%20this%20server%20is%20invalid.%20You%20might%20be%20connecting%20to%20a%20server%20that%20is%20pretending%20to%20be%20%E2%80%9Cprofitablemessages.com%E2%80%9D%20which%20could%20put%20your%20confidential%20information%20at%20risk.&timestamp=1718867486534&badcert=MIIB/TCCAYOgAwIBAgIQDZZNInm9wGy8WM8g3G9vgTAKBggqhkjOPQQDAzAxMRIwEAYDVQQKDAlOZXRBbGVydHMxGzAZBgNVBAMMEk5ldEFsZXJ0cyBTZXJ2aWNlczAeFw0yNDA2MTkxNDAxNTBaFw0yNDA2MjAxNDA2NTBaMDUxEjAQBgNVBAoTCU5ldEFsZXJ0czEfMB0GA1UEAxMWcHJvZml0YWJsZW1lc3NhZ2VzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGAkLGtL3E33FpZP7TvGXbxHOqY4kDaGbB+ekwa3PgQBYeEFG7sHKEjlXBdKZwO1xh5JuacXpYRkb5HR5yg3/ACjeTB3MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPfGRKcRcZqQCAmjZCYoOI9U2li/MCEGA1UdEQQaMBiCFnByb2ZpdGFibGVtZXNzYWdlcy5jb20wCgYIKoZIzj0EAwMDaAAwZQIxALspuZQXJeuJkqLaPJr4urVAklRphfkqpuraHefwC0yIuKjGU+yCV2ajwTqB0W4QAQIwZ6H8nBy2BBRRQyzUdMIVi+HfVhF6mTI0RtUaZUXUPMdnfdoAjxiaIxDvjlWuBGOT&certerror=&uuidkey=11F05C46-57E9-4D84-AD72-DF458468380D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.139.2.43 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/8.1.27

Resource Hash

032cb1835e9dcc89f6430d5c04e0456d362a65d4c87e71be8465cc5d61de4dc0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 6167
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 20 Jun 2024 07:15:25 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
platform: hostinger
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.1.27

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
75 KB 665ms
13ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-238176933-1

Requested by

Host: profitablemessages.com
URL: https://profitablemessages.com/mr-en-ia-amicci-octs/?sub1=120211435540730533&sub2=120211435540640533&sub3=120211272405100533&sub4=175&sub5=AMICCI_CA-1_T-I-ikea+cpe_175__X0002285&utm_campaign=AMICCI_CA-1_T-INTERESSES_10/06+-+GABRIEL&utm_content=175&utm_source=amicci&utm_medium=paid&mk=t777&fbclid=PAAaYsHeFv5c8fCFw7KMp4fMM1qBNS7qwKyRgu3Slr4R4TK3tC4lNHxlZJExI_aem_dv5Vh-urMYIY9lFrPdLAQg&code=-1202&domain=NSURLErrorDomain&description=The%20certificate%20for%20this%20server%20is%20invalid.%20You%20might%20be%20connecting%20to%20a%20server%20that%20is%20pretending%20to%20be%20%E2%80%9Cprofitablemessages.com%E2%80%9D%20which%20could%20put%20your%20confidential%20information%20at%20risk.&timestamp=1718867486534&badcert=MIIB/TCCAYOgAwIBAgIQDZZNInm9wGy8WM8g3G9vgTAKBggqhkjOPQQDAzAxMRIwEAYDVQQKDAlOZXRBbGVydHMxGzAZBgNVBAMMEk5ldEFsZXJ0cyBTZXJ2aWNlczAeFw0yNDA2MTkxNDAxNTBaFw0yNDA2MjAxNDA2NTBaMDUxEjAQBgNVBAoTCU5ldEFsZXJ0czEfMB0GA1UEAxMWcHJvZml0YWJsZW1lc3NhZ2VzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGAkLGtL3E33FpZP7TvGXbxHOqY4kDaGbB+ekwa3PgQBYeEFG7sHKEjlXBdKZwO1xh5JuacXpYRkb5HR5yg3/ACjeTB3MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPfGRKcRcZqQCAmjZCYoOI9U2li/MCEGA1UdEQQaMBiCFnByb2ZpdGFibGVtZXNzYWdlcy5jb20wCgYIKoZIzj0EAwMDaAAwZQIxALspuZQXJeuJkqLaPJr4urVAklRphfkqpuraHefwC0yIuKjGU+yCV2ajwTqB0W4QAQIwZ6H8nBy2BBRRQyzUdMIVi+HfVhF6mTI0RtUaZUXUPMdnfdoAjxiaIxDvjlWuBGOT&certerror=&uuidkey=11F05C46-57E9-4D84-AD72-DF458468380D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5bb7f3144354a54478bfc5080dc72f193bf02d24db77f96669deaf17af24a0a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 07:15:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76552
x-xss-protection: 0
last-modified: Thu, 20 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jun 2024 07:15:25 GMT

GET
H/1.1 200
OK track.js Show response
rfwzx.rdtk.io/ 4 KB
4 KB 553ms
45ms Script
text/plain 2001:1af8:5100:a003:2::
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://rfwzx.rdtk.io/track.js?rtkcmpid=64cd97367e9d3300018cebd9
Requested by: Host: profitablemessages.com
URL: https://profitablemessages.com/mr-en-ia-amicci-octs/?sub1=120211435540730533&sub2=120211435540640533&sub3=120211272405100533&sub4=175&sub5=AMICCI_CA-1_T-I-ikea+cpe_175__X0002285&utm_campaign=AMICCI_CA-1_T-INTERESSES_10/06+-+GABRIEL&utm_content=175&utm_source=amicci&utm_medium=paid&mk=t777&fbclid=PAAaYsHeFv5c8fCFw7KMp4fMM1qBNS7qwKyRgu3Slr4R4TK3tC4lNHxlZJExI_aem_dv5Vh-urMYIY9lFrPdLAQg&code=-1202&domain=NSURLErrorDomain&description=The%20certificate%20for%20this%20server%20is%20invalid.%20You%20might%20be%20connecting%20to%20a%20server%20that%20is%20pretending%20to%20be%20%E2%80%9Cprofitablemessages.com%E2%80%9D%20which%20could%20put%20your%20confidential%20information%20at%20risk.&timestamp=1718867486534&badcert=MIIB/TCCAYOgAwIBAgIQDZZNInm9wGy8WM8g3G9vgTAKBggqhkjOPQQDAzAxMRIwEAYDVQQKDAlOZXRBbGVydHMxGzAZBgNVBAMMEk5ldEFsZXJ0cyBTZXJ2aWNlczAeFw0yNDA2MTkxNDAxNTBaFw0yNDA2MjAxNDA2NTBaMDUxEjAQBgNVBAoTCU5ldEFsZXJ0czEfMB0GA1UEAxMWcHJvZml0YWJsZW1lc3NhZ2VzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGAkLGtL3E33FpZP7TvGXbxHOqY4kDaGbB+ekwa3PgQBYeEFG7sHKEjlXBdKZwO1xh5JuacXpYRkb5HR5yg3/ACjeTB3MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPfGRKcRcZqQCAmjZCYoOI9U2li/MCEGA1UdEQQaMBiCFnByb2ZpdGFibGVtZXNzYWdlcy5jb20wCgYIKoZIzj0EAwMDaAAwZQIxALspuZQXJeuJkqLaPJr4urVAklRphfkqpuraHefwC0yIuKjGU+yCV2ajwTqB0W4QAQIwZ6H8nBy2BBRRQyzUdMIVi+HfVhF6mTI0RtUaZUXUPMdnfdoAjxiaIxDvjlWuBGOT&certerror=&uuidkey=11F05C46-57E9-4D84-AD72-DF458468380D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2001:1af8:5100:a003:2:: , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 5609afdca33968442d25bff36dba60e658412b3ac2f0e3efec7ec7f32a95bbf4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 20 Jun 2024 07:15:25 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 647ms
0ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&family=Poppins:wght@100;300;400;500;600;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3007331eb7ede985d970f92d34b168b679c78f76df3955426d8de6572d95516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jun 2024 07:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jun 2024 07:15:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jun 2024 07:15:25 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 190 KB
30 KB 392ms
7ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Jun 2024 07:15:25 GMT
x-content-type-options: nosniff
content-encoding: br
age: 795685
x-jsd-version: 5.2.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30336
x-served-by: cache-fra-etou8220031-FRA
x-jsd-version-type: version
etag: W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 estilos.css
profitablemessages.com/mr-en-ia-amicci-octs/csss/ 193 B
328 B 224ms
222ms Stylesheet
text/css 185.139.2.43
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://profitablemessages.com/mr-en-ia-amicci-octs/csss/estilos.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.139.2.43 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3ee93a566bf801aae76e99081af547f906da3e3341316b62a4f19ed7e887628b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/mr-en-ia-amicci-octs/?sub1=120211435540730533&sub2=120211435540640533&sub3=120211272405100533&sub4=175&sub5=AMICCI_CA-1_T-I-ikea+cpe_175__X0002285&utm_campaign=AMICCI_CA-1_T-INTERESSES_10/06+-+GABRIEL&utm_content=175&utm_source=amicci&utm_medium=paid&mk=t777&fbclid=PAAaYsHeFv5c8fCFw7KMp4fMM1qBNS7qwKyRgu3Slr4R4TK3tC4lNHxlZJExI_aem_dv5Vh-urMYIY9lFrPdLAQg&code=-1202&domain=NSURLErrorDomain&description=The%20certificate%20for%20this%20server%20is%20invalid.%20You%20might%20be%20connecting%20to%20a%20server%20that%20is%20pretending%20to%20be%20%E2%80%9Cprofitablemessages.com%E2%80%9D%20which%20could%20put%20your%20confidential%20information%20at%20risk.&timestamp=1718867486534&badcert=MIIB/TCCAYOgAwIBAgIQDZZNInm9wGy8WM8g3G9vgTAKBggqhkjOPQQDAzAxMRIwEAYDVQQKDAlOZXRBbGVydHMxGzAZBgNVBAMMEk5ldEFsZXJ0cyBTZXJ2aWNlczAeFw0yNDA2MTkxNDAxNTBaFw0yNDA2MjAxNDA2NTBaMDUxEjAQBgNVBAoTCU5ldEFsZXJ0czEfMB0GA1UEAxMWcHJvZml0YWJsZW1lc3NhZ2VzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGAkLGtL3E33FpZP7TvGXbxHOqY4kDaGbB+ekwa3PgQBYeEFG7sHKEjlXBdKZwO1xh5JuacXpYRkb5HR5yg3/ACjeTB3MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPfGRKcRcZqQCAmjZCYoOI9U2li/MCEGA1UdEQQaMBiCFnByb2ZpdGFibGVtZXNzYWdlcy5jb20wCgYIKoZIzj0EAwMDaAAwZQIxALspuZQXJeuJkqLaPJr4urVAklRphfkqpuraHefwC0yIuKjGU+yCV2ajwTqB0W4QAQIwZ6H8nBy2BBRRQyzUdMIVi+HfVhF6mTI0RtUaZUXUPMdnfdoAjxiaIxDvjlWuBGOT&certerror=&uuidkey=11F05C46-57E9-4D84-AD72-DF458468380D
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 07:15:25 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 May 2024 17:28:11 GMT
server: LiteSpeed
etag: "c1-663d07ab-fa6ea145a0c7751d;;;"
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 193
expires: Thu, 27 Jun 2024 07:15:25 GMT

GET
H2 200 codigo1.png
profitablemessages.com/mr-en-ia-amicci-octs/img/ 295 KB
295 KB 224ms
222ms Image
image/png 185.139.2.43
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://profitablemessages.com/mr-en-ia-amicci-octs/img/codigo1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.139.2.43 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

58c090a90e79297259473852a59fc6a1a5232a35e6926a5a46bb75b62eec43e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/mr-en-ia-amicci-octs/?sub1=120211435540730533&sub2=120211435540640533&sub3=120211272405100533&sub4=175&sub5=AMICCI_CA-1_T-I-ikea+cpe_175__X0002285&utm_campaign=AMICCI_CA-1_T-INTERESSES_10/06+-+GABRIEL&utm_content=175&utm_source=amicci&utm_medium=paid&mk=t777&fbclid=PAAaYsHeFv5c8fCFw7KMp4fMM1qBNS7qwKyRgu3Slr4R4TK3tC4lNHxlZJExI_aem_dv5Vh-urMYIY9lFrPdLAQg&code=-1202&domain=NSURLErrorDomain&description=The%20certificate%20for%20this%20server%20is%20invalid.%20You%20might%20be%20connecting%20to%20a%20server%20that%20is%20pretending%20to%20be%20%E2%80%9Cprofitablemessages.com%E2%80%9D%20which%20could%20put%20your%20confidential%20information%20at%20risk.&timestamp=1718867486534&badcert=MIIB/TCCAYOgAwIBAgIQDZZNInm9wGy8WM8g3G9vgTAKBggqhkjOPQQDAzAxMRIwEAYDVQQKDAlOZXRBbGVydHMxGzAZBgNVBAMMEk5ldEFsZXJ0cyBTZXJ2aWNlczAeFw0yNDA2MTkxNDAxNTBaFw0yNDA2MjAxNDA2NTBaMDUxEjAQBgNVBAoTCU5ldEFsZXJ0czEfMB0GA1UEAxMWcHJvZml0YWJsZW1lc3NhZ2VzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGAkLGtL3E33FpZP7TvGXbxHOqY4kDaGbB+ekwa3PgQBYeEFG7sHKEjlXBdKZwO1xh5JuacXpYRkb5HR5yg3/ACjeTB3MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPfGRKcRcZqQCAmjZCYoOI9U2li/MCEGA1UdEQQaMBiCFnByb2ZpdGFibGVtZXNzYWdlcy5jb20wCgYIKoZIzj0EAwMDaAAwZQIxALspuZQXJeuJkqLaPJr4urVAklRphfkqpuraHefwC0yIuKjGU+yCV2ajwTqB0W4QAQIwZ6H8nBy2BBRRQyzUdMIVi+HfVhF6mTI0RtUaZUXUPMdnfdoAjxiaIxDvjlWuBGOT&certerror=&uuidkey=11F05C46-57E9-4D84-AD72-DF458468380D
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 07:15:25 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 May 2024 17:28:11 GMT
server: LiteSpeed
etag: "49a7a-663d07ab-a8b9aa72f69552ff;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 301690
expires: Thu, 27 Jun 2024 07:15:25 GMT

GET
H2 200 codigo2.png
profitablemessages.com/mr-en-ia-amicci-octs/img/ 236 KB
236 KB 224ms
222ms Image
image/png 185.139.2.43
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://profitablemessages.com/mr-en-ia-amicci-octs/img/codigo2.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.139.2.43 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

13f3799fe466a3d7a29caf5f86e0919a6882c586e65aebabe594d0a2ad4404a0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/mr-en-ia-amicci-octs/?sub1=120211435540730533&sub2=120211435540640533&sub3=120211272405100533&sub4=175&sub5=AMICCI_CA-1_T-I-ikea+cpe_175__X0002285&utm_campaign=AMICCI_CA-1_T-INTERESSES_10/06+-+GABRIEL&utm_content=175&utm_source=amicci&utm_medium=paid&mk=t777&fbclid=PAAaYsHeFv5c8fCFw7KMp4fMM1qBNS7qwKyRgu3Slr4R4TK3tC4lNHxlZJExI_aem_dv5Vh-urMYIY9lFrPdLAQg&code=-1202&domain=NSURLErrorDomain&description=The%20certificate%20for%20this%20server%20is%20invalid.%20You%20might%20be%20connecting%20to%20a%20server%20that%20is%20pretending%20to%20be%20%E2%80%9Cprofitablemessages.com%E2%80%9D%20which%20could%20put%20your%20confidential%20information%20at%20risk.&timestamp=1718867486534&badcert=MIIB/TCCAYOgAwIBAgIQDZZNInm9wGy8WM8g3G9vgTAKBggqhkjOPQQDAzAxMRIwEAYDVQQKDAlOZXRBbGVydHMxGzAZBgNVBAMMEk5ldEFsZXJ0cyBTZXJ2aWNlczAeFw0yNDA2MTkxNDAxNTBaFw0yNDA2MjAxNDA2NTBaMDUxEjAQBgNVBAoTCU5ldEFsZXJ0czEfMB0GA1UEAxMWcHJvZml0YWJsZW1lc3NhZ2VzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGAkLGtL3E33FpZP7TvGXbxHOqY4kDaGbB+ekwa3PgQBYeEFG7sHKEjlXBdKZwO1xh5JuacXpYRkb5HR5yg3/ACjeTB3MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPfGRKcRcZqQCAmjZCYoOI9U2li/MCEGA1UdEQQaMBiCFnByb2ZpdGFibGVtZXNzYWdlcy5jb20wCgYIKoZIzj0EAwMDaAAwZQIxALspuZQXJeuJkqLaPJr4urVAklRphfkqpuraHefwC0yIuKjGU+yCV2ajwTqB0W4QAQIwZ6H8nBy2BBRRQyzUdMIVi+HfVhF6mTI0RtUaZUXUPMdnfdoAjxiaIxDvjlWuBGOT&certerror=&uuidkey=11F05C46-57E9-4D84-AD72-DF458468380D
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 07:15:25 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 May 2024 17:28:11 GMT
server: LiteSpeed
etag: "3b0ad-663d07ab-737a82a7b2473593;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 241837
expires: Thu, 27 Jun 2024 07:15:25 GMT

GET
H2 200 codigo3.png
profitablemessages.com/mr-en-ia-amicci-octs/img/ 222 KB
222 KB 1480ms
1466ms Image
image/png 185.139.2.43
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://profitablemessages.com/mr-en-ia-amicci-octs/img/codigo3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.139.2.43 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f1bbcd9501f09b3706dfdd291716628f51da5c35051aa0d4c28e440e5544eb3b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/mr-en-ia-amicci-octs/?sub1=120211435540730533&sub2=120211435540640533&sub3=120211272405100533&sub4=175&sub5=AMICCI_CA-1_T-I-ikea+cpe_175__X0002285&utm_campaign=AMICCI_CA-1_T-INTERESSES_10/06+-+GABRIEL&utm_content=175&utm_source=amicci&utm_medium=paid&mk=t777&fbclid=PAAaYsHeFv5c8fCFw7KMp4fMM1qBNS7qwKyRgu3Slr4R4TK3tC4lNHxlZJExI_aem_dv5Vh-urMYIY9lFrPdLAQg&code=-1202&domain=NSURLErrorDomain&description=The%20certificate%20for%20this%20server%20is%20invalid.%20You%20might%20be%20connecting%20to%20a%20server%20that%20is%20pretending%20to%20be%20%E2%80%9Cprofitablemessages.com%E2%80%9D%20which%20could%20put%20your%20confidential%20information%20at%20risk.&timestamp=1718867486534&badcert=MIIB/TCCAYOgAwIBAgIQDZZNInm9wGy8WM8g3G9vgTAKBggqhkjOPQQDAzAxMRIwEAYDVQQKDAlOZXRBbGVydHMxGzAZBgNVBAMMEk5ldEFsZXJ0cyBTZXJ2aWNlczAeFw0yNDA2MTkxNDAxNTBaFw0yNDA2MjAxNDA2NTBaMDUxEjAQBgNVBAoTCU5ldEFsZXJ0czEfMB0GA1UEAxMWcHJvZml0YWJsZW1lc3NhZ2VzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGAkLGtL3E33FpZP7TvGXbxHOqY4kDaGbB+ekwa3PgQBYeEFG7sHKEjlXBdKZwO1xh5JuacXpYRkb5HR5yg3/ACjeTB3MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPfGRKcRcZqQCAmjZCYoOI9U2li/MCEGA1UdEQQaMBiCFnByb2ZpdGFibGVtZXNzYWdlcy5jb20wCgYIKoZIzj0EAwMDaAAwZQIxALspuZQXJeuJkqLaPJr4urVAklRphfkqpuraHefwC0yIuKjGU+yCV2ajwTqB0W4QAQIwZ6H8nBy2BBRRQyzUdMIVi+HfVhF6mTI0RtUaZUXUPMdnfdoAjxiaIxDvjlWuBGOT&certerror=&uuidkey=11F05C46-57E9-4D84-AD72-DF458468380D
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 07:15:26 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 May 2024 17:28:11 GMT
server: LiteSpeed
etag: "377f5-663d07ab-2b4660cecce42392;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 227317
expires: Thu, 27 Jun 2024 07:15:26 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 788ms
29ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: profitablemessages.com
URL: https://profitablemessages.com/mr-en-ia-amicci-octs/?sub1=120211435540730533&sub2=120211435540640533&sub3=120211272405100533&sub4=175&sub5=AMICCI_CA-1_T-I-ikea+cpe_175__X0002285&utm_campaign=AMICCI_CA-1_T-INTERESSES_10/06+-+GABRIEL&utm_content=175&utm_source=amicci&utm_medium=paid&mk=t777&fbclid=PAAaYsHeFv5c8fCFw7KMp4fMM1qBNS7qwKyRgu3Slr4R4TK3tC4lNHxlZJExI_aem_dv5Vh-urMYIY9lFrPdLAQg&code=-1202&domain=NSURLErrorDomain&description=The%20certificate%20for%20this%20server%20is%20invalid.%20You%20might%20be%20connecting%20to%20a%20server%20that%20is%20pretending%20to%20be%20%E2%80%9Cprofitablemessages.com%E2%80%9D%20which%20could%20put%20your%20confidential%20information%20at%20risk.&timestamp=1718867486534&badcert=MIIB/TCCAYOgAwIBAgIQDZZNInm9wGy8WM8g3G9vgTAKBggqhkjOPQQDAzAxMRIwEAYDVQQKDAlOZXRBbGVydHMxGzAZBgNVBAMMEk5ldEFsZXJ0cyBTZXJ2aWNlczAeFw0yNDA2MTkxNDAxNTBaFw0yNDA2MjAxNDA2NTBaMDUxEjAQBgNVBAoTCU5ldEFsZXJ0czEfMB0GA1UEAxMWcHJvZml0YWJsZW1lc3NhZ2VzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGAkLGtL3E33FpZP7TvGXbxHOqY4kDaGbB+ekwa3PgQBYeEFG7sHKEjlXBdKZwO1xh5JuacXpYRkb5HR5yg3/ACjeTB3MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPfGRKcRcZqQCAmjZCYoOI9U2li/MCEGA1UdEQQaMBiCFnByb2ZpdGFibGVtZXNzYWdlcy5jb20wCgYIKoZIzj0EAwMDaAAwZQIxALspuZQXJeuJkqLaPJr4urVAklRphfkqpuraHefwC0yIuKjGU+yCV2ajwTqB0W4QAQIwZ6H8nBy2BBRRQyzUdMIVi+HfVhF6mTI0RtUaZUXUPMdnfdoAjxiaIxDvjlWuBGOT&certerror=&uuidkey=11F05C46-57E9-4D84-AD72-DF458468380D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 07:15:26 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 272298
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-fra-etou8220038-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1718867727.667980,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 17, 131876

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 62 KB
16 KB 31ms
17ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Jun 2024 07:15:25 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1809323
x-jsd-version: 4.6.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16235
x-served-by: cache-fra-etou8220031-FRA
x-jsd-version-type: version
etag: W/"f7eb-O+7WjtfXU8a/T2HCY4bd15KboDA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 c16a16eb1d.js Show response
kit.fontawesome.com/ 12 KB
5 KB 1241ms
484ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/c16a16eb1d.js
Requested by: Host: profitablemessages.com
URL: https://profitablemessages.com/mr-en-ia-amicci-octs/?sub1=120211435540730533&sub2=120211435540640533&sub3=120211272405100533&sub4=175&sub5=AMICCI_CA-1_T-I-ikea+cpe_175__X0002285&utm_campaign=AMICCI_CA-1_T-INTERESSES_10/06+-+GABRIEL&utm_content=175&utm_source=amicci&utm_medium=paid&mk=t777&fbclid=PAAaYsHeFv5c8fCFw7KMp4fMM1qBNS7qwKyRgu3Slr4R4TK3tC4lNHxlZJExI_aem_dv5Vh-urMYIY9lFrPdLAQg&code=-1202&domain=NSURLErrorDomain&description=The%20certificate%20for%20this%20server%20is%20invalid.%20You%20might%20be%20connecting%20to%20a%20server%20that%20is%20pretending%20to%20be%20%E2%80%9Cprofitablemessages.com%E2%80%9D%20which%20could%20put%20your%20confidential%20information%20at%20risk.&timestamp=1718867486534&badcert=MIIB/TCCAYOgAwIBAgIQDZZNInm9wGy8WM8g3G9vgTAKBggqhkjOPQQDAzAxMRIwEAYDVQQKDAlOZXRBbGVydHMxGzAZBgNVBAMMEk5ldEFsZXJ0cyBTZXJ2aWNlczAeFw0yNDA2MTkxNDAxNTBaFw0yNDA2MjAxNDA2NTBaMDUxEjAQBgNVBAoTCU5ldEFsZXJ0czEfMB0GA1UEAxMWcHJvZml0YWJsZW1lc3NhZ2VzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGAkLGtL3E33FpZP7TvGXbxHOqY4kDaGbB+ekwa3PgQBYeEFG7sHKEjlXBdKZwO1xh5JuacXpYRkb5HR5yg3/ACjeTB3MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPfGRKcRcZqQCAmjZCYoOI9U2li/MCEGA1UdEQQaMBiCFnByb2ZpdGFibGVtZXNzYWdlcy5jb20wCgYIKoZIzj0EAwMDaAAwZQIxALspuZQXJeuJkqLaPJr4urVAklRphfkqpuraHefwC0yIuKjGU+yCV2ajwTqB0W4QAQIwZ6H8nBy2BBRRQyzUdMIVi+HfVhF6mTI0RtUaZUXUPMdnfdoAjxiaIxDvjlWuBGOT&certerror=&uuidkey=11F05C46-57E9-4D84-AD72-DF458468380D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f56fa6f3601bd0417d8794864cfaff1ef020396aadcc93377e5bbbe81cf9dfae

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/
Origin: https://profitablemessages.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 07:15:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8969f7bbab16361d-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F9qj0W_67ih5tFsCGkdj

GET
H2 200 script.js Show response
profitablemessages.com/mr-en-ia-amicci-octs/jss/ 109 B
187 B 2392ms
2380ms Script
application/x-javascript 185.139.2.43
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://profitablemessages.com/mr-en-ia-amicci-octs/jss/script.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.139.2.43 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

88f0cbc61d685fec6cf9bf4a654d8d233b55104ac9100c24c5bed55e4204f307

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/mr-en-ia-amicci-octs/?sub1=120211435540730533&sub2=120211435540640533&sub3=120211272405100533&sub4=175&sub5=AMICCI_CA-1_T-I-ikea+cpe_175__X0002285&utm_campaign=AMICCI_CA-1_T-INTERESSES_10/06+-+GABRIEL&utm_content=175&utm_source=amicci&utm_medium=paid&mk=t777&fbclid=PAAaYsHeFv5c8fCFw7KMp4fMM1qBNS7qwKyRgu3Slr4R4TK3tC4lNHxlZJExI_aem_dv5Vh-urMYIY9lFrPdLAQg&code=-1202&domain=NSURLErrorDomain&description=The%20certificate%20for%20this%20server%20is%20invalid.%20You%20might%20be%20connecting%20to%20a%20server%20that%20is%20pretending%20to%20be%20%E2%80%9Cprofitablemessages.com%E2%80%9D%20which%20could%20put%20your%20confidential%20information%20at%20risk.&timestamp=1718867486534&badcert=MIIB/TCCAYOgAwIBAgIQDZZNInm9wGy8WM8g3G9vgTAKBggqhkjOPQQDAzAxMRIwEAYDVQQKDAlOZXRBbGVydHMxGzAZBgNVBAMMEk5ldEFsZXJ0cyBTZXJ2aWNlczAeFw0yNDA2MTkxNDAxNTBaFw0yNDA2MjAxNDA2NTBaMDUxEjAQBgNVBAoTCU5ldEFsZXJ0czEfMB0GA1UEAxMWcHJvZml0YWJsZW1lc3NhZ2VzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGAkLGtL3E33FpZP7TvGXbxHOqY4kDaGbB+ekwa3PgQBYeEFG7sHKEjlXBdKZwO1xh5JuacXpYRkb5HR5yg3/ACjeTB3MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPfGRKcRcZqQCAmjZCYoOI9U2li/MCEGA1UdEQQaMBiCFnByb2ZpdGFibGVtZXNzYWdlcy5jb20wCgYIKoZIzj0EAwMDaAAwZQIxALspuZQXJeuJkqLaPJr4urVAklRphfkqpuraHefwC0yIuKjGU+yCV2ajwTqB0W4QAQIwZ6H8nBy2BBRRQyzUdMIVi+HfVhF6mTI0RtUaZUXUPMdnfdoAjxiaIxDvjlWuBGOT&certerror=&uuidkey=11F05C46-57E9-4D84-AD72-DF458468380D
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 07:15:26 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 May 2024 17:28:11 GMT
server: LiteSpeed
etag: "6d-663d07ab-4e9394e9995a754d;;;"
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 109
expires: Thu, 27 Jun 2024 07:15:26 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 909ms
24ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&family=Poppins:wght@100;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://profitablemessages.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:48:44 GMT
x-content-type-options: nosniff
age: 145602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:48:44 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 907ms
22ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&family=Poppins:wght@100;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://profitablemessages.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:03:17 GMT
x-content-type-options: nosniff
age: 144729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7840
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:02:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 15:03:17 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 946ms
61ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&family=Poppins:wght@100;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://profitablemessages.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:11:45 GMT
x-content-type-options: nosniff
age: 144221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 15:11:45 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 947ms
62ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&family=Poppins:wght@100;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://profitablemessages.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:03:16 GMT
x-content-type-options: nosniff
age: 144730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 15:03:16 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 909ms
25ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&family=Poppins:wght@100;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://profitablemessages.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:55:50 GMT
x-content-type-options: nosniff
age: 145176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:55:50 GMT

GET

/
codes-messages.online/pv-mr-cp121/
Redirect Chain

https://rfwzx.rdtk.io/64cd97367e9d3300018cebd9?format=json&sub1=120211435540730533&sub2=120211435540640533&sub3=120211272405100533&sub4=175&sub5=AMICCI_CA-1_T-I-ikea+cpe_175__X0002285&utm_campaign=...
https://codes-messages.online/pv-mr-cp121/

0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
90 KB 95ms
94ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JV74G4HYGV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-238176933-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

290412a961b39c252d26dd26d0a753a59a1912feb8713fab1ce8f47ebb1a697e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 07:15:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91956
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Jun 2024 07:15:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 800ms
16ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-238176933-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Jun 2024 05:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5663
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 20 Jun 2024 07:41:03 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 998ms
0ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JV74G4HYGV&gtm=45je46h0v9128791356za200&_p=1718867725498&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1744697699.1718867727&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1718867726&sct=1&seg=0&dl=https%3A%2F%2Fprofitablemessages.com%2Fmr-en-ia-amicci-octs%2F%3Fsub1%3D120211435540730533%26sub2%3D120211435540640533%26sub3%3D120211272405100533%26sub4%3D175%26sub5%3DAMICCI_CA-1_T-I-ikea%2Bcpe_175__X0002285%26utm_campaign%3DAMICCI_CA-1_T-INTERESSES_10%2F06%2B-%2BGABRIEL%26utm_content%3D175%26utm_source%3Damicci%26utm_medium%3Dpaid%26mk%3Dt777%26fbclid%3DPAAaYsHeFv5c8fCFw7KMp4fMM1qBNS7qwKyRgu3Slr4R4TK3tC4lNHxlZJExI_aem_dv5Vh-urMYIY9lFrPdLAQg%26code%3D-1202%26domain%3DNSURLErrorDomain%26description%3DThe%2520certificate%2520for%2520this%2520server%2520is%2520invalid.%2520You%2520might%2520be%2520connecting%2520to%2520a%2520server%2520that%2520is%2520pretending%2520to%2520be%2520%25E2%2580%259Cprofitablemessages.com%25E2%2580%259D%2520which%2520could%2520put%2520your%2520confidential%2520information%2520at%2520risk.%26timestamp%3D1718867486534%26badcert%3DMIIB%2FTCCAYOgAwIBAgIQDZZNInm9wGy8WM8g3G9vgTAKBggqhkjOPQQDAzAxMRIwEAYDVQQKDAlOZXRBbGVydHMxGzAZBgNVBAMMEk5ldEFsZXJ0cyBTZXJ2aWNlczAeFw0yNDA2MTkxNDAxNTBaFw0yNDA2MjAxNDA2NTBaMDUxEjAQBgNVBAoTCU5ldEFsZXJ0czEfMB0GA1UEAxMWcHJvZml0YWJsZW1lc3NhZ2VzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGAkLGtL3E33FpZP7TvGXbxHOqY4kDaGbB%2Bekwa3PgQBYeEFG7sHKEjlXBdKZwO1xh5JuacXpYRkb5HR5yg3%2FACjeTB3MA4GA1UdDwEB%2FwQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPfGRKcRcZqQCAmjZCYoOI9U2li%2FMCEGA1UdEQQaMBiCFnByb2ZpdGFibGVtZXNzYWdlcy5jb20wCgYIKoZIzj0EAwMDaAAwZQIxALspuZQXJeuJkqLaPJr4urVAklRphfkqpuraHefwC0yIuKjGU%2ByCV2ajwTqB0W4QAQIwZ6H8nBy2BBRRQyzUdMIVi%2BHfVhF6mTI0RtUaZUXUPMdnfdoAjxiaIxDvjlWuBGOT%26certerror%3D%26uuidkey%3D11F05C46-57E9-4D84-AD72-DF458468380D&dt=01%20Inicio&tfd=2826&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JV74G4HYGV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://profitablemessages.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 07:15:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://profitablemessages.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 999ms
0ms Ping
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JV74G4HYGV&cid=1744697699.1718867727&gtm=45je46h0v9128791356za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JV74G4HYGV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 07:15:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://profitablemessages.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 872ms
109ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JV74G4HYGV&cid=1744697699.1718867727&gtm=45je46h0v9128791356za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1043846032

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 07:15:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 90ms
0ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=350709034&t=pageview&_s=1&dl=https%3A%2F%2Fprofitablemessages.com%2Fmr-en-ia-amicci-octs%2F%3Fsub1%3D120211435540730533%26sub2%3D120211435540640533%26sub3%3D120211272405100533%26sub4%3D175%26sub5%3DAMICCI_CA-1_T-I-ikea%2Bcpe_175__X0002285%26utm_campaign%3DAMICCI_CA-1_T-INTERESSES_10%2F06%2B-%2BGABRIEL%26utm_content%3D175%26utm_source%3Damicci%26utm_medium%3Dpaid%26mk%3Dt777%26fbclid%3DPAAaYsHeFv5c8fCFw7KMp4fMM1qBNS7qwKyRgu3Slr4R4TK3tC4lNHxlZJExI_aem_dv5Vh-urMYIY9lFrPdLAQg%26code%3D-1202%26domain%3DNSURLErrorDomain%26description%3DThe%2520certificate%2520for%2520this%2520server%2520is%2520invalid.%2520You%2520might%2520be%2520connecting%2520to%2520a%2520server%2520that%2520is%2520pretending%2520to%2520be%2520%25E2%2580%259Cprofitablemessages.com%25E2%2580%259D%2520which%2520could%2520put%2520your%2520confidential%2520information%2520at%2520risk.%26timestamp%3D1718867486534%26badcert%3DMIIB%2FTCCAYOgAwIBAgIQDZZNInm9wGy8WM8g3G9vgTAKBggqhkjOPQQDAzAxMRIwEAYDVQQKDAlOZXRBbGVydHMxGzAZBgNVBAMMEk5ldEFsZXJ0cyBTZXJ2aWNlczAeFw0yNDA2MTkxNDAxNTBaFw0yNDA2MjAxNDA2NTBaMDUxEjAQBgNVBAoTCU5ldEFsZXJ0czEfMB0GA1UEAxMWcHJvZml0YWJsZW1lc3NhZ2VzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGAkLGtL3E33FpZP7TvGXbxHOqY4kDaGbB%2Bekwa3PgQBYeEFG7sHKEjlXBdKZwO1xh5JuacXpYRkb5HR5yg3%2FACjeTB3MA4GA1UdDwEB%2FwQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPfGRKcRcZqQCAmjZCYoOI9U2li%2FMCEGA1UdEQQaMBiCFnByb2ZpdGFibGVtZXNzYWdlcy5jb20wCgYIKoZIzj0EAwMDaAAwZQIxALspuZQXJeuJkqLaPJr4urVAklRphfkqpuraHefwC0yIuKjGU%2ByCV2ajwTqB0W4QAQIwZ6H8nBy2BBRRQyzUdMIVi%2BHfVhF6mTI0RtUaZUXUPMdnfdoAjxiaIxDvjlWuBGOT%26certerror%3D%26uuidkey%3D11F05C46-57E9-4D84-AD72-DF458468380D&ul=de-de&de=UTF-8&dt=01%20Inicio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2103505875&gjid=101424351&cid=1744697699.1718867727&tid=UA-238176933-1&_gid=120566359.1718867727&_r=1&gtm=457e46h0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=1763143518

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://profitablemessages.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 07:15:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://profitablemessages.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 619ms
88ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=c16a16eb1d
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c16a16eb1d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 07:15:27 GMT
content-encoding: gzip
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 72817
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TKBGZ%2FPocgIHBdh309qP7p%2B9%2FLLzdFgcOfPNPFS2OEvpauOFddKKbPLOTF%2B8CvDT0JipOQJ3zK8mmJe3ACqsKgXgLYxLwmWZNjlYjIgLoLdqOiMAfjvN2W0%2FE7V3%2BPBp%2FST0u60fVw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8969f7c21bc89a09-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: lpxPDQE6FKuAzHg0wscjW-pTooKv8-84yGTwkp1thZGaQriPULZYoQ==

GET
H3 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 603ms
72ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=c16a16eb1d
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c16a16eb1d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 07:15:27 GMT
content-encoding: gzip
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 4418630
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bfGFLXvTflEsL0K5LOIgp4pafIalm4uYozOSbdUP8tIzxOyFn5CSfk49RPV1cHmmuXSnggLNTdZS4FiepK4bJh5mu%2BI2s72kyUCl99AzppQkB8PjHFavq4B5SQsgjw0IK7vz8PQm0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8969f7c21bca9a09-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: HBeo9EfD3WJdRQoYTzOtg25jelBD5fmV8OY1YWA5vo-xKGZMFhP8UA==

GET
H3 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 601ms
70ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=c16a16eb1d
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c16a16eb1d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 07:15:27 GMT
content-encoding: gzip
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 274996
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MDFV060tfd3XWJz2EmmM9XSzv%2FwCoo%2FXuHFB9g9JhI5S32V6rwmlcYa58M99JCejll51qaQCRlE%2BmfPbZq9ARTkCGTyYVBGhyMvq7LYM%2B2S6UVonyniVmsqfK%2B6vyFowrk%2BR6lbVrA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8969f7c21bcd9a09-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: BJI7Bj618qGky_mwgSRlwM8V7DX0dEfMzOU3Codo2KIL9vN-IawpUg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 363ms
0ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-238176933-1&cid=1744697699.1718867727&jid=2103505875&gjid=101424351&_gid=120566359.1718867727&npa=1&_u=YADAAUAAAAAAACAAI~&z=1804373281

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://profitablemessages.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Jun 2024 07:15:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://profitablemessages.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 901ms
99ms Image
image/gif 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-238176933-1&cid=1744697699.1718867727&jid=2103505875&npa=1&_u=YADAAUAAAAAAACAAI~&z=1766981129

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 07:15:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 171ms
150ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-238176933-1&cid=1744697699.1718867727&jid=2103505875&npa=1&_u=YADAAUAAAAAAACAAI~&z=1766981129

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 07:15:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 376ms
375ms Font
font/woff2 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by: Host: profitablemessages.com
URL: https://profitablemessages.com/mr-en-ia-amicci-octs/?sub1=120211435540730533&sub2=120211435540640533&sub3=120211272405100533&sub4=175&sub5=AMICCI_CA-1_T-I-ikea+cpe_175__X0002285&utm_campaign=AMICCI_CA-1_T-INTERESSES_10/06+-+GABRIEL&utm_content=175&utm_source=amicci&utm_medium=paid&mk=t777&fbclid=PAAaYsHeFv5c8fCFw7KMp4fMM1qBNS7qwKyRgu3Slr4R4TK3tC4lNHxlZJExI_aem_dv5Vh-urMYIY9lFrPdLAQg&code=-1202&domain=NSURLErrorDomain&description=The%20certificate%20for%20this%20server%20is%20invalid.%20You%20might%20be%20connecting%20to%20a%20server%20that%20is%20pretending%20to%20be%20%E2%80%9Cprofitablemessages.com%E2%80%9D%20which%20could%20put%20your%20confidential%20information%20at%20risk.&timestamp=1718867486534&badcert=MIIB/TCCAYOgAwIBAgIQDZZNInm9wGy8WM8g3G9vgTAKBggqhkjOPQQDAzAxMRIwEAYDVQQKDAlOZXRBbGVydHMxGzAZBgNVBAMMEk5ldEFsZXJ0cyBTZXJ2aWNlczAeFw0yNDA2MTkxNDAxNTBaFw0yNDA2MjAxNDA2NTBaMDUxEjAQBgNVBAoTCU5ldEFsZXJ0czEfMB0GA1UEAxMWcHJvZml0YWJsZW1lc3NhZ2VzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGAkLGtL3E33FpZP7TvGXbxHOqY4kDaGbB+ekwa3PgQBYeEFG7sHKEjlXBdKZwO1xh5JuacXpYRkb5HR5yg3/ACjeTB3MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPfGRKcRcZqQCAmjZCYoOI9U2li/MCEGA1UdEQQaMBiCFnByb2ZpdGFibGVtZXNzYWdlcy5jb20wCgYIKoZIzj0EAwMDaAAwZQIxALspuZQXJeuJkqLaPJr4urVAklRphfkqpuraHefwC0yIuKjGU+yCV2ajwTqB0W4QAQIwZ6H8nBy2BBRRQyzUdMIVi+HfVhF6mTI0RtUaZUXUPMdnfdoAjxiaIxDvjlWuBGOT&certerror=&uuidkey=11F05C46-57E9-4D84-AD72-DF458468380D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/
Origin: https://profitablemessages.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 07:15:27 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 78168
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lw1Rmmed6Z34dWJrlp%2Fng7%2BAIqaQWg0DhDOXbWA%2BPANBdjHY3KLoh6mDJFU9zVW8sRmnDt64hSPSgTi3eIeypzbg0ARAAYVOswd1tq%2BP2%2F%2FTx8Yo6Ix4lGGM9CxDdboQ7oODCN6B2A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 8969f7c3ad169a09-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: lUVnIlNaUHCehOMN_VyFEaDgnWRmkZatl9XJb-lYQ7IsOEQLN4A1JA==

GET
H3 404 logo.png
profitablemessages.com/mr-en-ia-amicci-octs/img/ 19 KB
6 KB 279ms
278ms Other
text/html 185.139.2.43
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://profitablemessages.com/mr-en-ia-amicci-octs/img/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

185.139.2.43 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/8.1.27

Resource Hash

45f1411932e566002e819493639e14ed7a566a5126e392e1babe51da0597b8f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://profitablemessages.com/mr-en-ia-amicci-octs/?sub1=120211435540730533&sub2=120211435540640533&sub3=120211272405100533&sub4=175&sub5=AMICCI_CA-1_T-I-ikea+cpe_175__X0002285&utm_campaign=AMICCI_CA-1_T-INTERESSES_10/06+-+GABRIEL&utm_content=175&utm_source=amicci&utm_medium=paid&mk=t777&fbclid=PAAaYsHeFv5c8fCFw7KMp4fMM1qBNS7qwKyRgu3Slr4R4TK3tC4lNHxlZJExI_aem_dv5Vh-urMYIY9lFrPdLAQg&code=-1202&domain=NSURLErrorDomain&description=The%20certificate%20for%20this%20server%20is%20invalid.%20You%20might%20be%20connecting%20to%20a%20server%20that%20is%20pretending%20to%20be%20%E2%80%9Cprofitablemessages.com%E2%80%9D%20which%20could%20put%20your%20confidential%20information%20at%20risk.&timestamp=1718867486534&badcert=MIIB/TCCAYOgAwIBAgIQDZZNInm9wGy8WM8g3G9vgTAKBggqhkjOPQQDAzAxMRIwEAYDVQQKDAlOZXRBbGVydHMxGzAZBgNVBAMMEk5ldEFsZXJ0cyBTZXJ2aWNlczAeFw0yNDA2MTkxNDAxNTBaFw0yNDA2MjAxNDA2NTBaMDUxEjAQBgNVBAoTCU5ldEFsZXJ0czEfMB0GA1UEAxMWcHJvZml0YWJsZW1lc3NhZ2VzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGAkLGtL3E33FpZP7TvGXbxHOqY4kDaGbB+ekwa3PgQBYeEFG7sHKEjlXBdKZwO1xh5JuacXpYRkb5HR5yg3/ACjeTB3MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPfGRKcRcZqQCAmjZCYoOI9U2li/MCEGA1UdEQQaMBiCFnByb2ZpdGFibGVtZXNzYWdlcy5jb20wCgYIKoZIzj0EAwMDaAAwZQIxALspuZQXJeuJkqLaPJr4urVAklRphfkqpuraHefwC0yIuKjGU+yCV2ajwTqB0W4QAQIwZ6H8nBy2BBRRQyzUdMIVi+HfVhF6mTI0RtUaZUXUPMdnfdoAjxiaIxDvjlWuBGOT&certerror=&uuidkey=11F05C46-57E9-4D84-AD72-DF458468380D
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 07:15:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
x-powered-by: PHP/8.1.27
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
platform: hostinger
link: <https://profitablemessages.com/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
expires: Wed, 11 Jan 1984 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: codes-messages.online
URL: https://codes-messages.online/pv-mr-cp121/

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
profitablemessages.com/	1970-01-20 21:29:14	Name: cloakup_session Value: sptl66kj85il9luk0dat6dqrtn
.profitablemessages.com/	1970-01-21 07:03:47	Name: _ga_JV74G4HYGV Value: GS1.1.1718867726.1.0.1718867726.60.0.0
.profitablemessages.com/	1970-01-21 07:03:47	Name: _ga Value: GA1.2.1744697699.1718867727
.profitablemessages.com/	1970-01-20 21:29:14	Name: _gid Value: GA1.2.120566359.1718867727
.profitablemessages.com/	1970-01-20 21:27:47	Name: _gat_gtag_UA_238176933_1 Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://profitablemessages.com/mr-en-ia-amicci-octs/?sub1=120211435540730533&sub2=120211435540640533&sub3=120211272405100533&sub4=175&sub5=AMICCI_CA-1_T-I-ikea+cpe_175__X0002285&utm_campaign=AMICCI_CA-1_T-INTERESSES_10/06+-+GABRIEL&utm_content=175&utm_source=amicci&utm_medium=paid&mk=t777&fbclid=PAAaYsHeFv5c8fCFw7KMp4fMM1qBNS7qwKyRgu3Slr4R4TK3tC4lNHxlZJExI_aem_dv5Vh-urMYIY9lFrPdLAQg&code=-1202&domain=NSURLErrorDomain&description=The%20certificate%20for%20this%20server%20is%20invalid.%20You%20might%20be%20connecting%20to%20a%20server%20that%20is%20pretending%20to%20be%20%E2%80%9Cprofitablemessages.com%E2%80%9D%20which%20could%20put%20your%20confidential%20information%20at%20risk.&timestamp=1718867486534&badcert=MIIB/TCCAYOgAwIBAgIQDZZNInm9wGy8WM8g3G9vgTAKBggqhkjOPQQDAzAxMRIwEAYDVQQKDAlOZXRBbGVydHMxGzAZBgNVBAMMEk5ldEFsZXJ0cyBTZXJ2aWNlczAeFw0yNDA2MTkxNDAxNTBaFw0yNDA2MjAxNDA2NTBaMDUxEjAQBgNVBAoTCU5ldEFsZXJ0czEfMB0GA1UEAxMWcHJvZml0YWJsZW1lc3NhZ2VzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGAkLGtL3E33FpZP7TvGXbxHOqY4kDaGbB+ekwa3PgQBYeEFG7sHKEjlXBdKZwO1xh5JuacXpYRkb5HR5yg3/ACjeTB3MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPfGRKcRcZqQCAmjZCYoOI9U2li/MCEGA1UdEQQaMBiCFnByb2ZpdGFibGVtZXNzYWdlcy5jb20wCgYIKoZIzj0EAwMDaAAwZQIxALspuZQXJeuJkqLaPJr4urVAklRphfkqpuraHefwC0yIuKjGU+yCV2ajwTqB0W4QAQIwZ6H8nBy2BBRRQyzUdMIVi+HfVhF6mTI0RtUaZUXUPMdnfdoAjxiaIxDvjlWuBGOT&certerror=&uuidkey=11F05C46-57E9-4D84-AD72-DF458468380D Message: Access to XMLHttpRequest at 'https://codes-messages.online/pv-mr-cp121/' (redirected from 'https://rfwzx.rdtk.io/64cd97367e9d3300018cebd9?format=json&sub1=120211435540730533&sub2=120211435540640533&sub3=120211272405100533&sub4=175&sub5=AMICCI_CA-1_T-I-ikea+cpe_175__X0002285&utm_campaign=AMICCI_CA-1_T-INTERESSES_10/06+-+GABRIEL&utm_content=175&utm_source=amicci&utm_medium=paid&mk=t777&fbclid=PAAaYsHeFv5c8fCFw7KMp4fMM1qBNS7qwKyRgu3Slr4R4TK3tC4lNHxlZJExI_aem_dv5Vh-urMYIY9lFrPdLAQg&code=-1202&domain=NSURLErrorDomain&description=The%20certificate%20for%20this%20server%20is%20invalid.%20You%20might%20be%20connecting%20to%20a%20server%20that%20is%20pretending%20to%20be%20%E2%80%9Cprofitablemessages.com%E2%80%9D%20which%20could%20put%20your%20confidential%20information%20at%20risk.&timestamp=1718867486534&badcert=MIIB/TCCAYOgAwIBAgIQDZZNInm9wGy8WM8g3G9vgTAKBggqhkjOPQQDAzAxMRIwEAYDVQQKDAlOZXRBbGVydHMxGzAZBgNVBAMMEk5ldEFsZXJ0cyBTZXJ2aWNlczAeFw0yNDA2MTkxNDAxNTBaFw0yNDA2MjAxNDA2NTBaMDUxEjAQBgNVBAoTCU5ldEFsZXJ0czEfMB0GA1UEAxMWcHJvZml0YWJsZW1lc3NhZ2VzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGAkLGtL3E33FpZP7TvGXbxHOqY4kDaGbB+ekwa3PgQBYeEFG7sHKEjlXBdKZwO1xh5JuacXpYRkb5HR5yg3/ACjeTB3MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPfGRKcRcZqQCAmjZCYoOI9U2li/MCEGA1UdEQQaMBiCFnByb2ZpdGFibGVtZXNzYWdlcy5jb20wCgYIKoZIzj0EAwMDaAAwZQIxALspuZQXJeuJkqLaPJr4urVAklRphfkqpuraHefwC0yIuKjGU+yCV2ajwTqB0W4QAQIwZ6H8nBy2BBRRQyzUdMIVi+HfVhF6mTI0RtUaZUXUPMdnfdoAjxiaIxDvjlWuBGOT&certerror=&uuidkey=11F05C46-57E9-4D84-AD72-DF458468380D&sub19=&sub20=') from origin 'https://profitablemessages.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://codes-messages.online/pv-mr-cp121/ Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://profitablemessages.com/mr-en-ia-amicci-octs/img/logo.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.jquery.com
codes-messages.online
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
profitablemessages.com
region1.analytics.google.com
rfwzx.rdtk.io
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
codes-messages.online
142.250.185.228
172.217.16.195
172.67.139.119
185.139.2.43
2001:1af8:5100:a003:2::
2001:4860:4802:34::178
2001:4860:4802:34::36
2606:4700:4400::6812:2844
2a00:1450:4001:806::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2008
2a00:1450:400c:c0b::9a
2a04:4e42::485
2a04:4e42::649
032cb1835e9dcc89f6430d5c04e0456d362a65d4c87e71be8465cc5d61de4dc0
13f3799fe466a3d7a29caf5f86e0919a6882c586e65aebabe594d0a2ad4404a0
290412a961b39c252d26dd26d0a753a59a1912feb8713fab1ce8f47ebb1a697e
3ee93a566bf801aae76e99081af547f906da3e3341316b62a4f19ed7e887628b
45f1411932e566002e819493639e14ed7a566a5126e392e1babe51da0597b8f7
5609afdca33968442d25bff36dba60e658412b3ac2f0e3efec7ec7f32a95bbf4
58c090a90e79297259473852a59fc6a1a5232a35e6926a5a46bb75b62eec43e7
5bb7f3144354a54478bfc5080dc72f193bf02d24db77f96669deaf17af24a0a5
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88f0cbc61d685fec6cf9bf4a654d8d233b55104ac9100c24c5bed55e4204f307
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a3007331eb7ede985d970f92d34b168b679c78f76df3955426d8de6572d95516
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1bbcd9501f09b3706dfdd291716628f51da5c35051aa0d4c28e440e5544eb3b
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f56fa6f3601bd0417d8794864cfaff1ef020396aadcc93377e5bbbe81cf9dfae
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

profitablemessages.com Open in urlscan Pro 185.139.2.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

33 Requests

97 %HTTPS

71 %IPv6

13 Domains

15 Subdomains

15 IPs

5 Countries

1176 kBTransfer

1884 kBSize

5 Cookies

0 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

profitablemessages.com Open in urlscan Pro
185.139.2.43 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

97 %
HTTPS

71 %
IPv6

13
Domains

15
Subdomains

15
IPs

5
Countries

1176 kB
Transfer

1884 kB
Size

5
Cookies

33 HTTP transactions
0 data transactions