acidaburn.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pharmachopajulat.com/rd/c12819SAMRX88513aJPh47035vfu116769CkzY1075
Effective URL:
https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
Submission: On September 12 via api (September 12th 2022, 10:16:16 am UTC) from BE — Scanned from DE

Summary HTTP 63 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 13 domains to perform 63 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is acidaburn.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 28th 2021. Valid for: a year.

This is the only time acidaburn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	2606:4700:303... 2606:4700:3031::6815:2b4a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.227.247.224 35.227.247.224	15169 (GOOGLE) (GOOGLE)
17	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400e:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:9e00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:310... 2606:4700:3108::ac42:2b73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3668	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:310... 2606:4700:3108::ac42:2b16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b140:d4dd:8728:eb33:a60d	14618 (AMAZON-AES) (AMAZON-AES)
1	52.7.56.125 52.7.56.125	14618 (AMAZON-AES) (AMAZON-AES)
18	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400e:16::9	15169 (GOOGLE) (GOOGLE)
1	63.33.120.123 63.33.120.123	16509 (AMAZON-02) (AMAZON-02)
63	18

3 2606:4700:3031::6815:2b4a (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

pharmachopajulat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.247.224 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 224.247.227.35.bc.googleusercontent.com

www.loguq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

acidaburn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:9e00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:2b73 (United States)

ASN13335 (CLOUDFLARENET, US)

display.buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3668 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:2b16 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b140:d4dd:8728:eb33:a60d (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.56.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-56-125.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400e:16::9 (Ireland)

ASN15169 (GOOGLE, US)

rr4---sn-5hneknek.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.120.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-120-123.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	866 KB
17	acidaburn.com acidaburn.com	3 MB
6	googlevideo.com rr4---sn-5hneknek.googlevideo.com — Cisco Umbrella Rank: 39443	2 MB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120 jnn-pa.googleapis.com — Cisco Umbrella Rank: 341	32 KB
4	buygoods.com display.buygoods.com — Cisco Umbrella Rank: 312680 tracking.buygoods.com — Cisco Umbrella Rank: 243250 www.buygoods.com — Cisco Umbrella Rank: 333886	9 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 static.doubleclick.net — Cisco Umbrella Rank: 439	1 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 4607 rp.liadm.com — Cisco Umbrella Rank: 2701 rp4.liadm.com — Cisco Umbrella Rank: 6388	12 KB
3	pharmachopajulat.com 2 redirects pharmachopajulat.com	2 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 206	7 KB
2	gstatic.com fonts.gstatic.com	33 KB
2	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 7695 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 7067	3 KB
1	google.com www.google.com — Cisco Umbrella Rank: 19	14 KB
1	loguq.com 1 redirects www.loguq.com	423 B
63	13

	Domain	Requested by
18	www.youtube.com	acidaburn.com www.youtube.com
17	acidaburn.com	pharmachopajulat.com acidaburn.com
6	rr4---sn-5hneknek.googlevideo.com	www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
3	pharmachopajulat.com	2 redirects
2	yt3.ggpht.com	www.youtube.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	tracking.buygoods.com	acidaburn.com tracking.buygoods.com
2	fonts.googleapis.com	acidaburn.com
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	rp4.liadm.com	acidaburn.com
1	rp.liadm.com	1 redirects
1	www.buygoods.com	acidaburn.com
1	rum-static.pingdom.net	acidaburn.com
1	display.buygoods.com	acidaburn.com
1	b-code.liadm.com	acidaburn.com
1	www.loguq.com	1 redirects
63	20

This site contains links to these domains. Also see Links.

Domain
www.buygoods.com
appliedsciencenutrition.com

Subject Issuer	Validity	Valid
*.pharmachopajulat.com E1	`2022-08-04` - `2022-11-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-28` - `2022-10-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
pingdom.net Cloudflare Inc ECC CA-3	`2021-12-14` - `2022-12-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-08-30` - `2022-11-08`	2 months	crt.sh
*.pingdom.net Amazon	`2021-12-07` - `2023-01-05`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
Frame ID: 0F599A9B5DDA7A7EECAEE06AE48D06FC
Requests: 28 HTTP requests in this frame

Frame: https://acidaburn.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662969600
Frame ID: 5231DF8CF16A193ED9E07A8CA9D31B1F
Requests: 3 HTTP requests in this frame

Frame: https://www.youtube.com/embed/6eh52HhiUMc?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Facidaburn.com&widgetid=1
Frame ID: A99F87C629DE89EFA8A05F502A88A2F6
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Acidaburn

Page URL History Show full URLs

http://pharmachopajulat.com/rd/c12819SAMRX88513aJPh47035vfu116769CkzY1075 HTTP 301
https://pharmachopajulat.com/rd/c12819SAMRX88513aJPh47035vfu116769CkzY1075 Page URL
https://pharmachopajulat.com/track/c12819SAMRX88513aJPh47035vfu116769CkzY1075 HTTP 302
https://www.loguq.com/TNTGR497/XF27W48N/?sub1=7&sub2=1075-12819&sub3=88513-47035-116769 HTTP 302
https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d Page URL

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

97 %
HTTPS

84 %
IPv6

13
Domains

20
Subdomains

18
IPs

3
Countries

5362 kB
Transfer

7808 kB
Size

16
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.buygoods.com/secure/?sessid2=sessid2022091210165454&aff_id=4770&sid=&sid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d&account_id=6458&screen=checkout_one&product_codename=acidaburn1btl&redirect=aHR0cHM6Ly9hY2lkYWJ1cm4uY29tL2JnL3VwMS1mcmVlYm90dGxlLw==

Search URL Search Domain Scan URL

URL: https://www.buygoods.com/secure/?sessid2=sessid2022091210165454&aff_id=4770&sid=&sid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d&account_id=6458&screen=checkout_one&product_codename=acidaburn3btl&redirect=aHR0cHM6Ly9hY2lkYWJ1cm4uY29tL2JnL290by9hY2JleHRyYTMv

Search URL Search Domain Scan URL

URL: https://www.buygoods.com/secure/?sessid2=sessid2022091210165454&aff_id=4770&sid=&sid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d&account_id=6458&screen=checkout_one&product_codename=acidaburn6btl&redirect=aHR0cHM6Ly9hY2lkYWJ1cm4uY29tL2JnL290by9hY2JleHRyYTMv

Search URL Search Domain Scan URL

URL: https://www.buygoods.com/refund_policy
Title: Refund Policy

Search URL Search Domain Scan URL

URL: https://appliedsciencenutrition.com/pages/contact-us-customer-support
Title: HERE

Search URL Search Domain Scan URL

URL: https://www.buygoods.com/orderlookup
Title: HERE

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pharmachopajulat.com/rd/c12819SAMRX88513aJPh47035vfu116769CkzY1075 HTTP 301
https://pharmachopajulat.com/rd/c12819SAMRX88513aJPh47035vfu116769CkzY1075 Page URL
https://pharmachopajulat.com/track/c12819SAMRX88513aJPh47035vfu116769CkzY1075 HTTP 302
https://www.loguq.com/TNTGR497/XF27W48N/?sub1=7&sub2=1075-12819&sub3=88513-47035-116769 HTTP 302
https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://pharmachopajulat.com/rd/c12819SAMRX88513aJPh47035vfu116769CkzY1075 HTTP 301
https://pharmachopajulat.com/rd/c12819SAMRX88513aJPh47035vfu116769CkzY1075

Request Chain 22

https://rp.liadm.com/j?dtstmp=1662977769976&aid=a-04sh&se=e30&duid=cbac501b884d--01gcrk60c67mdw8vznsae1gadp&tna=v2.4.2&pu=https%3A%2F%2Facidaburn.com%2Fbg%2F%3Faff_id%3D4770%26subid2%3D03d1842a6ce84fc5b5cc3d7ac0a57e0d&wpn=lc-bundle&refr=https%3A%2F%2Fpharmachopajulat.com%2F&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkhvdyBNeSBNaWxpdGFyeSBDYXJlZXIgRXhwb3NlZCBNZSB0byB0aGUgU2hvY2tpbmdseSBTaW1wbGUgV2VpZ2h0IExvc3MgUml0dWFsIFRoYXQgV291bGQgTWVsdCA0NyBQb3VuZHMgb2YgUHVyZSBCZWxseSBGYXQiPjx0aXRsZT5BY2lkYWJ1cm48L3RpdGxlPjxoMSBjbGFzcz0idGV4dC1jZW50ZXIgbWItNSI-CiAgICAgICAgICAgIDxiPkhvdyBNeSBNaWxpdGFyeSBDYXJlZXIgRXhwb3NlZCBNZSB0byB0aGUgPHN0cm9uZyBjbGFzcz0icmVkIj5TaG9ja2luZwogICAgICAgICAgICAgICAgICAgIFdlaWdodCBMb3NzIFJpdHVhbDwvc3Ryb25nPiBUaGF0IFdvdWxkIE1lbHQgPHN0cm9uZyBjbGFzcz0icmVkIj40NyBQb3VuZHM8L3N0cm9uZz4KICAgICAgICAgICAgICAgIG9mIFB1cmUgQmVsbHkgRmF0PC9iPgogICAgICAgIDwvaDE-PGgxIGNsYXNzPSJwLTMgbWItMCB3aGl0ZSI-Q2xpY2sgVG8gUGxheSBTb3VuZDwvaDE-PGgxIGNsYXNzPSJwLTMgbWItMCB3aGl0ZSI-Q2xpY2sgVG8gQ29udGludWUgVmlkZW88L2gxPjxoMSBjbGFzcz0id2hpdGUgYmctYmx1ZSBkLWZsZXggYWxpZ24taXRlbXMtY2VudGVyIG1iLTAgcHgtMiBqdXN0aWZ5LWNvbnRlbnQtY2VudGVyIHB5LTEiPjxiPjxpPldhaXQhPC9pPjwvYj48L2gxPg HTTP 302
https://rp4.liadm.com/j?dtstmp=1662977769976&aid=a-04sh&se=e30&duid=cbac501b884d--01gcrk60c67mdw8vznsae1gadp&tna=v2.4.2&pu=https%3A%2F%2Facidaburn.com%2Fbg%2F%3Faff_id%3D4770%26subid2%3D03d1842a6ce84fc5b5cc3d7ac0a57e0d&wpn=lc-bundle&refr=https%3A%2F%2Fpharmachopajulat.com%2F&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkhvdyBNeSBNaWxpdGFyeSBDYXJlZXIgRXhwb3NlZCBNZSB0byB0aGUgU2hvY2tpbmdseSBTaW1wbGUgV2VpZ2h0IExvc3MgUml0dWFsIFRoYXQgV291bGQgTWVsdCA0NyBQb3VuZHMgb2YgUHVyZSBCZWxseSBGYXQiPjx0aXRsZT5BY2lkYWJ1cm48L3RpdGxlPjxoMSBjbGFzcz0idGV4dC1jZW50ZXIgbWItNSI-CiAgICAgICAgICAgIDxiPkhvdyBNeSBNaWxpdGFyeSBDYXJlZXIgRXhwb3NlZCBNZSB0byB0aGUgPHN0cm9uZyBjbGFzcz0icmVkIj5TaG9ja2luZwogICAgICAgICAgICAgICAgICAgIFdlaWdodCBMb3NzIFJpdHVhbDwvc3Ryb25nPiBUaGF0IFdvdWxkIE1lbHQgPHN0cm9uZyBjbGFzcz0icmVkIj40NyBQb3VuZHM8L3N0cm9uZz4KICAgICAgICAgICAgICAgIG9mIFB1cmUgQmVsbHkgRmF0PC9iPgogICAgICAgIDwvaDE-PGgxIGNsYXNzPSJwLTMgbWItMCB3aGl0ZSI-Q2xpY2sgVG8gUGxheSBTb3VuZDwvaDE-PGgxIGNsYXNzPSJwLTMgbWItMCB3aGl0ZSI-Q2xpY2sgVG8gQ29udGludWUgVmlkZW88L2gxPjxoMSBjbGFzcz0id2hpdGUgYmctYmx1ZSBkLWZsZXggYWxpZ24taXRlbXMtY2VudGVyIG1iLTAgcHgtMiBqdXN0aWZ5LWNvbnRlbnQtY2VudGVyIHB5LTEiPjxiPjxpPldhaXQhPC9pPjwvYj48L2gxPg&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6Ojk%3D&n3pc=true

Request Chain 35

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

c12819SAMRX88513aJPh47035vfu116769CkzY1075
pharmachopajulat.com/rd/
Redirect Chain

http://pharmachopajulat.com/rd/c12819SAMRX88513aJPh47035vfu116769CkzY1075
https://pharmachopajulat.com/rd/c12819SAMRX88513aJPh47035vfu116769CkzY1075

243 B
608 B

202ms
180ms

Document
text/html

2606:4700:3031::6815:2b4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pharmachopajulat.com/rd/c12819SAMRX88513aJPh47035vfu116769CkzY1075
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7497e2ca59a3917a-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 12 Sep 2022 10:16:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8kSu7Ak6Ppxd6SZm%2BIMLkTHfxkDPYk%2FfidjlywF4wYAG%2B2r%2FH6gL5BVEcTOCPmtCjlkTOGxgHtNLnFj5g6NcowlW2hF7PPczCVcIMRckTgKgG8oR0O16oQ%2BO5YqMdu4JPMM4bMoVgR3f3RKqmn%2ByX443w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 7497e2ca0c8c905e-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 12 Sep 2022 10:16:08 GMT
Expires: Mon, 12 Sep 2022 11:16:08 GMT
Location: https://pharmachopajulat.com/rd/c12819SAMRX88513aJPh47035vfu116769CkzY1075
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kA2uqMfSy46kx5%2BapZkWVLz2FSY0TAkZs5zUTjvJaG%2BpVGB9BDbCISxyC8pXeYDyA2BmTo4DH6rAGpDFISEylrfAIJg1x4h15crRzvXgHok6WCN7eQb%2F5S1jMYMNSEsDc%2BXXht4HQEW9bg%2FgcBp2WQuxtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

Primary Request / Show response
acidaburn.com/bg/
Redirect Chain

https://pharmachopajulat.com/track/c12819SAMRX88513aJPh47035vfu116769CkzY1075
https://www.loguq.com/TNTGR497/XF27W48N/?sub1=7&sub2=1075-12819&sub3=88513-47035-116769
https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d

33 KB
9 KB

525ms
484ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d

Requested by

Host: pharmachopajulat.com
URL: https://pharmachopajulat.com/rd/c12819SAMRX88513aJPh47035vfu116769CkzY1075

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.22

Resource Hash

240e80752923182babde66686b6fee6a24c1ea8621931de6d8d22a2490cea05d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pharmachopajulat.com/rd/c12819SAMRX88513aJPh47035vfu116769CkzY1075
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7497e2ced8689bf5-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 10:16:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UPvca0voxSHQuCgQlgEkUkTnCjKQzLgnAvKSnoPlsm2hRXrhrkqCRlwXzem57pXe2JWkOiCcEtuw7PnvRRiIp7hWZPeyvhLt1MIxkOKGblpIgaHNse4u0VVcq8QOZWYTfHdMAZ%2FcdWuSik3"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: PHP/7.3.22
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
content-type: text/html; charset=utf-8
date: Mon, 12 Sep 2022 10:16:08 GMT
location: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
server: nginx
vary: Origin
via: 1.1 google
x-eflow-request-id: 4dc8218e-7d4e-4fc6-9973-f1accff44f7b

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 50ms
20ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Arimo:wght@400;700&display=swap

Requested by

Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8affc1a9a7084dd005ccc72ebc78e99a912e7fe7820025024bbb17a250c5fb44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 10:07:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 12 Sep 2022 10:16:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Sep 2022 10:16:09 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
664 B 51ms
21ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@300;400&display=swap

Requested by

Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

45f228ed95add22bceb809272910d6ed2d64f30d4e052e4f7215bd6271802cc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 10:16:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 12 Sep 2022 10:16:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Sep 2022 10:16:09 GMT

GET
H3 200 style.css
acidaburn.com/assets/css/ 9 KB
3 KB 504ms
489ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acidaburn.com/assets/css/style.css
Requested by: Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a11dc19fdd62d01a551021953abf3ecf1a2810b526df0c082a04466de20ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: public
date: Mon, 12 Sep 2022 10:16:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 15 Jul 2021 11:49:44 GMT
server: cloudflare
etag: W/"60f020d8-228d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOsqxPlPJ5FBiBBq4YrUouxfhvbHWEaSD3sz3hStQMahNR%2B0s%2B8GcfDdCgU8nFgmpKHQCdAxKPO5nUShAbAwcgky3yx3IhpKwuesb81zL89O1wy8dhuSyYCA6SmiQTncMkFgpXSl60ZUENV0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7497e2d20af8698f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 12 Oct 2022 10:16:09 GMT

GET
H2 200 a-04sh.min.js Show response
b-code.liadm.com/ 27 KB
11 KB 65ms
11ms Script
application/javascript 2600:9000:223c:9e00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-04sh.min.js
Requested by: Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:9e00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cb149abcbb379dabe7da4a5335e2cf63039f980a7b63a7bf7b5cc2becc97311b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 18:38:13 GMT
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
age: 56276
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P2
content-encoding: gzip
x-amz-cf-id: 60E17dSOTrps2ftwNqKNtWQjkpa1-6DcVnNB9j5T0RQ2rMUMfVE7CA==

GET
H3 200 speaker.png
acidaburn.com/assets/img/ 2 KB
2 KB 486ms
484ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acidaburn.com/assets/img/speaker.png
Requested by: Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b370e298d28250565cb63e3e9719e8785f64d48e552ae31733e7738abfa3572a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1656
pragma: public
last-modified: Fri, 15 Jan 2021 05:53:50 GMT
server: cloudflare
etag: "60012dee-678"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syus1%2FU%2B88Cxi2TA%2BAqriKhchDPIfOR29lRPKqn8JZxS9gRMe59oAp98RMDvzt810hq9x9GG8BwvyF9BVyimuDbabsrgJ5f8PViyJXHZtN3pxbfONwN64vhSdnIg2vWXH9iiLP%2BX%2B%2Bb6vvMR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7497e2d51fe1698f-FRA
expires: Wed, 12 Oct 2022 10:16:10 GMT

GET
H3 200 1-bottles.png
acidaburn.com/bg/images/ 467 KB
467 KB 698ms
696ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acidaburn.com/bg/images/1-bottles.png
Requested by: Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebba4cc3133d305f6e64c6170eb4f61419e59814f7e5719355654eef1a391604

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 477729
pragma: public
last-modified: Fri, 28 Jan 2022 16:06:37 GMT
server: cloudflare
etag: "61f4148d-74a21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUb02U8um5lWKA%2FWehWqG05lSZPSfIoYyh9gl2j%2BwcQ2FeIPfUb9NbroP1bNeEoYwnut9CBGTn8FdvOYCgkdkKRZRCLePGcDrWis2ZFEGxCnNCAw6VJY7zdUJGic3DatwvlBf3CwNMkqoOlv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7497e2d51fe3698f-FRA
expires: Wed, 12 Oct 2022 10:16:10 GMT

GET
H3 200 1-bottles_mobile.png
acidaburn.com/bg/images/ 332 KB
333 KB 732ms
729ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acidaburn.com/bg/images/1-bottles_mobile.png
Requested by: Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c991f61a01320398f0ef7f216e540b22c912b1c2c7a20bce7a4efeb97e455b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 340441
pragma: public
last-modified: Fri, 28 Jan 2022 16:06:32 GMT
server: cloudflare
etag: "61f41488-531d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZWxcuWXEFw%2FGrMtOaICJSFyXU%2BBae1ZqHgjmN0yBZlhyhIRoTdNpfI1t1ZBNCdt5ceWiDjmwvuujmUJNFsgADEZlVgMoNhazO6QTgW8hjKC0sPsVgffnjsderpikdXNRuoMQqCKJn95BoWb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7497e2d51fe5698f-FRA
expires: Wed, 12 Oct 2022 10:16:10 GMT

GET
H3 200 3-bottles.png
acidaburn.com/bg/images/ 503 KB
503 KB 736ms
733ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acidaburn.com/bg/images/3-bottles.png
Requested by: Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4add0ea904ac682fb4d8e3d2b7f7fb71352d90346d7811d78e04679c5893274

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 514857
pragma: public
last-modified: Fri, 28 Jan 2022 16:06:35 GMT
server: cloudflare
etag: "61f4148b-7db29"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BRLhv6bJ%2B52vITNrYeUFX8cuDKpO0gh59S3TLQ7EE1pGJ3j5O0LdIjU%2BCzDeRhCbrbL%2FerGaNiYtnAyFyg37OWSPnRxkPOYliJRByFoX6TvHlH2Z3NazvO3%2BzxXa%2FSBO93m4vf7NeHcSBdj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7497e2d51fe6698f-FRA
expires: Wed, 12 Oct 2022 10:16:10 GMT

GET
H3 200 3-bottles_mobile.png
acidaburn.com/bg/images/ 363 KB
364 KB 713ms
710ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acidaburn.com/bg/images/3-bottles_mobile.png
Requested by: Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9decb96f4636b23eba519552d532f9f3cefb356e722904255d433ce0c7ae02b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 371638
pragma: public
last-modified: Fri, 28 Jan 2022 16:06:34 GMT
server: cloudflare
etag: "61f4148a-5abb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdLnEOxbFTnNotVkSA0JeTB%2BW7uAq0K50Ov26sx8KX9p%2B7lWA2OigEd0T1KJYjoVw%2BB0sREZhk8X2NA8GcyQ2d0CrTX9e5RIREWSw8WnkNb5VDvz05CJo8zEaiHA0KftxgT4BNUX7gnCtjcD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7497e2d51fe8698f-FRA
expires: Wed, 12 Oct 2022 10:16:10 GMT

GET
H3 200 6-bottles.png
acidaburn.com/bg/images/ 512 KB
513 KB 738ms
735ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acidaburn.com/bg/images/6-bottles.png
Requested by: Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3209b28a3385b4f0adae285a64c4ddfba197c1921f1ade6e297c934c93bcc42a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 524602
pragma: public
last-modified: Fri, 28 Jan 2022 16:06:32 GMT
server: cloudflare
etag: "61f41488-8013a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyXKl8QeNl8PPwkCoyz8aMRCPhHiKSSqhV1C%2BZb8KryDv2Z7xkhEnTNPY8LlMru3wQooquWfN6%2Fyzr4uAQi27WtltHaKrnzE6PskLLQvsIEHHDmBp9Rq2FH85o1IwaSARkC85OVlJAPDd8Cl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7497e2d51fe9698f-FRA
expires: Wed, 12 Oct 2022 10:16:10 GMT

GET
H3 200 6-bottles_mobile.png
acidaburn.com/bg/images/ 374 KB
375 KB 728ms
726ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acidaburn.com/bg/images/6-bottles_mobile.png
Requested by: Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2feeba8791b46dcd598fd0701f95a24044be3719ce3e428ef179c20b8128709

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 383027
pragma: public
last-modified: Fri, 28 Jan 2022 16:06:38 GMT
server: cloudflare
etag: "61f4148e-5d833"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tq6qHDI56H%2FTNJKpqRuLUSMfD5HrE6YZVkUPjJ0UT8ri52RRO%2BfWUaUg8frOjmBXeUJ2jD%2FBFyym%2BTFNgFY0qXg37M9IQl0IL9N%2BfSrHGGAsXflNBVljnOUfRZgGHw0YEP2hKcQi%2BwBqjVOb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7497e2d51feb698f-FRA
expires: Wed, 12 Oct 2022 10:16:10 GMT

GET
H3 200 checkout.png
acidaburn.com/bg/assets/img/ 130 KB
131 KB 705ms
702ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acidaburn.com/bg/assets/img/checkout.png
Requested by: Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c68f21915a1efa3f9033a57df693d55934b0accfabefb0d457eca31a68d8d4bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 133324
pragma: public
last-modified: Wed, 27 Jan 2021 16:18:15 GMT
server: cloudflare
etag: "60119247-208cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrgS6P3re1qRO97NljaQVZ7hmnnTsAACFketO9Ey1tbuBswAjMGU8kno8E7C09tylPF82HtYS2%2Bw4urtxdq84ncLe%2F4vK5rX62gTYksAxUeQoD7vvI7Kzyy08BGXJQZL53VnlcJKw0L%2BFYt8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7497e2d51fec698f-FRA
expires: Wed, 12 Oct 2022 10:16:10 GMT

GET
H3 200 before_after.jpg
acidaburn.com/assets/img/ 9 KB
10 KB 481ms
479ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acidaburn.com/assets/img/before_after.jpg
Requested by: Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1e214979a8a11a32b5adc401c248e73b3844652ae2c7b92e8e2d78d5823d609

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9711
pragma: public
last-modified: Fri, 15 Jan 2021 05:53:17 GMT
server: cloudflare
etag: "60012dcd-25ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFVn%2B%2Bezsb11j78bxRm1vdt4%2B9rMjQdhbLPPEtVZ%2FnjIKoYqJegl0CLzvfqI56jTaFAjXQg3O1Swi03vD9f7vwYMZlYXIX3HhRLW6qxLOwePZGNcCB60lYHQKHyfcygWOynI3U5jXnkesud8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7497e2d51fed698f-FRA
expires: Wed, 12 Oct 2022 10:16:10 GMT

GET
H3 200 email-decode.min.js Show response
acidaburn.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 11ms
10ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://acidaburn.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 17:30:56 GMT
server: cloudflare
etag: W/"631783d0-4d7"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItVnbVnI6MR93GY5VIj0bUip9R115u58U56M%2BRqGE5eBT4VBImmltRLHD%2Ba6eusb57iCLDkase2xRNpZEpSf%2BjJHu0F781YTJYHEt%2B2t7dri%2BTG4S71K%2FcD6zoFBSywJp%2FM3AyLNFooMpIMH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7497e2d24b60698f-FRA
vary: Accept-Encoding
expires: Wed, 14 Sep 2022 10:16:09 GMT

GET
H2 200 disclaimer Show response
display.buygoods.com/v1/ 1 KB
2 KB 204ms
166ms Script
text/plain 2606:4700:3108::ac42:2b73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=6458

Requested by

Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b13361361dead3e8f8e37c273ea784761ba62008f9a6775fa36ff671302a3236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
strict-transport-security: max-age=31536000;
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
cf-ray: 7497e2d28e91bb65-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery-3.4.1.min.js Show response
acidaburn.com/assets/js/ 86 KB
31 KB 616ms
616ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://acidaburn.com/assets/js/jquery-3.4.1.min.js

Requested by

Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 17 Nov 2020 05:53:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nkgqqwpcdLrD%2BCGHHuXBZVWJ3bnzqIGTMaKnk%2FufrkrYddUv3EQcH%2FYAm%2BDAkBunZbUxj6GCuZ8piEbDPZedKDnIA1z%2BR%2FF%2BhwIXR9gqchh0Tpb8yTZXQQ4TH8m9o7bxYvagdpbPaB1fazU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7497e2d3ad76698f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 popilicious.js Show response
acidaburn.com/assets/js/ 2 KB
1012 B 483ms
483ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://acidaburn.com/assets/js/popilicious.js

Requested by

Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65a1e95cd2c0bbb063e1db200329f3419079ec5aa97fc83a046e1611edba3fea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 17 Nov 2020 05:53:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VaxWlbCPcK0foOAYzsC4YoGFeySJBxBgW%2BxyCHwEnOBTRfVmjp7C5CHc1CBinbgy9ofajYYcYlXFsis%2Bkc0Pn%2Bps8nTm3RC%2B1qqbomlvM5EvoK22Biu5Hhk8EQ9OVzeqYAQE10mYfnJY1MCg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7497e2d51fd4698f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 pa-5fb42149dfb2d500130002b4.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 150ms
121ms Script
application/javascript 2606:4700:10::6816:3668
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-5fb42149dfb2d500130002b4.js
Requested by: Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 144e58f4b923a881b600d44c5cc6018521585673d7a3db3742c38b682fd7a6e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:09 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 14:01:36 GMT
server: cloudflare
etag: W/"609a8e40-1852"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7497e2d54cd29193-FRA
expires: Mon, 12 Sep 2022 10:21:09 GMT

GET
H2 200 / Show response
tracking.buygoods.com/track/ 613 B
620 B 400ms
314ms Script
text/html 2606:4700:3108::ac42:2b16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.buygoods.com/track/?a=6458&firstcookie=0&referrer=https%3A%2F%2Fpharmachopajulat.com%2F&product=acidaburn1btl,acidaburn3btl,acidaburn6btl&sessid2=
Requested by: Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60583ec58a375c583e396904cada2649c4d57ebd8cf6bfd4d02f76246fc17ec5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7497e2d5addc9a00-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 10:16:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, Jan 12 1999 01:01:01 GMT

GET
H2 200 buygoods_black.png
www.buygoods.com/images/ 4 KB
5 KB 47ms
24ms Image
image/webp 2606:4700:3108::ac42:2b73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buygoods.com/images/buygoods_black.png
Requested by: Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33123ac79fae6dd7ea03a3b2d7784cbac68cb4e4ca4527d570fdc8a628210159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:09 GMT
cf-cache-status: HIT
age: 428440
cf-polished: origFmt=png, origSize=9596
content-disposition: inline; filename="buygoods_black.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4492
last-modified: Tue, 12 Sep 2017 06:30:00 GMT
server: cloudflare
etag: "59b77ee8-257c"
vary: Accept
content-type: image/webp
expires: Thu, 09 Sep 2032 10:16:09 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7497e2d54b2cbb65-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v27/ 18 KB
18 KB 65ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Arimo:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://acidaburn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 16:55:15 GMT
x-content-type-options: nosniff
age: 408054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18260
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:03:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 16:55:15 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1662977769976&aid=a-04sh&se=e30&duid=cbac501b884d--01gcrk60c67mdw8vznsae1gadp&tna=v2.4.2&pu=https%3A%2F%2Facidaburn.com%2Fbg%2F%3Faff_id%3D4770%26subid2%3D03d1842a6ce8...
https://rp4.liadm.com/j?dtstmp=1662977769976&aid=a-04sh&se=e30&duid=cbac501b884d--01gcrk60c67mdw8vznsae1gadp&tna=v2.4.2&pu=https%3A%2F%2Facidaburn.com%2Fbg%2F%3Faff_id%3D4770%26subid2%3D03d1842a6ce...

13 B
551 B

436ms
104ms

XHR
application/json

52.7.56.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1662977769976&aid=a-04sh&se=e30&duid=cbac501b884d--01gcrk60c67mdw8vznsae1gadp&tna=v2.4.2&pu=https%3A%2F%2Facidaburn.com%2Fbg%2F%3Faff_id%3D4770%26subid2%3D03d1842a6ce84fc5b5cc3d7ac0a57e0d&wpn=lc-bundle&refr=https%3A%2F%2Fpharmachopajulat.com%2F&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkhvdyBNeSBNaWxpdGFyeSBDYXJlZXIgRXhwb3NlZCBNZSB0byB0aGUgU2hvY2tpbmdseSBTaW1wbGUgV2VpZ2h0IExvc3MgUml0dWFsIFRoYXQgV291bGQgTWVsdCA0NyBQb3VuZHMgb2YgUHVyZSBCZWxseSBGYXQiPjx0aXRsZT5BY2lkYWJ1cm48L3RpdGxlPjxoMSBjbGFzcz0idGV4dC1jZW50ZXIgbWItNSI-CiAgICAgICAgICAgIDxiPkhvdyBNeSBNaWxpdGFyeSBDYXJlZXIgRXhwb3NlZCBNZSB0byB0aGUgPHN0cm9uZyBjbGFzcz0icmVkIj5TaG9ja2luZwogICAgICAgICAgICAgICAgICAgIFdlaWdodCBMb3NzIFJpdHVhbDwvc3Ryb25nPiBUaGF0IFdvdWxkIE1lbHQgPHN0cm9uZyBjbGFzcz0icmVkIj40NyBQb3VuZHM8L3N0cm9uZz4KICAgICAgICAgICAgICAgIG9mIFB1cmUgQmVsbHkgRmF0PC9iPgogICAgICAgIDwvaDE-PGgxIGNsYXNzPSJwLTMgbWItMCB3aGl0ZSI-Q2xpY2sgVG8gUGxheSBTb3VuZDwvaDE-PGgxIGNsYXNzPSJwLTMgbWItMCB3aGl0ZSI-Q2xpY2sgVG8gQ29udGludWUgVmlkZW88L2gxPjxoMSBjbGFzcz0id2hpdGUgYmctYmx1ZSBkLWZsZXggYWxpZ24taXRlbXMtY2VudGVyIG1iLTAgcHgtMiBqdXN0aWZ5LWNvbnRlbnQtY2VudGVyIHB5LTEiPjxiPjxpPldhaXQhPC9pPjwvYj48L2gxPg&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6Ojk%3D&n3pc=true

Requested by

Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d

Protocol

Server

52.7.56.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-56-125.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:10 GMT
x-pixel-event-id: 95aee140-10f6-4d13-940d-284dfee5c94a
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: null
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 9a106ba9b6024d41
request-time: 0
content-length: 13
x-content-type-options: nosniff

Redirect headers

date: Mon, 12 Sep 2022 10:16:10 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
location: https://rp4.liadm.com/j?dtstmp=1662977769976&aid=a-04sh&se=e30&duid=cbac501b884d--01gcrk60c67mdw8vznsae1gadp&tna=v2.4.2&pu=https%3A%2F%2Facidaburn.com%2Fbg%2F%3Faff_id%3D4770%26subid2%3D03d1842a6ce84fc5b5cc3d7ac0a57e0d&wpn=lc-bundle&refr=https%3A%2F%2Fpharmachopajulat.com%2F&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkhvdyBNeSBNaWxpdGFyeSBDYXJlZXIgRXhwb3NlZCBNZSB0byB0aGUgU2hvY2tpbmdseSBTaW1wbGUgV2VpZ2h0IExvc3MgUml0dWFsIFRoYXQgV291bGQgTWVsdCA0NyBQb3VuZHMgb2YgUHVyZSBCZWxseSBGYXQiPjx0aXRsZT5BY2lkYWJ1cm48L3RpdGxlPjxoMSBjbGFzcz0idGV4dC1jZW50ZXIgbWItNSI-CiAgICAgICAgICAgIDxiPkhvdyBNeSBNaWxpdGFyeSBDYXJlZXIgRXhwb3NlZCBNZSB0byB0aGUgPHN0cm9uZyBjbGFzcz0icmVkIj5TaG9ja2luZwogICAgICAgICAgICAgICAgICAgIFdlaWdodCBMb3NzIFJpdHVhbDwvc3Ryb25nPiBUaGF0IFdvdWxkIE1lbHQgPHN0cm9uZyBjbGFzcz0icmVkIj40NyBQb3VuZHM8L3N0cm9uZz4KICAgICAgICAgICAgICAgIG9mIFB1cmUgQmVsbHkgRmF0PC9iPgogICAgICAgIDwvaDE-PGgxIGNsYXNzPSJwLTMgbWItMCB3aGl0ZSI-Q2xpY2sgVG8gUGxheSBTb3VuZDwvaDE-PGgxIGNsYXNzPSJwLTMgbWItMCB3aGl0ZSI-Q2xpY2sgVG8gQ29udGludWUgVmlkZW88L2gxPjxoMSBjbGFzcz0id2hpdGUgYmctYmx1ZSBkLWZsZXggYWxpZ24taXRlbXMtY2VudGVyIG1iLTAgcHgtMiBqdXN0aWZ5LWNvbnRlbnQtY2VudGVyIHB5LTEiPjxiPjxpPldhaXQhPC9pPjwvYj48L2gxPg&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6Ojk%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://acidaburn.com
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: cf3017946bca3be3
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H3 200 / Show response
tracking.buygoods.com/track/ 7 KB
2 KB 388ms
376ms Script
application/javascript 2606:4700:3108::ac42:2b16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.buygoods.com/track/?a=6458&firstcookie=0&referrer=https%3A%2F%2Fpharmachopajulat.com%2F&product=acidaburn1btl,acidaburn3btl,acidaburn6btl&sessid2=&caller_url=https%3A%2F%2Facidaburn.com%2Fbg%2F%3Faff_id%3D4770%26subid2%3D03d1842a6ce84fc5b5cc3d7ac0a57e0d
Requested by: Host: tracking.buygoods.com
URL: https://tracking.buygoods.com/track/?a=6458&firstcookie=0&referrer=https%3A%2F%2Fpharmachopajulat.com%2F&product=acidaburn1btl,acidaburn3btl,acidaburn6btl&sessid2=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a77deb7b295b62a2831fbcaec2b664ba9417948bd78380ab5ef3426484ca1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 10:16:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7497e2d7ba6d6993-FRA
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control: no-cache, must-revalidate
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, Jan 12 1999 01:01:01 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 81ms
35ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f347fcfc50a2369431e1317fd620a222e26e33e775a3bc19d117dc015f0389e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 12 Sep 2022 10:16:10 GMT

GET
H3 200 invisible.js Show response
acidaburn.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 5231 36 KB
14 KB 16ms
15ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acidaburn.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662969600
Requested by: Host: pharmachopajulat.com
URL: https://pharmachopajulat.com/rd/c12819SAMRX88513aJPh47035vfu116769CkzY1075
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ecc0f42efe855d7a531bef261c162beb6285a12bef22414858033b8e9cc009

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:10 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeBMocGWRkDBCIPNHmYUMiEavrxhGfMhOanQboVEaeVNqg4Aqgj9cX%2BLUa1wZmf2HLc6JP5Z3t3pjqDfy075dsZo2bCAdDjkpkNqOe%2Fe%2B6iN8RjN%2F7uDiazJoGQpNxtG96arW59LFCkm2haN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7497e2d84d04698f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
acidaburn.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 5231 27 KB
9 KB 12ms
12ms Other
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acidaburn.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: acidaburn.com
URL: https://acidaburn.com/bg/?aff_id=4770&subid2=03d1842a6ce84fc5b5cc3d7ac0a57e0d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17637c298efcd72c594960d720da3ebcb4e5716bac136c0f06498ab5ea68ab81

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:10 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVScP6ypP0ufV1z26efbvLkUUSDeo%2FzUSkgpwB%2F%2BDsti0jK5yft4L0N39knq1jx65l0%2BITm4Ibonn6f9LMbWhx8dtnRvY1fuSN0mGC6%2Bh7oc0TlqlCjdsYTlPweew%2BpOpYr6hmIqUDPloyP8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7497e2d86d5d698f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/977792fa/www-widgetapi.vflset/ 161 KB
52 KB 71ms
14ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/977792fa/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d066e71f460f47d443274fbbb4b550bd1d68e2d4df4ad39e8117cdd3b3d9867

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:39:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53533
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 00:15:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 12 Sep 2023 09:39:19 GMT

GET
H3 200 6eh52HhiUMc Show response
www.youtube.com/embed/ Frame A99F 65 KB
26 KB 72ms
71ms Document
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/6eh52HhiUMc?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Facidaburn.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3c660e3512cc6f18960ce0cfa0ba8f159919786c76ea8ec4acf8a08b5af63979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acidaburn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Mon, 12 Sep 2022 10:16:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 7497e2ced8689bf5 Show response
acidaburn.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 5231 2 B
658 B 34ms
34ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acidaburn.com/cdn-cgi/challenge-platform/h/g/cv/result/7497e2ced8689bf5
Requested by: Host: acidaburn.com
URL: https://acidaburn.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662969600
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Sep 2022 10:16:10 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxtzNab1PKCOyK6XGcQurXr%2FuxgSS7sR3QZw01CspKqbRO%2BM4gAl7MB%2B6XH%2BfH9Dvt1jX5I3EuazTsSc%2BncmlOfy1VESMr0aGrKzZ5MathxpZR%2BnKTwlB3%2BF68nxFpSJumBETrUR1meKUcMb"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7497e2db6af2698f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 www-player.css
www.youtube.com/s/player/977792fa/ Frame A99F 353 KB
48 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/977792fa/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6eh52HhiUMc?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Facidaburn.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

113dca0f56d2dcb3d8ff5370d346953e4bfa000b391465c9e57838b34ffaa214

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6eh52HhiUMc?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Facidaburn.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 15:56:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65972
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49093
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 00:15:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 11 Sep 2023 15:56:38 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/977792fa/www-embed-player.vflset/ Frame A99F 309 KB
96 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/977792fa/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06743064f3a305c1841b295e3716f27b810569226e83af1b0577ee689a470c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6eh52HhiUMc?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Facidaburn.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 17:12:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 320636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97906
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 00:15:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 08 Sep 2023 17:12:14 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/ Frame A99F 2 MB
576 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fae5fbb1654d109dd24758d8d35410e465df5bf5f3662a720a1e2e9070dcafca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6eh52HhiUMc?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Facidaburn.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 17:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 320599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 589229
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 00:15:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 08 Sep 2023 17:12:51 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/977792fa/fetch-polyfill.vflset/ Frame A99F 9 KB
3 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/977792fa/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6eh52HhiUMc?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Facidaburn.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 17:12:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 320636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 00:15:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 08 Sep 2023 17:12:14 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A99F 15 KB
15 KB 49ms
18ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 493769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 06 Sep 2023 17:06:41 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame A99F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

78ms
23ms

XHR
application/json

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0a8f42ea2955b61a94357d14371bd759494b069263161be6f6dbd78ccb6fdf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 12 Sep 2022 10:16:11 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame A99F 29 B
587 B 62ms
25ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:09:30 GMT
x-content-type-options: nosniff
age: 401
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Sep 2022 10:24:30 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 252ms
34ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 12 Sep 2022 10:16:11 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A99F 65 KB
30 KB 56ms
28ms XHR
application/json+protobuf 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fda17d7c3b60b75efe17c8557e60503c21383b1343a85c413c1a3211763e08a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 12 Sep 2022 10:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30747
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame A99F 63 KB
21 KB 124ms
123ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

c465f0044c391f1740f76b483cc81d9585cfa5cdab994de1e2904ba14b24968e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/6eh52HhiUMc?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Facidaburn.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220907.01.00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
X-Goog-Visitor-Id: CgtJSDVoeWJIczhiNCjqjfyYBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 12 Sep 2022 10:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21187
x-xss-protection: 0
expires: Mon, 12 Sep 2022 10:16:11 GMT

GET
H2 200 9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js Show response
www.google.com/js/th/ Frame A99F 36 KB
14 KB 206ms
23ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5ee50f4975d82ecc0798272049b7b1ac20d0876ef40a2986960cae5aec85800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 15:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 241126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14185
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 15:17:25 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/ Frame A99F 28 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2a6dedd4b0a2c9fda9165b234cbeac9c3b6de0ab6c31f684d0e4e198c3cde5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6eh52HhiUMc?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Facidaburn.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 17:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 320583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8326
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 00:15:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 08 Sep 2023 17:13:08 GMT

GET
DATA 200
OK truncated
/ Frame A99F 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu8vlHwJ1_o5KJKsjW3AoUq7vtH29tj6gBiDWbMj=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A99F 3 KB
3 KB 175ms
34ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu8vlHwJ1_o5KJKsjW3AoUq7vtH29tj6gBiDWbMj=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b9b5bb21ced1d7bf4dca2cdfe20b148dab6863ade97376b7c04c4ed063348297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:11 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2943
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 11 Sep 2022 15:56:35 GMT

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame A99F 0
19 B 23ms
22ms XHR
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=244&afmt=251&cpn=s40DSPseTX6UUhSW&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24226335%2C24230280%2C24231054%2C24248385%2C24255165%2C24257695%2C24260441%2C24263273%2C24269952%2C24269957%2C24273913%2C24276618%2C24277989%2C24278467%2C24280303%2C39322399&cl=472825221&seq=1&docid=6eh52HhiUMc&ei=6wYfY46FBu-O6dsPxquOgAU&event=streamingstats&plid=AAXoeC9RpZOv5b97&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F6eh52HhiUMc%3Fautoplay%3D1%26cc_load_policy%3D0%26controls%3D0%26disablekb%3D1%26fs%3D0%26playsinline%3D1%26modestbranding%3D1%26iv_load_policy%3D3%26rel%3D0%26showinfo%3D0%26host%3Dhttps%253A%252F%252Fwww.youtube.com%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Facidaburn.com%26widgetid%3D1&cbr=Chrome&cbrver=105.0.5195.102&c=WEB_EMBEDDED_PLAYER&cver=1.20220907.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.018:B,0.114:S,0.174:S,0.174:S&cmt=0.018:0.000,0.114:0.000,0.174:0.000&afs=0.174:251::i&vfs=0.174:244:244::r&view=0.174:800:1203&bwe=0.174:130000&bat=0.174:1:1&vis=0.174:0&bh=0.174:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/6eh52HhiUMc?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Facidaburn.com&widgetid=1
X-YouTube-Client-Version: 1.20220907.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtJSDVoeWJIczhiNCjqjfyYBg%3D%3D
X-YouTube-Ad-Signals: dt=1662977770953&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C1203&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 10:16:11 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
rr4---sn-5hneknek.googlevideo.com/ Frame A99F 194 KB
195 KB 117ms
31ms Fetch
video/webm 2a00:1450:400e:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-5hneknek.googlevideo.com/videoplayback?expire=1662999371&ei=6wYfY46FBu-O6dsPxquOgAU&ip=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A9&id=o-ACPcyJmxNOgUiZe9K9xCkJRRvjXgczhNJScb9wm6bmSa&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=Ms&mm=31%2C29&mn=sn-5hneknek%2Csn-5hne6nzd&ms=au%2Crdu&mv=m&mvi=4&pl=44&initcwndbps=1143750&spc=lT-KhtENfoONx4eOwNjtc9F0PMqz8l8&vprv=1&mime=video%2Fwebm&ns=zHKYc8s1HPtCw24e3FuWxw8H&gir=yes&clen=75796047&dur=3299.229&lmt=1605836393663882&mt=1662977591&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5432434&n=zIJ0QUvrYugkYA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANFRoWVpWFbDcEN-cDWXT4AGvn6p2FtNbtUnS9DQPTh_AiBdrGWj1RtdB0ZG_zAwEh_RNQrAwh8lI_d34jR9sMkpOQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgUalqX41htwy5JUKn5Xym6xuzg6Rv3ewa2Yuuc38QSzYCIH5qsOu5-h35R4dRJtEEA2IrH-OLIDIYM2kJ2h47JKlH&alr=yes&cpn=s40DSPseTX6UUhSW&cver=1.20220907.01.00&range=0-198505&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:16::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d2cf17e096be5963b060c92bcf26f95bd867212091dc35e0d3f0193eb5e0c1cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 10:16:11 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 198506
Last-Modified: Fri, 20 Nov 2020 01:39:53 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Mon, 12 Sep 2022 10:16:11 GMT

GET
H/1.1 200
OK videoplayback Show response
rr4---sn-5hneknek.googlevideo.com/ Frame A99F 70 KB
71 KB 133ms
50ms Fetch
audio/webm 2a00:1450:400e:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-5hneknek.googlevideo.com/videoplayback?expire=1662999371&ei=6wYfY46FBu-O6dsPxquOgAU&ip=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A9&id=o-ACPcyJmxNOgUiZe9K9xCkJRRvjXgczhNJScb9wm6bmSa&itag=251&source=youtube&requiressl=yes&mh=Ms&mm=31%2C29&mn=sn-5hneknek%2Csn-5hne6nzd&ms=au%2Crdu&mv=m&mvi=4&pl=44&initcwndbps=1143750&spc=lT-KhtENfoONx4eOwNjtc9F0PMqz8l8&vprv=1&mime=audio%2Fwebm&ns=zHKYc8s1HPtCw24e3FuWxw8H&gir=yes&clen=59412120&dur=3299.261&lmt=1605776283927159&mt=1662977591&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5432434&n=zIJ0QUvrYugkYA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgcvbJacsNfS6SXSmLWQcPhNxQkRSoFaAPmncYydAUMugCIQDmx6fapT0_W80HTXoNo32KWFx3X87g2gpx2UjkkDHjhg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgUalqX41htwy5JUKn5Xym6xuzg6Rv3ewa2Yuuc38QSzYCIH5qsOu5-h35R4dRJtEEA2IrH-OLIDIYM2kJ2h47JKlH&alr=yes&cpn=s40DSPseTX6UUhSW&cver=1.20220907.01.00&range=0-71640&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:16::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

91193f5df176653f6f2ae1805201894117899bd8425fa0a0f9a84ae24c54e441

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 10:16:11 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 71641
Last-Modified: Thu, 19 Nov 2020 08:58:03 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 12 Sep 2022 10:16:11 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/ Frame A99F 65 KB
24 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7be729c227e9e162cffcd91ffe55d0bdc73b6f3038fdc650549a3c07eb47ff68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6eh52HhiUMc?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Facidaburn.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 17:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 320598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24609
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 00:15:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 08 Sep 2023 17:12:53 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/ Frame A99F 31 KB
8 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89f14ced5660e05af9f0d4f125fd1666d125c91cc7c4187e8c210ccfb7efce92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6eh52HhiUMc?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Facidaburn.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 17:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 320596
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8506
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 00:15:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 08 Sep 2023 17:12:55 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame A99F 6 KB
2 KB 224ms
224ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

80fde35a493d19449c387b882546d129cbb8e7b32b254807a7e2393a32dce285

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/6eh52HhiUMc?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Facidaburn.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220907.01.00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
X-Goog-Visitor-Id: CgtJSDVoeWJIczhiNCjqjfyYBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 12 Sep 2022 10:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2004
x-xss-protection: 0
expires: Mon, 12 Sep 2022 10:16:11 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame A99F 0
10 B 14ms
13ms Image
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?UHWvSg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6eh52HhiUMc?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Facidaburn.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 176ms
30ms XHR
text/plain 63.33.120.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=5fb42149dfb2d500130002b4&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=488&cE=516&dLE=488&dLS=476&fS=475&hS=494&rE=-1&rS=-1&reS=516&resS=1000&resE=1001&uEE=-1&uES=-1&dL=1003&dI=2019&dCLES=2019&dCLEE=2020&dC=3108&lES=3108&lEE=3109&s=nt&title=Acidaburn&path=https%3A%2F%2Facidaburn.com%2Fbg%2F&ref=https%3A%2F%2Fpharmachopajulat.com%2F&sId=oj719q5y&sST=1662977771&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5fb42149dfb2d500130002b4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.120.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-120-123.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acidaburn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Mon, 12 Sep 2022 10:16:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H3 200 videoplayback Show response
rr4---sn-5hneknek.googlevideo.com/ Frame A99F 153 KB
153 KB 29ms
13ms Fetch
video/webm 2a00:1450:400e:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:16::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4a2c96a425fd865a9eb70b00dab82ea2d26d0c2df1065f0c6e49dd667d23f89b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:11 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156545
client-protocol: quic
last-modified: Fri, 20 Nov 2020 01:39:53 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 12 Sep 2022 10:16:11 GMT

GET
H3 200 AMLnZu8vlHwJ1_o5KJKsjW3AoUq7vtH29tj6gBiDWbMj=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A99F 4 KB
4 KB 60ms
28ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu8vlHwJ1_o5KJKsjW3AoUq7vtH29tj6gBiDWbMj=s88-c-k-c0x00ffffff-no-rj

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

257112dca0e543b6be83df11293cc7efa0bb2aa441f54e9961ed1973f9d85922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:11 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3837
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 11 Sep 2022 15:56:37 GMT

GET
H3 200 videoplayback Show response
rr4---sn-5hneknek.googlevideo.com/ Frame A99F 128 KB
128 KB 22ms
22ms Fetch
audio/webm 2a00:1450:400e:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-5hneknek.googlevideo.com/videoplayback?expire=1662999371&ei=6wYfY46FBu-O6dsPxquOgAU&ip=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A9&id=o-ACPcyJmxNOgUiZe9K9xCkJRRvjXgczhNJScb9wm6bmSa&itag=251&source=youtube&requiressl=yes&mh=Ms&mm=31%2C29&mn=sn-5hneknek%2Csn-5hne6nzd&ms=au%2Crdu&mv=m&mvi=4&pl=44&initcwndbps=1143750&spc=lT-KhtENfoONx4eOwNjtc9F0PMqz8l8&vprv=1&mime=audio%2Fwebm&ns=zHKYc8s1HPtCw24e3FuWxw8H&gir=yes&clen=59412120&dur=3299.261&lmt=1605776283927159&mt=1662977591&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5432434&n=zIJ0QUvrYugkYA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgcvbJacsNfS6SXSmLWQcPhNxQkRSoFaAPmncYydAUMugCIQDmx6fapT0_W80HTXoNo32KWFx3X87g2gpx2UjkkDHjhg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgUalqX41htwy5JUKn5Xym6xuzg6Rv3ewa2Yuuc38QSzYCIH5qsOu5-h35R4dRJtEEA2IrH-OLIDIYM2kJ2h47JKlH&alr=yes&cpn=s40DSPseTX6UUhSW&cver=1.20220907.01.00&range=71641-202868&rn=4&rbuf=6476

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:16::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ff8893b39deae2369515ef47aa9ff9ad9da34f64da0115e28e7d89638a095d9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:11 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131228
client-protocol: quic
last-modified: Thu, 19 Nov 2020 08:58:03 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 12 Sep 2022 10:16:11 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A99F 90 B
134 B 27ms
26ms XHR
application/json+protobuf 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

feec252f98c6afa93da76b88a87066692fb747870fd7657cab9ee58c7ebb4fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 12 Sep 2022 10:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 28ms
27ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 12 Sep 2022 10:16:11 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 videoplayback Show response
rr4---sn-5hneknek.googlevideo.com/ Frame A99F 830 KB
830 KB 14ms
14ms Fetch
video/webm 2a00:1450:400e:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:16::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e96977ea037534e2b30008ae1ce41d8ae32de4a89a5d3a9ea3b51665042c67b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:11 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 850093
client-protocol: quic
last-modified: Fri, 20 Nov 2020 01:39:53 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 12 Sep 2022 10:16:11 GMT

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame A99F 0
17 B 48ms
48ms XHR
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=s40DSPseTX6UUhSW&ver=2&cmt=0.056&fmt=244&fs=0&rt=0.611&euri=https%3A%2F%2Facidaburn.com%2F&lact=645&cl=472825221&mos=1&volume=100&cbr=Chrome&cbrver=105.0.5195.102&c=WEB_EMBEDDED_PLAYER&cver=1.20220907.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&splay=1&hl=de_DE&cr=DE&len=3299.261&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24226335%2C24230280%2C24231054%2C24248385%2C24255165%2C24257695%2C24260441%2C24263273%2C24269952%2C24269957%2C24273913%2C24276618%2C24277989%2C24278467%2C24280303%2C39322399&rtn=8&afmt=251&size=800%3A1203&inview=0&muted=1&docid=6eh52HhiUMc&ei=6wYfY46FBu-O6dsPxquOgAU&plid=AAXoeC9RpZOv5b97&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F6eh52HhiUMc%3Fautoplay%3D1%26cc_load_policy%3D0%26controls%3D0%26disablekb%3D1%26fs%3D0%26playsinline%3D1%26modestbranding%3D1%26iv_load_policy%3D3%26rel%3D0%26showinfo%3D0%26host%3Dhttps%253A%252F%252Fwww.youtube.com%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Facidaburn.com%26widgetid%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBTlRLbG52NFpvQTVfbXBob0ZBLUt2emtMeXdhTmhXVVdITi1vUlE1VW5jUjU0YlJWd2JSQVBta0tESkR0U3FMVml3ODQyQ1MxdnhnLTFtaE5HSTRDclJJN2NzNmFyakx1LVNoSDFOX2FlUnpya0VQZ1E4UjMtdmZmTy1IcVZlWlpuZ2lBZw

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/6eh52HhiUMc?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Facidaburn.com&widgetid=1
X-YouTube-Client-Version: 1.20220907.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtJSDVoeWJIczhiNCjqjfyYBg%3D%3D
X-YouTube-Ad-Signals: dt=1662977770953&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C1203&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 10:16:11 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame A99F 0
20 B 42ms
42ms XHR
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=6eh52HhiUMc&cpn=s40DSPseTX6UUhSW&ei=6wYfY46FBu-O6dsPxquOgAU&ptk=youtube_none&pltype=contentugc

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/6eh52HhiUMc?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Facidaburn.com&widgetid=1
X-YouTube-Client-Version: 1.20220907.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtJSDVoeWJIczhiNCjqjfyYBg%3D%3D
X-YouTube-Ad-Signals: dt=1662977770953&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C1203&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 10:16:11 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame A99F 28 B
55 B 32ms
32ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
X-Goog-Request-Time: 1662977773490
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/6eh52HhiUMc?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Facidaburn.com&widgetid=1
X-YouTube-Client-Version: 1.20220907.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtJSDVoeWJIczhiNCjqjfyYBg%3D%3D
X-YouTube-Ad-Signals: dt=1662977770854&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C1203&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 12 Sep 2022 10:16:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 12 Sep 2022 10:16:13 GMT

GET
H3 200 videoplayback Show response
rr4---sn-5hneknek.googlevideo.com/ Frame A99F 242 KB
242 KB 14ms
13ms Fetch
audio/webm 2a00:1450:400e:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-5hneknek.googlevideo.com/videoplayback?expire=1662999371&ei=6wYfY46FBu-O6dsPxquOgAU&ip=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A9&id=o-ACPcyJmxNOgUiZe9K9xCkJRRvjXgczhNJScb9wm6bmSa&itag=251&source=youtube&requiressl=yes&mh=Ms&mm=31%2C29&mn=sn-5hneknek%2Csn-5hne6nzd&ms=au%2Crdu&mv=m&mvi=4&pl=44&initcwndbps=1143750&spc=lT-KhtENfoONx4eOwNjtc9F0PMqz8l8&vprv=1&mime=audio%2Fwebm&ns=zHKYc8s1HPtCw24e3FuWxw8H&gir=yes&clen=59412120&dur=3299.261&lmt=1605776283927159&mt=1662977591&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5432434&n=zIJ0QUvrYugkYA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgcvbJacsNfS6SXSmLWQcPhNxQkRSoFaAPmncYydAUMugCIQDmx6fapT0_W80HTXoNo32KWFx3X87g2gpx2UjkkDHjhg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgUalqX41htwy5JUKn5Xym6xuzg6Rv3ewa2Yuuc38QSzYCIH5qsOu5-h35R4dRJtEEA2IrH-OLIDIYM2kJ2h47JKlH&alr=yes&cpn=s40DSPseTX6UUhSW&cver=1.20220907.01.00&range=202869-450177&rn=6&rbuf=12204&pot=D8WDXqmyK70OxbsgyYI0A1x4pVsa-9SapcSSk19KUFbMcbRDVz6Fo2kj-0BsvxPrcfyXVM0JIppsWzAF_4BHqWS-eiAnIZG0FHNPU8K_FCbb6bvTd-_vN3sYEpdFeSdVuuefCt0=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:16::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ea3834018dc50e75e6e562d6fca18fd90b6037db5226c7330bd3f018975cd3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:16:14 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247309
client-protocol: quic
last-modified: Thu, 19 Nov 2020 08:58:03 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21297
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 12 Sep 2022 10:16:14 GMT

POST
H3 204 atr Show response
www.youtube.com/api/stats/ Frame A99F 0
20 B 27ms
27ms XHR
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=s40DSPseTX6UUhSW&ver=2&cmt=4.58&fmt=244&fs=0&rt=5.132&euri=https%3A%2F%2Facidaburn.com%2F&lact=5167&cl=472825221&mos=1&volume=100&cbr=Chrome&cbrver=105.0.5195.102&c=WEB_EMBEDDED_PLAYER&cver=1.20220907.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&splay=1&hl=de_DE&cr=DE&len=3299.261&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24226335%2C24230280%2C24231054%2C24248385%2C24255165%2C24257695%2C24260441%2C24263273%2C24269952%2C24269957%2C24273913%2C24276618%2C24277989%2C24278467%2C24280303%2C39322399&afmt=251&muted=1&docid=6eh52HhiUMc&ei=6wYfY46FBu-O6dsPxquOgAU&plid=AAXoeC9RpZOv5b97&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F6eh52HhiUMc%3Fautoplay%3D1%26cc_load_policy%3D0%26controls%3D0%26disablekb%3D1%26fs%3D0%26playsinline%3D1%26modestbranding%3D1%26iv_load_policy%3D3%26rel%3D0%26showinfo%3D0%26host%3Dhttps%253A%252F%252Fwww.youtube.com%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Facidaburn.com%26widgetid%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBTlRLbG52NFpvQTVfbXBob0ZBLUt2emtMeXdhTmhXVVdITi1vUlE1VW5jUjU0YlJWd2JSQVBta0tESkR0U3FMVml3ODQyQ1MxdnhnLTFtaE5HSTRDclJJN2NzNmFyakx1LVNoSDFOX2FlUnpya0VQZ1E4UjMtdmZmTy1IcVZlWlpuZ2lBZw

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/977792fa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/6eh52HhiUMc?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Facidaburn.com&widgetid=1
X-YouTube-Client-Version: 1.20220907.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtJSDVoeWJIczhiNCjqjfyYBg%3D%3D
X-YouTube-Ad-Signals: dt=1662977770953&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C1203&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 10:16:16 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.loguq.com/	1970-01-20 06:39:29	Name: uniqueClick_XF27W48N Value: c68539c4-da82-48d6-aa95-bee1684cd377:1662977768
www.loguq.com/	1970-01-20 08:05:53	Name: transaction_id Value: 03d1842a6ce84fc5b5cc3d7ac0a57e0d
.acidaburn.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .acidaburn.com
.acidaburn.com/	1970-01-20 15:32:17	Name: _lc2_fpi Value: cbac501b884d--01gcrk60c67mdw8vznsae1gadp
acidaburn.com/	1970-01-20 14:34:41	Name: _vidst Value: 1
.liadm.com/	1970-01-20 15:32:17	Name: lidid Value: b6087308-88ce-4560-9181-45825a02042a
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: kSuesNGgcPw
.youtube.com/	1970-01-20 10:15:29	Name: VISITOR_INFO1_LIVE Value: IH5hybHs8b4
.acidaburn.com/	1970-01-20 08:05:53	Name: sessid2 Value: sessid2022091210165454
.acidaburn.com/	1970-01-20 08:05:53	Name: spi_funnel_codename Value:
.acidaburn.com/	1970-01-20 08:05:53	Name: aff_id Value: 4770
.acidaburn.com/	1970-01-20 08:05:53	Name: sid Value: %7C03d1842a6ce84fc5b5cc3d7ac0a57e0d
.acidaburn.com/	1970-01-20 08:05:53	Name: campaign_id Value:
.acidaburn.com/	1970-01-20 08:05:53	Name: referrer Value: 2a00:c98:2050:a007:2::9:pharmachopajulat.com:acidaburn.com%2Fbg
.acidaburn.com/	1970-01-20 05:56:19	Name: __cf_bm Value: 96madehDoQBChZfy_gR3IFG6yOmI1roQ.UnwPzAKyZ0-1662977770-0-AXlh+skSGu42u8/q42LENTItI+XhTUbgKgcOkah9UHwIm6KVGy859IY/qYrLLEyPhXC3e0SRKt854Ux2Nihhx4wv1fxQLiF6RGvxKUr3B0lyAdAUGObMBuH9flAI3XgE6w==
acidaburn.com/	1970-01-20 14:34:41	Name: _leftoff Value: 3.55587005531311

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acidaburn.com
b-code.liadm.com
display.buygoods.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
pharmachopajulat.com
rp.liadm.com
rp4.liadm.com
rr4---sn-5hneknek.googlevideo.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
static.doubleclick.net
tracking.buygoods.com
www.buygoods.com
www.google.com
www.loguq.com
www.youtube.com
yt3.ggpht.com
2600:1f18:730:b140:d4dd:8728:eb33:a60d
2600:9000:223c:9e00:8:8845:1500:93a1
2606:4700:10::6816:3668
2606:4700:3031::6815:2b4a
2606:4700:3108::ac42:2b16
2606:4700:3108::ac42:2b73
2a00:1450:4001:800::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:811::2004
2a00:1450:4001:811::2006
2a00:1450:4001:811::200a
2a00:1450:4001:82b::2003
2a00:1450:400e:16::9
2a00:1450:400e:80f::200a
2a06:98c1:3120::3
35.227.247.224
52.7.56.125
63.33.120.123
01ecc0f42efe855d7a531bef261c162beb6285a12bef22414858033b8e9cc009
06743064f3a305c1841b295e3716f27b810569226e83af1b0577ee689a470c7b
113dca0f56d2dcb3d8ff5370d346953e4bfa000b391465c9e57838b34ffaa214
144e58f4b923a881b600d44c5cc6018521585673d7a3db3742c38b682fd7a6e5
17637c298efcd72c594960d720da3ebcb4e5716bac136c0f06498ab5ea68ab81
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
240e80752923182babde66686b6fee6a24c1ea8621931de6d8d22a2490cea05d
257112dca0e543b6be83df11293cc7efa0bb2aa441f54e9961ed1973f9d85922
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3209b28a3385b4f0adae285a64c4ddfba197c1921f1ade6e297c934c93bcc42a
33123ac79fae6dd7ea03a3b2d7784cbac68cb4e4ca4527d570fdc8a628210159
3c660e3512cc6f18960ce0cfa0ba8f159919786c76ea8ec4acf8a08b5af63979
3c991f61a01320398f0ef7f216e540b22c912b1c2c7a20bce7a4efeb97e455b3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
45f228ed95add22bceb809272910d6ed2d64f30d4e052e4f7215bd6271802cc5
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a2c96a425fd865a9eb70b00dab82ea2d26d0c2df1065f0c6e49dd667d23f89b
4d066e71f460f47d443274fbbb4b550bd1d68e2d4df4ad39e8117cdd3b3d9867
60583ec58a375c583e396904cada2649c4d57ebd8cf6bfd4d02f76246fc17ec5
65a1e95cd2c0bbb063e1db200329f3419079ec5aa97fc83a046e1611edba3fea
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7be729c227e9e162cffcd91ffe55d0bdc73b6f3038fdc650549a3c07eb47ff68
80fde35a493d19449c387b882546d129cbb8e7b32b254807a7e2393a32dce285
89f14ced5660e05af9f0d4f125fd1666d125c91cc7c4187e8c210ccfb7efce92
8affc1a9a7084dd005ccc72ebc78e99a912e7fe7820025024bbb17a250c5fb44
91193f5df176653f6f2ae1805201894117899bd8425fa0a0f9a84ae24c54e441
9decb96f4636b23eba519552d532f9f3cefb356e722904255d433ce0c7ae02b0
a4add0ea904ac682fb4d8e3d2b7f7fb71352d90346d7811d78e04679c5893274
a77deb7b295b62a2831fbcaec2b664ba9417948bd78380ab5ef3426484ca1bdc
b0a8f42ea2955b61a94357d14371bd759494b069263161be6f6dbd78ccb6fdf1
b13361361dead3e8f8e37c273ea784761ba62008f9a6775fa36ff671302a3236
b2a6dedd4b0a2c9fda9165b234cbeac9c3b6de0ab6c31f684d0e4e198c3cde5c
b370e298d28250565cb63e3e9719e8785f64d48e552ae31733e7738abfa3572a
b9b5bb21ced1d7bf4dca2cdfe20b148dab6863ade97376b7c04c4ed063348297
ba4a11dc19fdd62d01a551021953abf3ecf1a2810b526df0c082a04466de20ca
c1e214979a8a11a32b5adc401c248e73b3844652ae2c7b92e8e2d78d5823d609
c465f0044c391f1740f76b483cc81d9585cfa5cdab994de1e2904ba14b24968e
c68f21915a1efa3f9033a57df693d55934b0accfabefb0d457eca31a68d8d4bb
cb149abcbb379dabe7da4a5335e2cf63039f980a7b63a7bf7b5cc2becc97311b
d2cf17e096be5963b060c92bcf26f95bd867212091dc35e0d3f0193eb5e0c1cf
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96977ea037534e2b30008ae1ce41d8ae32de4a89a5d3a9ea3b51665042c67b9
ea3834018dc50e75e6e562d6fca18fd90b6037db5226c7330bd3f018975cd3bf
ebba4cc3133d305f6e64c6170eb4f61419e59814f7e5719355654eef1a391604
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f2feeba8791b46dcd598fd0701f95a24044be3719ce3e428ef179c20b8128709
f347fcfc50a2369431e1317fd620a222e26e33e775a3bc19d117dc015f0389e0
f5ee50f4975d82ecc0798272049b7b1ac20d0876ef40a2986960cae5aec85800
fae5fbb1654d109dd24758d8d35410e465df5bf5f3662a720a1e2e9070dcafca
fda17d7c3b60b75efe17c8557e60503c21383b1343a85c413c1a3211763e08a9
feec252f98c6afa93da76b88a87066692fb747870fd7657cab9ee58c7ebb4fcb
ff8893b39deae2369515ef47aa9ff9ad9da34f64da0115e28e7d89638a095d9c

acidaburn.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

97 %HTTPS

84 %IPv6

13 Domains

20 Subdomains

18 IPs

3 Countries

5362 kBTransfer

7808 kBSize

16 Cookies

6 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

acidaburn.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

97 %
HTTPS

84 %
IPv6

13
Domains

20
Subdomains

18
IPs

3
Countries

5362 kB
Transfer

7808 kB
Size

16
Cookies

63 HTTP transactions
1 data transactions