urlscan.io logo urlscan.io
SecurityTrails logo

memosurge.com Open in urlscan Pro
104.21.91.198  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://21-domain.biz/rd/c13441WRjSd3326127SVJf155iQE17123UFnx1100
Effective URL: https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Submission: On September 19 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 17 domains to perform 58 HTTP transactions. The main IP is 104.21.91.198, located in and belongs to CLOUDFLARENET, US. The main domain is memosurge.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 15th 2021. Valid for: a year.
This is the only time memosurge.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 152.70.239.203 31898 (ORACLE-BM...)
1 1 209.236.123.240 393398 (ASN-DIS)
1 2 169.61.196.30 36351 (SOFTLAYER)
13 104.21.91.198 13335 (CLOUDFLAR...)
1 172.217.16.136 15169 (GOOGLE)
4 142.250.186.138 15169 (GOOGLE)
5 142.250.186.99 15169 (GOOGLE)
2 142.250.185.142 15169 (GOOGLE)
1 34.123.133.9 15169 (GOOGLE)
1 169.61.196.27 36351 (SOFTLAYER)
16 142.250.185.174 15169 (GOOGLE)
1 142.251.5.154 15169 (GOOGLE)
1 2 142.250.185.66 15169 (GOOGLE)
1 142.250.74.198 15169 (GOOGLE)
1 142.250.185.100 15169 (GOOGLE)
1 142.250.181.225 15169 (GOOGLE)
1 142.250.186.182 15169 (GOOGLE)
6 74.125.162.102 15169 (GOOGLE)
58 18
2    152.70.239.203 (Seoul, Korea, Republic Of)

ASN31898 (ORACLE-BMC-31898, US)
21-domain.biz
1    209.236.123.240 (United States)

ASN393398 (ASN-DIS, US)
PTR: 209.236.123.240
www.crackedjiggle.com
2    169.61.196.30 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 1e.c4.3da9.ip4.static.sl-reverse.com
mwdazzling.com
go.maxweb.com
13    104.21.91.198 (None, )

ASN13335 (CLOUDFLARENET, US)
memosurge.com
1    172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f136.1e100.net
www.googletagmanager.com
4    142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net
fonts.googleapis.com
5    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
fonts.gstatic.com
2    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.google-analytics.com
1    34.123.133.9 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 9.133.123.34.bc.googleusercontent.com
0coitns4.embtrk.com
1    169.61.196.27 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 1b.c4.3da9.ip4.static.sl-reverse.com
tracking.buygoods.com
16    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
www.youtube.com
1    142.251.5.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f154.1e100.net
stats.g.doubleclick.net
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.74.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
static.doubleclick.net
1    142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net
www.google.com
1    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
yt3.ggpht.com
1    142.250.186.182 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f22.1e100.net
i.ytimg.com
6    74.125.162.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s60-in-f6.1e100.net
r1---sn-4g5ednd7.googlevideo.com
Domain Requested by
16 www.youtube.com memosurge.com
www.youtube.com
13 memosurge.com 21-domain.biz
memosurge.com
6 r1---sn-4g5ednd7.googlevideo.com www.youtube.com
5 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
4 fonts.googleapis.com memosurge.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 21-domain.biz 1 redirects
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 go.maxweb.com memosurge.com
1 stats.g.doubleclick.net www.google-analytics.com
1 tracking.buygoods.com memosurge.com
1 0coitns4.embtrk.com memosurge.com
1 www.googletagmanager.com memosurge.com
1 mwdazzling.com 1 redirects
1 www.crackedjiggle.com 1 redirects
58 19

This site contains links to these domains. Also see Links.

Domain
www.buygoods.com
www.google.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-15 -
2022-06-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
0coitns4.embtrk.com
R3		 2021-09-04 -
2021-12-03		 3 months crt.sh
clickcrm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-09 -
2021-11-02		 8 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
maxweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-25 -
2022-03-01		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-08-17 -
2021-10-26		 2 months crt.sh

This page contains 4 frames:

Primary Page: https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Frame ID: 94E8FE7AB42F42B4D050BE6FC48701F6
Requests: 30 HTTP requests in this frame

Frame: https://memosurge.com/pixels/maxweb-click?key=NONhGosFB4fKzB1uKD0dl6sGjLCNZUXx
Frame ID: 37CB4D79601CD4B8A9BD313C245FA9E7
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
Frame ID: CB74DAB1A49CB815CFCBEB610D0D1034
Requests: 27 HTTP requests in this frame

Frame: https://go.maxweb.com/conversion/iframe/?a=6644&token=70017f079661ac00f777bce5e0a4e509
Frame ID: 765C4F116EC4869B6ADDBEA26445A7B7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Memory Loss Discovery

Page URL History Show full URLs

  1. http://21-domain.biz/rd/c13441WRjSd3326127SVJf155iQE17123UFnx1100 Page URL
  2. http://21-domain.biz/track/c13441WRjSd3326127SVJf155iQE17123UFnx1100 HTTP 302
    https://www.crackedjiggle.com/CXBZT2/BZB4FZF/?sub1=8&sub2=1100-13441&sub3=3326127-155-17123 HTTP 302
    https://mwdazzling.com/6644/78/10/?&subid=e6cf274379c4420097fe0f824adb6081&subid2=241&subid3=8 HTTP 302
    https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

58
Requests

97 %
HTTPS

0 %
IPv6

17
Domains

19
Subdomains

18
IPs

3
Countries

3003 kB
Transfer

5648 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://21-domain.biz/rd/c13441WRjSd3326127SVJf155iQE17123UFnx1100 Page URL
  2. http://21-domain.biz/track/c13441WRjSd3326127SVJf155iQE17123UFnx1100 HTTP 302
    https://www.crackedjiggle.com/CXBZT2/BZB4FZF/?sub1=8&sub2=1100-13441&sub3=3326127-155-17123 HTTP 302
    https://mwdazzling.com/6644/78/10/?&subid=e6cf274379c4420097fe0f824adb6081&subid2=241&subid3=8 HTTP 302
    https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
c13441WRjSd3326127SVJf155iQE17123UFnx1100
21-domain.biz/rd/ 		235 B
352 B 		Document
General
Check archive.org
Download Go to
Full URL
http://21-domain.biz/rd/c13441WRjSd3326127SVJf155iQE17123UFnx1100
Protocol
HTTP/1.1
Server
152.70.239.203 Seoul, Korea, Republic Of, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
21-domain.biz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Date
Sun, 19 Sep 2021 06:59:14 GMT
Content-Length
235
Primary Request report
memosurge.com/
Redirect Chain
  • http://21-domain.biz/track/c13441WRjSd3326127SVJf155iQE17123UFnx1100
  • https://www.crackedjiggle.com/CXBZT2/BZB4FZF/?sub1=8&sub2=1100-13441&sub3=3326127-155-17123
  • https://mwdazzling.com/6644/78/10/?&subid=e6cf274379c4420097fe0f824adb6081&subid2=241&subid3=8
  • https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
273 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Requested by
Host: 21-domain.biz
URL: http://21-domain.biz/rd/c13441WRjSd3326127SVJf155iQE17123UFnx1100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.91.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46686dc978c6f6c2014883eaafa8d0fa52c3ee4a260b382be98b43fa38cfbf86

Request headers

:method
GET
:authority
memosurge.com
:scheme
https
:path
/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://21-domain.biz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://21-domain.biz/rd/c13441WRjSd3326127SVJf155iQE17123UFnx1100

Response headers

date
Sun, 19 Sep 2021 06:59:17 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Inhldm1JUExldmRkeGQxMCtBSlVtVmc9PSIsInZhbHVlIjoiK3NiY2NhWE5nbTBBelIvcS96UTRla2V2OFpKUXpFMEUvV25Rdzd3Qi90K1loQXhDbmpJWW8wSUo5QkxWejI2eiIsIm1hYyI6IjhiOGQ4NGU3ZDMzMjhkZmFhMWE5NjZhNDFmYTNiYTFkNzk4ODFkMjFiZjFlYzNkMjVjNjIyMjBiNmY3N2Q5OWQifQ%3D%3D; expires=Wed, 29-Sep-2021 06:59:17 GMT; Max-Age=864000; path=/; samesite=lax _=eyJpdiI6ImJRQ3hPc1kveVRpcG5oUUM2Q3FXUUE9PSIsInZhbHVlIjoiaG9mS1BMbDJYV2d2TDdROXZNYWlIallsNXhoWUlSV0piTUpsV1d1RFFucTBxaDRaUCtybC9sZmNXc1AzUkxRUyIsIm1hYyI6IjI1YjNkMGZlYjI1ZTBhZmZkOGIzMjE3NzJmMmEwM2NhZTUxMWQ1YWVlYjE5NDgyY2I4ZDRkMTdiYWRkNDk2ZWMifQ%3D%3D; expires=Wed, 29-Sep-2021 06:59:17 GMT; Max-Age=864000; path=/; httponly; samesite=lax referrer=eyJpdiI6Ik44QzBuWmpWRkF6RkxITkNKQ2hCSWc9PSIsInZhbHVlIjoiWTc1c21vVS9jRjBMQmRmR2czd3p4UUYwWE5rYVlWTU5rVlI3YXFySlkyalZJekFKYWZvVUtGY3IyK1BIRnc5dSIsIm1hYyI6ImNlYTVmNzZlNzliMDA4ODBjY2NkMTkxZDcxY2U0OTZhNmUwOGE2YTRjOTllYzA5NjJjNDljMjYzYTk2MzNkYmYifQ%3D%3D; expires=Fri, 24-Sep-2021 06:59:17 GMT; Max-Age=432000; path=/; httponly; samesite=lax affiliate=eyJpdiI6Im41YUM2MytBN1FPMkl5a3Y2QlZ6N2c9PSIsInZhbHVlIjoiem1Edmh1clVKSUZkdm1YanBaejIxUT09IiwibWFjIjoiZmJlMDhlNDIxOGZlMjgxYjE2MDNiNjQ5MWIzYTQ3OWJkOWFiZDJhZTRjMzcxMGQ4NGJkYTM2Y2RiMmRkMTg5ZSJ9; expires=Fri, 24-Sep-2021 06:59:17 GMT; Max-Age=432000; path=/; httponly; samesite=lax pixels=eyJpdiI6InFaYUUrTUFEN2F4b0VPZy83UWo4SXc9PSIsInZhbHVlIjoiTTBGTkVGMWphUGhmNEZONUhuYUNLM0RrTGxQRVQxODZVUU9CUzJGMXdZbGVlODRrelVwdHB1Ty9tQ2psWjN2aC8zVENzMDljeE9nSVRaYndxc2NqK3lnOWZGdnNBTDlQeEZRcUNIOHNIbEk9IiwibWFjIjoiMTdkNmJhMTM4MzkzZThkZTEzNTM2MzhkZDZmNTA3ZDk0YjUzOWIzZmIzY2JkYzMxYzY2MmQ2ZTI2M2I2YzYxYiJ9; expires=Fri, 24-Sep-2021 06:59:17 GMT; Max-Age=432000; path=/; httponly; samesite=lax hp=eyJpdiI6Ik5JQmxZSFlUcE1SVzcvMlZiRUsvbnc9PSIsInZhbHVlIjoiT21KWmh4Y0FjMDZwWjAybHBwaTVUUU9ESm1NRHhtMkRmWnZybkVTZ1UzeUtFdjA0OXk1Mnhrajg5TjZuYW9xSyIsIm1hYyI6IjlkZWZhZDA1OTA5MmM3YWQxMmU0MGExYjkxNmU2NjFiZGI2ZjE1OWQ3NGY1MjA0OWYzNWNjYjA5MDk3Nzg1NDkifQ%3D%3D; expires=Fri, 24-Sep-2021 06:59:17 GMT; Max-Age=432000; path=/; httponly; samesite=lax
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMY85GW3ZWP8MWDko9MPE4xsJFCTYxduTAldzAKoQNyVtpxJhRaNGvnvqGQfZiq%2FJv43wK2bYoECu%2Br1LCEA5QuDZbd3HELq9bqq80ce%2F6WgFcsaxQgQi1NkIrJiWqSS"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6910ee2f2d0b4114-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

server
nginx
date
Sun, 19 Sep 2021 06:59:16 GMT
content-type
text/html; charset=UTF-8
transfer-encoding
chunked
keep-alive
timeout=2
cache-control
max-age=3600 private
pragma
no-cache
location
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
expires
Sun, 19 Sep 2021 07:59:16 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
app.css
memosurge.com/css/ 		35 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://memosurge.com/css/app.css?id=df5988de2a679fa8ac71
Requested by
Host: memosurge.com
URL: https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.91.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
147cea28898ed1dcde2282d11f27b992a509df97c7cc72fe80c9af8a88d6e7f8

Request headers

:path
/css/app.css?id=df5988de2a679fa8ac71
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Inhldm1JUExldmRkeGQxMCtBSlVtVmc9PSIsInZhbHVlIjoiK3NiY2NhWE5nbTBBelIvcS96UTRla2V2OFpKUXpFMEUvV25Rdzd3Qi90K1loQXhDbmpJWW8wSUo5QkxWejI2eiIsIm1hYyI6IjhiOGQ4NGU3ZDMzMjhkZmFhMWE5NjZhNDFmYTNiYTFkNzk4ODFkMjFiZjFlYzNkMjVjNjIyMjBiNmY3N2Q5OWQifQ%3D%3D; _=eyJpdiI6ImJRQ3hPc1kveVRpcG5oUUM2Q3FXUUE9PSIsInZhbHVlIjoiaG9mS1BMbDJYV2d2TDdROXZNYWlIallsNXhoWUlSV0piTUpsV1d1RFFucTBxaDRaUCtybC9sZmNXc1AzUkxRUyIsIm1hYyI6IjI1YjNkMGZlYjI1ZTBhZmZkOGIzMjE3NzJmMmEwM2NhZTUxMWQ1YWVlYjE5NDgyY2I4ZDRkMTdiYWRkNDk2ZWMifQ%3D%3D; referrer=eyJpdiI6Ik44QzBuWmpWRkF6RkxITkNKQ2hCSWc9PSIsInZhbHVlIjoiWTc1c21vVS9jRjBMQmRmR2czd3p4UUYwWE5rYVlWTU5rVlI3YXFySlkyalZJekFKYWZvVUtGY3IyK1BIRnc5dSIsIm1hYyI6ImNlYTVmNzZlNzliMDA4ODBjY2NkMTkxZDcxY2U0OTZhNmUwOGE2YTRjOTllYzA5NjJjNDljMjYzYTk2MzNkYmYifQ%3D%3D; affiliate=eyJpdiI6Im41YUM2MytBN1FPMkl5a3Y2QlZ6N2c9PSIsInZhbHVlIjoiem1Edmh1clVKSUZkdm1YanBaejIxUT09IiwibWFjIjoiZmJlMDhlNDIxOGZlMjgxYjE2MDNiNjQ5MWIzYTQ3OWJkOWFiZDJhZTRjMzcxMGQ4NGJkYTM2Y2RiMmRkMTg5ZSJ9; pixels=eyJpdiI6InFaYUUrTUFEN2F4b0VPZy83UWo4SXc9PSIsInZhbHVlIjoiTTBGTkVGMWphUGhmNEZONUhuYUNLM0RrTGxQRVQxODZVUU9CUzJGMXdZbGVlODRrelVwdHB1Ty9tQ2psWjN2aC8zVENzMDljeE9nSVRaYndxc2NqK3lnOWZGdnNBTDlQeEZRcUNIOHNIbEk9IiwibWFjIjoiMTdkNmJhMTM4MzkzZThkZTEzNTM2MzhkZDZmNTA3ZDk0YjUzOWIzZmIzY2JkYzMxYzY2MmQ2ZTI2M2I2YzYxYiJ9; hp=eyJpdiI6Ik5JQmxZSFlUcE1SVzcvMlZiRUsvbnc9PSIsInZhbHVlIjoiT21KWmh4Y0FjMDZwWjAybHBwaTVUUU9ESm1NRHhtMkRmWnZybkVTZ1UzeUtFdjA0OXk1Mnhrajg5TjZuYW9xSyIsIm1hYyI6IjlkZWZhZDA1OTA5MmM3YWQxMmU0MGExYjkxNmU2NjFiZGI2ZjE1OWQ3NGY1MjA0OWYzNWNjYjA5MDk3Nzg1NDkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
memosurge.com
referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:59:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 08 Apr 2021 08:05:26 GMT
server
cloudflare
age
6932
etag
W/"606eb946-8a29"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwP2EvjJ42mbfjyjv0LQCcOGtmbgyom8Wwj2BnL3kveBk%2B6Ubyrhq28W2feYRGwZpdHbe1Wmpbp5wk%2B17gr9c0rMyNE2f4OzRT9S5o3RlkkDKfcqshLFQWDbjBuasegi"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6910ee32899c4114-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		99 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-62785402-60
Requested by
Host: memosurge.com
URL: https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f136.1e100.net
Software
Google Tag Manager /
Resource Hash
b382b9c4225c21c4b29347753f77d1f284d4ab4a99284c676195be5992b8a055
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:59:17 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40346
x-xss-protection
0
last-modified
Sun, 19 Sep 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 19 Sep 2021 06:59:17 GMT
img1.jpg
memosurge.com/images/custom/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://memosurge.com/images/custom/img1.jpg
Requested by
Host: memosurge.com
URL: https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f8f934f56e520953929597562e70bb0df328994f73156d23df97535b14e4c9

Request headers

:path
/images/custom/img1.jpg
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Inhldm1JUExldmRkeGQxMCtBSlVtVmc9PSIsInZhbHVlIjoiK3NiY2NhWE5nbTBBelIvcS96UTRla2V2OFpKUXpFMEUvV25Rdzd3Qi90K1loQXhDbmpJWW8wSUo5QkxWejI2eiIsIm1hYyI6IjhiOGQ4NGU3ZDMzMjhkZmFhMWE5NjZhNDFmYTNiYTFkNzk4ODFkMjFiZjFlYzNkMjVjNjIyMjBiNmY3N2Q5OWQifQ%3D%3D; _=eyJpdiI6ImJRQ3hPc1kveVRpcG5oUUM2Q3FXUUE9PSIsInZhbHVlIjoiaG9mS1BMbDJYV2d2TDdROXZNYWlIallsNXhoWUlSV0piTUpsV1d1RFFucTBxaDRaUCtybC9sZmNXc1AzUkxRUyIsIm1hYyI6IjI1YjNkMGZlYjI1ZTBhZmZkOGIzMjE3NzJmMmEwM2NhZTUxMWQ1YWVlYjE5NDgyY2I4ZDRkMTdiYWRkNDk2ZWMifQ%3D%3D; referrer=eyJpdiI6Ik44QzBuWmpWRkF6RkxITkNKQ2hCSWc9PSIsInZhbHVlIjoiWTc1c21vVS9jRjBMQmRmR2czd3p4UUYwWE5rYVlWTU5rVlI3YXFySlkyalZJekFKYWZvVUtGY3IyK1BIRnc5dSIsIm1hYyI6ImNlYTVmNzZlNzliMDA4ODBjY2NkMTkxZDcxY2U0OTZhNmUwOGE2YTRjOTllYzA5NjJjNDljMjYzYTk2MzNkYmYifQ%3D%3D; affiliate=eyJpdiI6Im41YUM2MytBN1FPMkl5a3Y2QlZ6N2c9PSIsInZhbHVlIjoiem1Edmh1clVKSUZkdm1YanBaejIxUT09IiwibWFjIjoiZmJlMDhlNDIxOGZlMjgxYjE2MDNiNjQ5MWIzYTQ3OWJkOWFiZDJhZTRjMzcxMGQ4NGJkYTM2Y2RiMmRkMTg5ZSJ9; pixels=eyJpdiI6InFaYUUrTUFEN2F4b0VPZy83UWo4SXc9PSIsInZhbHVlIjoiTTBGTkVGMWphUGhmNEZONUhuYUNLM0RrTGxQRVQxODZVUU9CUzJGMXdZbGVlODRrelVwdHB1Ty9tQ2psWjN2aC8zVENzMDljeE9nSVRaYndxc2NqK3lnOWZGdnNBTDlQeEZRcUNIOHNIbEk9IiwibWFjIjoiMTdkNmJhMTM4MzkzZThkZTEzNTM2MzhkZDZmNTA3ZDk0YjUzOWIzZmIzY2JkYzMxYzY2MmQ2ZTI2M2I2YzYxYiJ9; hp=eyJpdiI6Ik5JQmxZSFlUcE1SVzcvMlZiRUsvbnc9PSIsInZhbHVlIjoiT21KWmh4Y0FjMDZwWjAybHBwaTVUUU9ESm1NRHhtMkRmWnZybkVTZ1UzeUtFdjA0OXk1Mnhrajg5TjZuYW9xSyIsIm1hYyI6IjlkZWZhZDA1OTA5MmM3YWQxMmU0MGExYjkxNmU2NjFiZGI2ZjE1OWQ3NGY1MjA0OWYzNWNjYjA5MDk3Nzg1NDkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
memosurge.com
referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:59:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6932
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77230
last-modified
Thu, 01 Apr 2021 18:01:17 GMT
server
cloudflare
etag
"60660a6d-12dae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LADcJWosqDUqtEd5lMF2Qx5IKq3qiKwKacWlt9d4jI6i0x%2Bqcu8FMyRczOcLeKk7kUc1XvLGFPc5olojbrAzIauHe4R9aVeqQxK%2BBW7FAwa8mtXPptNa68XPinUAbotg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6910ee32bbbf4126-PRG
bottle.png
memosurge.com/images/custom/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://memosurge.com/images/custom/bottle.png
Requested by
Host: memosurge.com
URL: https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e71777dc0787ae49c3e69bc67d14401f64194220ca475e54b6c1516d6a0fa48

Request headers

:path
/images/custom/bottle.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Inhldm1JUExldmRkeGQxMCtBSlVtVmc9PSIsInZhbHVlIjoiK3NiY2NhWE5nbTBBelIvcS96UTRla2V2OFpKUXpFMEUvV25Rdzd3Qi90K1loQXhDbmpJWW8wSUo5QkxWejI2eiIsIm1hYyI6IjhiOGQ4NGU3ZDMzMjhkZmFhMWE5NjZhNDFmYTNiYTFkNzk4ODFkMjFiZjFlYzNkMjVjNjIyMjBiNmY3N2Q5OWQifQ%3D%3D; _=eyJpdiI6ImJRQ3hPc1kveVRpcG5oUUM2Q3FXUUE9PSIsInZhbHVlIjoiaG9mS1BMbDJYV2d2TDdROXZNYWlIallsNXhoWUlSV0piTUpsV1d1RFFucTBxaDRaUCtybC9sZmNXc1AzUkxRUyIsIm1hYyI6IjI1YjNkMGZlYjI1ZTBhZmZkOGIzMjE3NzJmMmEwM2NhZTUxMWQ1YWVlYjE5NDgyY2I4ZDRkMTdiYWRkNDk2ZWMifQ%3D%3D; referrer=eyJpdiI6Ik44QzBuWmpWRkF6RkxITkNKQ2hCSWc9PSIsInZhbHVlIjoiWTc1c21vVS9jRjBMQmRmR2czd3p4UUYwWE5rYVlWTU5rVlI3YXFySlkyalZJekFKYWZvVUtGY3IyK1BIRnc5dSIsIm1hYyI6ImNlYTVmNzZlNzliMDA4ODBjY2NkMTkxZDcxY2U0OTZhNmUwOGE2YTRjOTllYzA5NjJjNDljMjYzYTk2MzNkYmYifQ%3D%3D; affiliate=eyJpdiI6Im41YUM2MytBN1FPMkl5a3Y2QlZ6N2c9PSIsInZhbHVlIjoiem1Edmh1clVKSUZkdm1YanBaejIxUT09IiwibWFjIjoiZmJlMDhlNDIxOGZlMjgxYjE2MDNiNjQ5MWIzYTQ3OWJkOWFiZDJhZTRjMzcxMGQ4NGJkYTM2Y2RiMmRkMTg5ZSJ9; pixels=eyJpdiI6InFaYUUrTUFEN2F4b0VPZy83UWo4SXc9PSIsInZhbHVlIjoiTTBGTkVGMWphUGhmNEZONUhuYUNLM0RrTGxQRVQxODZVUU9CUzJGMXdZbGVlODRrelVwdHB1Ty9tQ2psWjN2aC8zVENzMDljeE9nSVRaYndxc2NqK3lnOWZGdnNBTDlQeEZRcUNIOHNIbEk9IiwibWFjIjoiMTdkNmJhMTM4MzkzZThkZTEzNTM2MzhkZDZmNTA3ZDk0YjUzOWIzZmIzY2JkYzMxYzY2MmQ2ZTI2M2I2YzYxYiJ9; hp=eyJpdiI6Ik5JQmxZSFlUcE1SVzcvMlZiRUsvbnc9PSIsInZhbHVlIjoiT21KWmh4Y0FjMDZwWjAybHBwaTVUUU9ESm1NRHhtMkRmWnZybkVTZ1UzeUtFdjA0OXk1Mnhrajg5TjZuYW9xSyIsIm1hYyI6IjlkZWZhZDA1OTA5MmM3YWQxMmU0MGExYjkxNmU2NjFiZGI2ZjE1OWQ3NGY1MjA0OWYzNWNjYjA5MDk3Nzg1NDkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
memosurge.com
referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:59:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6932
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
59148
last-modified
Thu, 01 Apr 2021 18:01:17 GMT
server
cloudflare
etag
"60660a6d-e70c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbK7QLVEZBgq7%2F8gfMUVGA%2BQ5xqDwKqBxW3Ytk24iu7cHuJs08PWl%2BGHseqJ0GPMW%2BbLdl8ssYGRcWo%2BSzEZQ0A4ziRVzcE53eUpJ2ZCmeT4z9wv6UYlllmibCR8eM8s"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6910ee32fc214126-PRG
1-bottle.png
memosurge.com/images/products/prod7/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://memosurge.com/images/products/prod7/1-bottle.png
Requested by
Host: memosurge.com
URL: https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e71777dc0787ae49c3e69bc67d14401f64194220ca475e54b6c1516d6a0fa48

Request headers

:path
/images/products/prod7/1-bottle.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Inhldm1JUExldmRkeGQxMCtBSlVtVmc9PSIsInZhbHVlIjoiK3NiY2NhWE5nbTBBelIvcS96UTRla2V2OFpKUXpFMEUvV25Rdzd3Qi90K1loQXhDbmpJWW8wSUo5QkxWejI2eiIsIm1hYyI6IjhiOGQ4NGU3ZDMzMjhkZmFhMWE5NjZhNDFmYTNiYTFkNzk4ODFkMjFiZjFlYzNkMjVjNjIyMjBiNmY3N2Q5OWQifQ%3D%3D; _=eyJpdiI6ImJRQ3hPc1kveVRpcG5oUUM2Q3FXUUE9PSIsInZhbHVlIjoiaG9mS1BMbDJYV2d2TDdROXZNYWlIallsNXhoWUlSV0piTUpsV1d1RFFucTBxaDRaUCtybC9sZmNXc1AzUkxRUyIsIm1hYyI6IjI1YjNkMGZlYjI1ZTBhZmZkOGIzMjE3NzJmMmEwM2NhZTUxMWQ1YWVlYjE5NDgyY2I4ZDRkMTdiYWRkNDk2ZWMifQ%3D%3D; referrer=eyJpdiI6Ik44QzBuWmpWRkF6RkxITkNKQ2hCSWc9PSIsInZhbHVlIjoiWTc1c21vVS9jRjBMQmRmR2czd3p4UUYwWE5rYVlWTU5rVlI3YXFySlkyalZJekFKYWZvVUtGY3IyK1BIRnc5dSIsIm1hYyI6ImNlYTVmNzZlNzliMDA4ODBjY2NkMTkxZDcxY2U0OTZhNmUwOGE2YTRjOTllYzA5NjJjNDljMjYzYTk2MzNkYmYifQ%3D%3D; affiliate=eyJpdiI6Im41YUM2MytBN1FPMkl5a3Y2QlZ6N2c9PSIsInZhbHVlIjoiem1Edmh1clVKSUZkdm1YanBaejIxUT09IiwibWFjIjoiZmJlMDhlNDIxOGZlMjgxYjE2MDNiNjQ5MWIzYTQ3OWJkOWFiZDJhZTRjMzcxMGQ4NGJkYTM2Y2RiMmRkMTg5ZSJ9; pixels=eyJpdiI6InFaYUUrTUFEN2F4b0VPZy83UWo4SXc9PSIsInZhbHVlIjoiTTBGTkVGMWphUGhmNEZONUhuYUNLM0RrTGxQRVQxODZVUU9CUzJGMXdZbGVlODRrelVwdHB1Ty9tQ2psWjN2aC8zVENzMDljeE9nSVRaYndxc2NqK3lnOWZGdnNBTDlQeEZRcUNIOHNIbEk9IiwibWFjIjoiMTdkNmJhMTM4MzkzZThkZTEzNTM2MzhkZDZmNTA3ZDk0YjUzOWIzZmIzY2JkYzMxYzY2MmQ2ZTI2M2I2YzYxYiJ9; hp=eyJpdiI6Ik5JQmxZSFlUcE1SVzcvMlZiRUsvbnc9PSIsInZhbHVlIjoiT21KWmh4Y0FjMDZwWjAybHBwaTVUUU9ESm1NRHhtMkRmWnZybkVTZ1UzeUtFdjA0OXk1Mnhrajg5TjZuYW9xSyIsIm1hYyI6IjlkZWZhZDA1OTA5MmM3YWQxMmU0MGExYjkxNmU2NjFiZGI2ZjE1OWQ3NGY1MjA0OWYzNWNjYjA5MDk3Nzg1NDkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
memosurge.com
referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:59:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6931
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
59148
last-modified
Thu, 01 Apr 2021 18:01:17 GMT
server
cloudflare
etag
"60660a6d-e70c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lY%2B9%2FYM7dhPh96K%2FsDl%2FYp8J6i%2BJjZlIpnkZ0vW39m5znI9RPSfY83gKAIMd%2BHLagR82hG0PVkmbsaphplW7RDhVk4ZB5m1XEmNeZl4vtOXjzrq529h2Pmr2sinZ0hO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6910ee32fc224126-PRG
6-bottles.png
memosurge.com/images/products/prod9/ 		160 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://memosurge.com/images/products/prod9/6-bottles.png
Requested by
Host: memosurge.com
URL: https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99998b1b810f795afab9e8b57f0353d669f2f52bc7ce9f6d70414a00a22d409c

Request headers

:path
/images/products/prod9/6-bottles.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Inhldm1JUExldmRkeGQxMCtBSlVtVmc9PSIsInZhbHVlIjoiK3NiY2NhWE5nbTBBelIvcS96UTRla2V2OFpKUXpFMEUvV25Rdzd3Qi90K1loQXhDbmpJWW8wSUo5QkxWejI2eiIsIm1hYyI6IjhiOGQ4NGU3ZDMzMjhkZmFhMWE5NjZhNDFmYTNiYTFkNzk4ODFkMjFiZjFlYzNkMjVjNjIyMjBiNmY3N2Q5OWQifQ%3D%3D; _=eyJpdiI6ImJRQ3hPc1kveVRpcG5oUUM2Q3FXUUE9PSIsInZhbHVlIjoiaG9mS1BMbDJYV2d2TDdROXZNYWlIallsNXhoWUlSV0piTUpsV1d1RFFucTBxaDRaUCtybC9sZmNXc1AzUkxRUyIsIm1hYyI6IjI1YjNkMGZlYjI1ZTBhZmZkOGIzMjE3NzJmMmEwM2NhZTUxMWQ1YWVlYjE5NDgyY2I4ZDRkMTdiYWRkNDk2ZWMifQ%3D%3D; referrer=eyJpdiI6Ik44QzBuWmpWRkF6RkxITkNKQ2hCSWc9PSIsInZhbHVlIjoiWTc1c21vVS9jRjBMQmRmR2czd3p4UUYwWE5rYVlWTU5rVlI3YXFySlkyalZJekFKYWZvVUtGY3IyK1BIRnc5dSIsIm1hYyI6ImNlYTVmNzZlNzliMDA4ODBjY2NkMTkxZDcxY2U0OTZhNmUwOGE2YTRjOTllYzA5NjJjNDljMjYzYTk2MzNkYmYifQ%3D%3D; affiliate=eyJpdiI6Im41YUM2MytBN1FPMkl5a3Y2QlZ6N2c9PSIsInZhbHVlIjoiem1Edmh1clVKSUZkdm1YanBaejIxUT09IiwibWFjIjoiZmJlMDhlNDIxOGZlMjgxYjE2MDNiNjQ5MWIzYTQ3OWJkOWFiZDJhZTRjMzcxMGQ4NGJkYTM2Y2RiMmRkMTg5ZSJ9; pixels=eyJpdiI6InFaYUUrTUFEN2F4b0VPZy83UWo4SXc9PSIsInZhbHVlIjoiTTBGTkVGMWphUGhmNEZONUhuYUNLM0RrTGxQRVQxODZVUU9CUzJGMXdZbGVlODRrelVwdHB1Ty9tQ2psWjN2aC8zVENzMDljeE9nSVRaYndxc2NqK3lnOWZGdnNBTDlQeEZRcUNIOHNIbEk9IiwibWFjIjoiMTdkNmJhMTM4MzkzZThkZTEzNTM2MzhkZDZmNTA3ZDk0YjUzOWIzZmIzY2JkYzMxYzY2MmQ2ZTI2M2I2YzYxYiJ9; hp=eyJpdiI6Ik5JQmxZSFlUcE1SVzcvMlZiRUsvbnc9PSIsInZhbHVlIjoiT21KWmh4Y0FjMDZwWjAybHBwaTVUUU9ESm1NRHhtMkRmWnZybkVTZ1UzeUtFdjA0OXk1Mnhrajg5TjZuYW9xSyIsIm1hYyI6IjlkZWZhZDA1OTA5MmM3YWQxMmU0MGExYjkxNmU2NjFiZGI2ZjE1OWQ3NGY1MjA0OWYzNWNjYjA5MDk3Nzg1NDkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
memosurge.com
referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:59:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6931
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
164188
last-modified
Thu, 01 Apr 2021 18:01:17 GMT
server
cloudflare
etag
"60660a6d-2815c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91sixa9ZYxcGS4pxo89oKiAir3fRfhRiZC86AcbzWLnH1iyOed78QoPaMJjLQpcc98zIf2AJxxc%2Fl68aS7sk%2BaHltmx2m%2FEy4vDrVSjQA%2Fojao8Mj%2BegvnohLiooTxJ%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6910ee32fc234126-PRG
3-bottles.png
memosurge.com/images/products/prod8/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://memosurge.com/images/products/prod8/3-bottles.png
Requested by
Host: memosurge.com
URL: https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a0f1fc230a486d43ae4a4d154337f27e8516735e9d0d22a102093fc1f1ca2d

Request headers

:path
/images/products/prod8/3-bottles.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Inhldm1JUExldmRkeGQxMCtBSlVtVmc9PSIsInZhbHVlIjoiK3NiY2NhWE5nbTBBelIvcS96UTRla2V2OFpKUXpFMEUvV25Rdzd3Qi90K1loQXhDbmpJWW8wSUo5QkxWejI2eiIsIm1hYyI6IjhiOGQ4NGU3ZDMzMjhkZmFhMWE5NjZhNDFmYTNiYTFkNzk4ODFkMjFiZjFlYzNkMjVjNjIyMjBiNmY3N2Q5OWQifQ%3D%3D; _=eyJpdiI6ImJRQ3hPc1kveVRpcG5oUUM2Q3FXUUE9PSIsInZhbHVlIjoiaG9mS1BMbDJYV2d2TDdROXZNYWlIallsNXhoWUlSV0piTUpsV1d1RFFucTBxaDRaUCtybC9sZmNXc1AzUkxRUyIsIm1hYyI6IjI1YjNkMGZlYjI1ZTBhZmZkOGIzMjE3NzJmMmEwM2NhZTUxMWQ1YWVlYjE5NDgyY2I4ZDRkMTdiYWRkNDk2ZWMifQ%3D%3D; referrer=eyJpdiI6Ik44QzBuWmpWRkF6RkxITkNKQ2hCSWc9PSIsInZhbHVlIjoiWTc1c21vVS9jRjBMQmRmR2czd3p4UUYwWE5rYVlWTU5rVlI3YXFySlkyalZJekFKYWZvVUtGY3IyK1BIRnc5dSIsIm1hYyI6ImNlYTVmNzZlNzliMDA4ODBjY2NkMTkxZDcxY2U0OTZhNmUwOGE2YTRjOTllYzA5NjJjNDljMjYzYTk2MzNkYmYifQ%3D%3D; affiliate=eyJpdiI6Im41YUM2MytBN1FPMkl5a3Y2QlZ6N2c9PSIsInZhbHVlIjoiem1Edmh1clVKSUZkdm1YanBaejIxUT09IiwibWFjIjoiZmJlMDhlNDIxOGZlMjgxYjE2MDNiNjQ5MWIzYTQ3OWJkOWFiZDJhZTRjMzcxMGQ4NGJkYTM2Y2RiMmRkMTg5ZSJ9; pixels=eyJpdiI6InFaYUUrTUFEN2F4b0VPZy83UWo4SXc9PSIsInZhbHVlIjoiTTBGTkVGMWphUGhmNEZONUhuYUNLM0RrTGxQRVQxODZVUU9CUzJGMXdZbGVlODRrelVwdHB1Ty9tQ2psWjN2aC8zVENzMDljeE9nSVRaYndxc2NqK3lnOWZGdnNBTDlQeEZRcUNIOHNIbEk9IiwibWFjIjoiMTdkNmJhMTM4MzkzZThkZTEzNTM2MzhkZDZmNTA3ZDk0YjUzOWIzZmIzY2JkYzMxYzY2MmQ2ZTI2M2I2YzYxYiJ9; hp=eyJpdiI6Ik5JQmxZSFlUcE1SVzcvMlZiRUsvbnc9PSIsInZhbHVlIjoiT21KWmh4Y0FjMDZwWjAybHBwaTVUUU9ESm1NRHhtMkRmWnZybkVTZ1UzeUtFdjA0OXk1Mnhrajg5TjZuYW9xSyIsIm1hYyI6IjlkZWZhZDA1OTA5MmM3YWQxMmU0MGExYjkxNmU2NjFiZGI2ZjE1OWQ3NGY1MjA0OWYzNWNjYjA5MDk3Nzg1NDkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
memosurge.com
referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:59:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6931
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
124058
last-modified
Thu, 01 Apr 2021 18:01:17 GMT
server
cloudflare
etag
"60660a6d-1e49a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYA1KAOrKwl3Okj10wu%2BPeVla8XDaiYbmvxGlczocb3grFR5mSVvi6O2Jbg%2Btr%2FJXL9gpYEcDuG2Qvi4Z3siNfbY%2F38x9m2ep%2FEFp5CUB86sNRRyevImd9QHvhkL%2ByJn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6910ee32fc244126-PRG
css2
fonts.googleapis.com/ 		8 KB
726 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;900
Requested by
Host: memosurge.com
URL: https://memosurge.com/css/app.css?id=df5988de2a679fa8ac71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
fb61ad40f58efbf657662af1f5521484ddfa743ca506c4fec39b2bd7a307adb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 19 Sep 2021 06:59:17 GMT
server
ESF
date
Sun, 19 Sep 2021 06:59:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Sep 2021 06:59:17 GMT
css2
fonts.googleapis.com/ 		7 KB
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700;800
Requested by
Host: memosurge.com
URL: https://memosurge.com/css/app.css?id=df5988de2a679fa8ac71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
4fe887a962bb99611a0fb826dffa77824671862aad22084b82d26785a27e9bae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 19 Sep 2021 06:59:17 GMT
server
ESF
date
Sun, 19 Sep 2021 06:59:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Sep 2021 06:59:17 GMT
css2
fonts.googleapis.com/ 		702 B
417 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Sacramento
Requested by
Host: memosurge.com
URL: https://memosurge.com/css/app.css?id=df5988de2a679fa8ac71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
afc4e5ddda3a76bbb4c8c3e6f81725a8b13f26e3d49a474366e575a2c3039841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 19 Sep 2021 06:59:17 GMT
server
ESF
date
Sun, 19 Sep 2021 06:59:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Sep 2021 06:59:17 GMT
css2
fonts.googleapis.com/ 		2 KB
1022 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400
Requested by
Host: memosurge.com
URL: https://memosurge.com/css/app.css?id=df5988de2a679fa8ac71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 19 Sep 2021 06:44:53 GMT
server
ESF
date
Sun, 19 Sep 2021 06:59:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Sep 2021 06:59:17 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://memosurge.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:30:39 GMT
x-content-type-options
nosniff
age
516518
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 07:30:39 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://memosurge.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 08:47:51 GMT
x-content-type-options
nosniff
age
339086
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 08:47:51 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://memosurge.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 15:00:06 GMT
x-content-type-options
nosniff
age
489551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19868
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:31 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 15:00:06 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-62785402-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
740
date
Sun, 19 Sep 2021 06:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 19 Sep 2021 08:46:57 GMT
buygoods.png
memosurge.com/images/app/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://memosurge.com/images/app/buygoods.png
Requested by
Host: memosurge.com
URL: https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f963522c3847eeecf8358c314f6293aa0d314fe539968df7a55c617538d5309c

Request headers

:path
/images/app/buygoods.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Inhldm1JUExldmRkeGQxMCtBSlVtVmc9PSIsInZhbHVlIjoiK3NiY2NhWE5nbTBBelIvcS96UTRla2V2OFpKUXpFMEUvV25Rdzd3Qi90K1loQXhDbmpJWW8wSUo5QkxWejI2eiIsIm1hYyI6IjhiOGQ4NGU3ZDMzMjhkZmFhMWE5NjZhNDFmYTNiYTFkNzk4ODFkMjFiZjFlYzNkMjVjNjIyMjBiNmY3N2Q5OWQifQ%3D%3D; _=eyJpdiI6ImJRQ3hPc1kveVRpcG5oUUM2Q3FXUUE9PSIsInZhbHVlIjoiaG9mS1BMbDJYV2d2TDdROXZNYWlIallsNXhoWUlSV0piTUpsV1d1RFFucTBxaDRaUCtybC9sZmNXc1AzUkxRUyIsIm1hYyI6IjI1YjNkMGZlYjI1ZTBhZmZkOGIzMjE3NzJmMmEwM2NhZTUxMWQ1YWVlYjE5NDgyY2I4ZDRkMTdiYWRkNDk2ZWMifQ%3D%3D; referrer=eyJpdiI6Ik44QzBuWmpWRkF6RkxITkNKQ2hCSWc9PSIsInZhbHVlIjoiWTc1c21vVS9jRjBMQmRmR2czd3p4UUYwWE5rYVlWTU5rVlI3YXFySlkyalZJekFKYWZvVUtGY3IyK1BIRnc5dSIsIm1hYyI6ImNlYTVmNzZlNzliMDA4ODBjY2NkMTkxZDcxY2U0OTZhNmUwOGE2YTRjOTllYzA5NjJjNDljMjYzYTk2MzNkYmYifQ%3D%3D; affiliate=eyJpdiI6Im41YUM2MytBN1FPMkl5a3Y2QlZ6N2c9PSIsInZhbHVlIjoiem1Edmh1clVKSUZkdm1YanBaejIxUT09IiwibWFjIjoiZmJlMDhlNDIxOGZlMjgxYjE2MDNiNjQ5MWIzYTQ3OWJkOWFiZDJhZTRjMzcxMGQ4NGJkYTM2Y2RiMmRkMTg5ZSJ9; pixels=eyJpdiI6InFaYUUrTUFEN2F4b0VPZy83UWo4SXc9PSIsInZhbHVlIjoiTTBGTkVGMWphUGhmNEZONUhuYUNLM0RrTGxQRVQxODZVUU9CUzJGMXdZbGVlODRrelVwdHB1Ty9tQ2psWjN2aC8zVENzMDljeE9nSVRaYndxc2NqK3lnOWZGdnNBTDlQeEZRcUNIOHNIbEk9IiwibWFjIjoiMTdkNmJhMTM4MzkzZThkZTEzNTM2MzhkZDZmNTA3ZDk0YjUzOWIzZmIzY2JkYzMxYzY2MmQ2ZTI2M2I2YzYxYiJ9; hp=eyJpdiI6Ik5JQmxZSFlUcE1SVzcvMlZiRUsvbnc9PSIsInZhbHVlIjoiT21KWmh4Y0FjMDZwWjAybHBwaTVUUU9ESm1NRHhtMkRmWnZybkVTZ1UzeUtFdjA0OXk1Mnhrajg5TjZuYW9xSyIsIm1hYyI6IjlkZWZhZDA1OTA5MmM3YWQxMmU0MGExYjkxNmU2NjFiZGI2ZjE1OWQ3NGY1MjA0OWYzNWNjYjA5MDk3Nzg1NDkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
memosurge.com
referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:59:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6931
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11016
last-modified
Thu, 01 Apr 2021 18:01:01 GMT
server
cloudflare
etag
"60660a5d-2b08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDM1Wqw84GVaZ6%2FFcAygrMsfrOWqzuswbZe%2BDY0QF2MwYG0QUYY4ccHHHNepGgFrLwbNWOHM208KXpirNKHcsd6li8v4T401qCBzJrjMuFnJJOxT3GBQ%2BTZmkdU%2B74fT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6910ee332c404126-PRG
6-bottles.png
memosurge.com/images/products/prod11/ 		160 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://memosurge.com/images/products/prod11/6-bottles.png
Requested by
Host: memosurge.com
URL: https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99998b1b810f795afab9e8b57f0353d669f2f52bc7ce9f6d70414a00a22d409c

Request headers

:path
/images/products/prod11/6-bottles.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Inhldm1JUExldmRkeGQxMCtBSlVtVmc9PSIsInZhbHVlIjoiK3NiY2NhWE5nbTBBelIvcS96UTRla2V2OFpKUXpFMEUvV25Rdzd3Qi90K1loQXhDbmpJWW8wSUo5QkxWejI2eiIsIm1hYyI6IjhiOGQ4NGU3ZDMzMjhkZmFhMWE5NjZhNDFmYTNiYTFkNzk4ODFkMjFiZjFlYzNkMjVjNjIyMjBiNmY3N2Q5OWQifQ%3D%3D; _=eyJpdiI6ImJRQ3hPc1kveVRpcG5oUUM2Q3FXUUE9PSIsInZhbHVlIjoiaG9mS1BMbDJYV2d2TDdROXZNYWlIallsNXhoWUlSV0piTUpsV1d1RFFucTBxaDRaUCtybC9sZmNXc1AzUkxRUyIsIm1hYyI6IjI1YjNkMGZlYjI1ZTBhZmZkOGIzMjE3NzJmMmEwM2NhZTUxMWQ1YWVlYjE5NDgyY2I4ZDRkMTdiYWRkNDk2ZWMifQ%3D%3D; referrer=eyJpdiI6Ik44QzBuWmpWRkF6RkxITkNKQ2hCSWc9PSIsInZhbHVlIjoiWTc1c21vVS9jRjBMQmRmR2czd3p4UUYwWE5rYVlWTU5rVlI3YXFySlkyalZJekFKYWZvVUtGY3IyK1BIRnc5dSIsIm1hYyI6ImNlYTVmNzZlNzliMDA4ODBjY2NkMTkxZDcxY2U0OTZhNmUwOGE2YTRjOTllYzA5NjJjNDljMjYzYTk2MzNkYmYifQ%3D%3D; affiliate=eyJpdiI6Im41YUM2MytBN1FPMkl5a3Y2QlZ6N2c9PSIsInZhbHVlIjoiem1Edmh1clVKSUZkdm1YanBaejIxUT09IiwibWFjIjoiZmJlMDhlNDIxOGZlMjgxYjE2MDNiNjQ5MWIzYTQ3OWJkOWFiZDJhZTRjMzcxMGQ4NGJkYTM2Y2RiMmRkMTg5ZSJ9; pixels=eyJpdiI6InFaYUUrTUFEN2F4b0VPZy83UWo4SXc9PSIsInZhbHVlIjoiTTBGTkVGMWphUGhmNEZONUhuYUNLM0RrTGxQRVQxODZVUU9CUzJGMXdZbGVlODRrelVwdHB1Ty9tQ2psWjN2aC8zVENzMDljeE9nSVRaYndxc2NqK3lnOWZGdnNBTDlQeEZRcUNIOHNIbEk9IiwibWFjIjoiMTdkNmJhMTM4MzkzZThkZTEzNTM2MzhkZDZmNTA3ZDk0YjUzOWIzZmIzY2JkYzMxYzY2MmQ2ZTI2M2I2YzYxYiJ9; hp=eyJpdiI6Ik5JQmxZSFlUcE1SVzcvMlZiRUsvbnc9PSIsInZhbHVlIjoiT21KWmh4Y0FjMDZwWjAybHBwaTVUUU9ESm1NRHhtMkRmWnZybkVTZ1UzeUtFdjA0OXk1Mnhrajg5TjZuYW9xSyIsIm1hYyI6IjlkZWZhZDA1OTA5MmM3YWQxMmU0MGExYjkxNmU2NjFiZGI2ZjE1OWQ3NGY1MjA0OWYzNWNjYjA5MDk3Nzg1NDkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
memosurge.com
referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:59:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6931
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
164188
last-modified
Thu, 01 Apr 2021 18:01:17 GMT
server
cloudflare
etag
"60660a6d-2815c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AcQUmkxklypSYV1WFRZC%2FO8OQSzN9oufs608XTdEB%2BCN%2F0RDX75yAfSoVuKnkkpIK646CYEBsD43WpY9H%2BbWzyCqSJ%2FNx43r8iYqyWBiqpoPH54RjKDubNypbjxt27j"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6910ee332c464126-PRG
email-decode.min.js
memosurge.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://memosurge.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: memosurge.com
URL: https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Inhldm1JUExldmRkeGQxMCtBSlVtVmc9PSIsInZhbHVlIjoiK3NiY2NhWE5nbTBBelIvcS96UTRla2V2OFpKUXpFMEUvV25Rdzd3Qi90K1loQXhDbmpJWW8wSUo5QkxWejI2eiIsIm1hYyI6IjhiOGQ4NGU3ZDMzMjhkZmFhMWE5NjZhNDFmYTNiYTFkNzk4ODFkMjFiZjFlYzNkMjVjNjIyMjBiNmY3N2Q5OWQifQ%3D%3D; _=eyJpdiI6ImJRQ3hPc1kveVRpcG5oUUM2Q3FXUUE9PSIsInZhbHVlIjoiaG9mS1BMbDJYV2d2TDdROXZNYWlIallsNXhoWUlSV0piTUpsV1d1RFFucTBxaDRaUCtybC9sZmNXc1AzUkxRUyIsIm1hYyI6IjI1YjNkMGZlYjI1ZTBhZmZkOGIzMjE3NzJmMmEwM2NhZTUxMWQ1YWVlYjE5NDgyY2I4ZDRkMTdiYWRkNDk2ZWMifQ%3D%3D; referrer=eyJpdiI6Ik44QzBuWmpWRkF6RkxITkNKQ2hCSWc9PSIsInZhbHVlIjoiWTc1c21vVS9jRjBMQmRmR2czd3p4UUYwWE5rYVlWTU5rVlI3YXFySlkyalZJekFKYWZvVUtGY3IyK1BIRnc5dSIsIm1hYyI6ImNlYTVmNzZlNzliMDA4ODBjY2NkMTkxZDcxY2U0OTZhNmUwOGE2YTRjOTllYzA5NjJjNDljMjYzYTk2MzNkYmYifQ%3D%3D; affiliate=eyJpdiI6Im41YUM2MytBN1FPMkl5a3Y2QlZ6N2c9PSIsInZhbHVlIjoiem1Edmh1clVKSUZkdm1YanBaejIxUT09IiwibWFjIjoiZmJlMDhlNDIxOGZlMjgxYjE2MDNiNjQ5MWIzYTQ3OWJkOWFiZDJhZTRjMzcxMGQ4NGJkYTM2Y2RiMmRkMTg5ZSJ9; pixels=eyJpdiI6InFaYUUrTUFEN2F4b0VPZy83UWo4SXc9PSIsInZhbHVlIjoiTTBGTkVGMWphUGhmNEZONUhuYUNLM0RrTGxQRVQxODZVUU9CUzJGMXdZbGVlODRrelVwdHB1Ty9tQ2psWjN2aC8zVENzMDljeE9nSVRaYndxc2NqK3lnOWZGdnNBTDlQeEZRcUNIOHNIbEk9IiwibWFjIjoiMTdkNmJhMTM4MzkzZThkZTEzNTM2MzhkZDZmNTA3ZDk0YjUzOWIzZmIzY2JkYzMxYzY2MmQ2ZTI2M2I2YzYxYiJ9; hp=eyJpdiI6Ik5JQmxZSFlUcE1SVzcvMlZiRUsvbnc9PSIsInZhbHVlIjoiT21KWmh4Y0FjMDZwWjAybHBwaTVUUU9ESm1NRHhtMkRmWnZybkVTZ1UzeUtFdjA0OXk1Mnhrajg5TjZuYW9xSyIsIm1hYyI6IjlkZWZhZDA1OTA5MmM3YWQxMmU0MGExYjkxNmU2NjFiZGI2ZjE1OWQ3NGY1MjA0OWYzNWNjYjA5MDk3Nzg1NDkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
memosurge.com
referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:59:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Sep 2021 09:29:40 GMT
server
cloudflare
etag
W/"61446004-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98cKqXTlv7XgvxdoGZszoy%2FOE%2BJ4hCKZxx2k9p%2BvWnNWNJSjcKb76QaqHrrvH4Hb0SDCRg8hixqcckHbqFSPfQMWv0jXz5L9pAFiy1GNaPCQV9KFvNnQVtz1lCWZKbEP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6910ee332c524126-PRG
vary
Accept-Encoding
expires
Tue, 21 Sep 2021 06:59:17 GMT
exit-popup.png
memosurge.com/images/custom/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://memosurge.com/images/custom/exit-popup.png
Requested by
Host: memosurge.com
URL: https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9965c019e7f84f47021eadf4b09b5ea111fe46f01737627df8558e7be9d14741

Request headers

:path
/images/custom/exit-popup.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Inhldm1JUExldmRkeGQxMCtBSlVtVmc9PSIsInZhbHVlIjoiK3NiY2NhWE5nbTBBelIvcS96UTRla2V2OFpKUXpFMEUvV25Rdzd3Qi90K1loQXhDbmpJWW8wSUo5QkxWejI2eiIsIm1hYyI6IjhiOGQ4NGU3ZDMzMjhkZmFhMWE5NjZhNDFmYTNiYTFkNzk4ODFkMjFiZjFlYzNkMjVjNjIyMjBiNmY3N2Q5OWQifQ%3D%3D; _=eyJpdiI6ImJRQ3hPc1kveVRpcG5oUUM2Q3FXUUE9PSIsInZhbHVlIjoiaG9mS1BMbDJYV2d2TDdROXZNYWlIallsNXhoWUlSV0piTUpsV1d1RFFucTBxaDRaUCtybC9sZmNXc1AzUkxRUyIsIm1hYyI6IjI1YjNkMGZlYjI1ZTBhZmZkOGIzMjE3NzJmMmEwM2NhZTUxMWQ1YWVlYjE5NDgyY2I4ZDRkMTdiYWRkNDk2ZWMifQ%3D%3D; referrer=eyJpdiI6Ik44QzBuWmpWRkF6RkxITkNKQ2hCSWc9PSIsInZhbHVlIjoiWTc1c21vVS9jRjBMQmRmR2czd3p4UUYwWE5rYVlWTU5rVlI3YXFySlkyalZJekFKYWZvVUtGY3IyK1BIRnc5dSIsIm1hYyI6ImNlYTVmNzZlNzliMDA4ODBjY2NkMTkxZDcxY2U0OTZhNmUwOGE2YTRjOTllYzA5NjJjNDljMjYzYTk2MzNkYmYifQ%3D%3D; affiliate=eyJpdiI6Im41YUM2MytBN1FPMkl5a3Y2QlZ6N2c9PSIsInZhbHVlIjoiem1Edmh1clVKSUZkdm1YanBaejIxUT09IiwibWFjIjoiZmJlMDhlNDIxOGZlMjgxYjE2MDNiNjQ5MWIzYTQ3OWJkOWFiZDJhZTRjMzcxMGQ4NGJkYTM2Y2RiMmRkMTg5ZSJ9; pixels=eyJpdiI6InFaYUUrTUFEN2F4b0VPZy83UWo4SXc9PSIsInZhbHVlIjoiTTBGTkVGMWphUGhmNEZONUhuYUNLM0RrTGxQRVQxODZVUU9CUzJGMXdZbGVlODRrelVwdHB1Ty9tQ2psWjN2aC8zVENzMDljeE9nSVRaYndxc2NqK3lnOWZGdnNBTDlQeEZRcUNIOHNIbEk9IiwibWFjIjoiMTdkNmJhMTM4MzkzZThkZTEzNTM2MzhkZDZmNTA3ZDk0YjUzOWIzZmIzY2JkYzMxYzY2MmQ2ZTI2M2I2YzYxYiJ9; hp=eyJpdiI6Ik5JQmxZSFlUcE1SVzcvMlZiRUsvbnc9PSIsInZhbHVlIjoiT21KWmh4Y0FjMDZwWjAybHBwaTVUUU9ESm1NRHhtMkRmWnZybkVTZ1UzeUtFdjA0OXk1Mnhrajg5TjZuYW9xSyIsIm1hYyI6IjlkZWZhZDA1OTA5MmM3YWQxMmU0MGExYjkxNmU2NjFiZGI2ZjE1OWQ3NGY1MjA0OWYzNWNjYjA5MDk3Nzg1NDkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
memosurge.com
referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:59:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6931
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
73301
last-modified
Thu, 01 Apr 2021 18:01:17 GMT
server
cloudflare
etag
"60660a6d-11e55"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hPHsLGbfrYzMwADOPH%2BInxLnRLTMmGqNmZl3EzAiJPmeJ0uZswZDUY7T1Tci%2F3r9eRNLykrhBO3CRb3YkhtzXeTfPkK8PSzaSHsqppkFaB0SSPKHEYdmhvbG%2FGti330"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6910ee332c534126-PRG
ext
0coitns4.embtrk.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://0coitns4.embtrk.com/ext?bid=1&o=22&vendor=6439&aff=366&subid=78&override_referrer=http%3A%2F%2F21-domain.biz%2F
Requested by
Host: memosurge.com
URL: https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.123.133.9 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.133.123.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 06:59:18 GMT
Access-Control-Request-Method
GET
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Connection
keep-alive
app.js
memosurge.com/js/ 		555 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://memosurge.com/js/app.js?id=a5d2a03ff186afa79e79
Requested by
Host: memosurge.com
URL: https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4550a55107a901b0869747d54ea68a4c9910e737576a735d1cb042d8f7f4718b

Request headers

:path
/js/app.js?id=a5d2a03ff186afa79e79
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6Inhldm1JUExldmRkeGQxMCtBSlVtVmc9PSIsInZhbHVlIjoiK3NiY2NhWE5nbTBBelIvcS96UTRla2V2OFpKUXpFMEUvV25Rdzd3Qi90K1loQXhDbmpJWW8wSUo5QkxWejI2eiIsIm1hYyI6IjhiOGQ4NGU3ZDMzMjhkZmFhMWE5NjZhNDFmYTNiYTFkNzk4ODFkMjFiZjFlYzNkMjVjNjIyMjBiNmY3N2Q5OWQifQ%3D%3D; _=eyJpdiI6ImJRQ3hPc1kveVRpcG5oUUM2Q3FXUUE9PSIsInZhbHVlIjoiaG9mS1BMbDJYV2d2TDdROXZNYWlIallsNXhoWUlSV0piTUpsV1d1RFFucTBxaDRaUCtybC9sZmNXc1AzUkxRUyIsIm1hYyI6IjI1YjNkMGZlYjI1ZTBhZmZkOGIzMjE3NzJmMmEwM2NhZTUxMWQ1YWVlYjE5NDgyY2I4ZDRkMTdiYWRkNDk2ZWMifQ%3D%3D; referrer=eyJpdiI6Ik44QzBuWmpWRkF6RkxITkNKQ2hCSWc9PSIsInZhbHVlIjoiWTc1c21vVS9jRjBMQmRmR2czd3p4UUYwWE5rYVlWTU5rVlI3YXFySlkyalZJekFKYWZvVUtGY3IyK1BIRnc5dSIsIm1hYyI6ImNlYTVmNzZlNzliMDA4ODBjY2NkMTkxZDcxY2U0OTZhNmUwOGE2YTRjOTllYzA5NjJjNDljMjYzYTk2MzNkYmYifQ%3D%3D; affiliate=eyJpdiI6Im41YUM2MytBN1FPMkl5a3Y2QlZ6N2c9PSIsInZhbHVlIjoiem1Edmh1clVKSUZkdm1YanBaejIxUT09IiwibWFjIjoiZmJlMDhlNDIxOGZlMjgxYjE2MDNiNjQ5MWIzYTQ3OWJkOWFiZDJhZTRjMzcxMGQ4NGJkYTM2Y2RiMmRkMTg5ZSJ9; pixels=eyJpdiI6InFaYUUrTUFEN2F4b0VPZy83UWo4SXc9PSIsInZhbHVlIjoiTTBGTkVGMWphUGhmNEZONUhuYUNLM0RrTGxQRVQxODZVUU9CUzJGMXdZbGVlODRrelVwdHB1Ty9tQ2psWjN2aC8zVENzMDljeE9nSVRaYndxc2NqK3lnOWZGdnNBTDlQeEZRcUNIOHNIbEk9IiwibWFjIjoiMTdkNmJhMTM4MzkzZThkZTEzNTM2MzhkZDZmNTA3ZDk0YjUzOWIzZmIzY2JkYzMxYzY2MmQ2ZTI2M2I2YzYxYiJ9; hp=eyJpdiI6Ik5JQmxZSFlUcE1SVzcvMlZiRUsvbnc9PSIsInZhbHVlIjoiT21KWmh4Y0FjMDZwWjAybHBwaTVUUU9ESm1NRHhtMkRmWnZybkVTZ1UzeUtFdjA0OXk1Mnhrajg5TjZuYW9xSyIsIm1hYyI6IjlkZWZhZDA1OTA5MmM3YWQxMmU0MGExYjkxNmU2NjFiZGI2ZjE1OWQ3NGY1MjA0OWYzNWNjYjA5MDk3Nzg1NDkifQ%3D%3D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
memosurge.com
referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:59:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 08 Apr 2021 08:05:26 GMT
server
cloudflare
age
6932
etag
W/"606eb946-8ac8f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8VtixsQlO0Su%2Bb73OdMvQJHR3hbChJPpKGjTVJhDsUbxTz7%2BhjkbbDJ7BllOH9U%2BFP9P8NcC57zE7jF01Dl8%2FKwE1THQuos1QERXQ6HJkrOMLKKsADGvK07%2Bb1XnlvJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6910ee332c544126-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v18/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
66ebd4ac253961eb0f81cd79787f1121e7dca85ecd5ad4ea4b513b43f7eb3332
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://memosurge.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 07:54:02 GMT
x-content-type-options
nosniff
age
169515
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16952
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:06 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Sep 2022 07:54:02 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1978432522&t=pageview&_s=1&dl=https%3A%2F%2Fmemosurge.com%2Freport%3Faff_id%3D366%26subid2%3D6644_sessid20210919065938042%26subid%3D78&dr=http%3A%2F%2F21-domain.biz%2F&ul=en-us&de=UTF-8&dt=Memory%20Loss%20Discovery&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=827157614&gjid=153950619&cid=234139294.1632034758&tid=UA-62785402-60&_gid=2105621410.1632034758&_r=1&gtm=2ou9f0&z=1449289485
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://memosurge.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 06:59:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://memosurge.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
tracking.buygoods.com/track/ 		5 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.buygoods.com/track/?a=6439&firstcookie=0&tracking_redirect=&referrer=http%3A%2F%2F21-domain.biz%2F&sessid2=&product=prod7,prod8,prod9,prod11&caller_url=https%3A%2F%2Fmemosurge.com%2Freport%3Faff_id%3D366%26subid2%3D6644_sessid20210919065938042%26subid%3D78
Requested by
Host: memosurge.com
URL: https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.61.196.27 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
1b.c4.3da9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
fed81dbedde950159c20381f18f22f315fdd4ac7c362b00424ab088734cdc962

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 06:59:18 GMT
server
nginx
transfer-encoding
chunked
p3p
CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control
no-cache, must-revalidate
content-type
application/javascript
keep-alive
timeout=2
expires
Tue, Jan 12 1999 01:01:01 GMT
maxweb-click
memosurge.com/pixels/ Frame 37CB 		148 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://memosurge.com/pixels/maxweb-click?key=NONhGosFB4fKzB1uKD0dl6sGjLCNZUXx
Requested by
Host: memosurge.com
URL: https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
982167dc1bb3aff2d5d86f403e20291c89370ac4c9147f4e0cd5ba5247716af6

Request headers

:method
GET
:authority
memosurge.com
:scheme
https
:path
/pixels/maxweb-click?key=NONhGosFB4fKzB1uKD0dl6sGjLCNZUXx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
accept-encoding
gzip, deflate, br
cookie
XSRF-TOKEN=eyJpdiI6Inhldm1JUExldmRkeGQxMCtBSlVtVmc9PSIsInZhbHVlIjoiK3NiY2NhWE5nbTBBelIvcS96UTRla2V2OFpKUXpFMEUvV25Rdzd3Qi90K1loQXhDbmpJWW8wSUo5QkxWejI2eiIsIm1hYyI6IjhiOGQ4NGU3ZDMzMjhkZmFhMWE5NjZhNDFmYTNiYTFkNzk4ODFkMjFiZjFlYzNkMjVjNjIyMjBiNmY3N2Q5OWQifQ%3D%3D; _=eyJpdiI6ImJRQ3hPc1kveVRpcG5oUUM2Q3FXUUE9PSIsInZhbHVlIjoiaG9mS1BMbDJYV2d2TDdROXZNYWlIallsNXhoWUlSV0piTUpsV1d1RFFucTBxaDRaUCtybC9sZmNXc1AzUkxRUyIsIm1hYyI6IjI1YjNkMGZlYjI1ZTBhZmZkOGIzMjE3NzJmMmEwM2NhZTUxMWQ1YWVlYjE5NDgyY2I4ZDRkMTdiYWRkNDk2ZWMifQ%3D%3D; referrer=eyJpdiI6Ik44QzBuWmpWRkF6RkxITkNKQ2hCSWc9PSIsInZhbHVlIjoiWTc1c21vVS9jRjBMQmRmR2czd3p4UUYwWE5rYVlWTU5rVlI3YXFySlkyalZJekFKYWZvVUtGY3IyK1BIRnc5dSIsIm1hYyI6ImNlYTVmNzZlNzliMDA4ODBjY2NkMTkxZDcxY2U0OTZhNmUwOGE2YTRjOTllYzA5NjJjNDljMjYzYTk2MzNkYmYifQ%3D%3D; affiliate=eyJpdiI6Im41YUM2MytBN1FPMkl5a3Y2QlZ6N2c9PSIsInZhbHVlIjoiem1Edmh1clVKSUZkdm1YanBaejIxUT09IiwibWFjIjoiZmJlMDhlNDIxOGZlMjgxYjE2MDNiNjQ5MWIzYTQ3OWJkOWFiZDJhZTRjMzcxMGQ4NGJkYTM2Y2RiMmRkMTg5ZSJ9; pixels=eyJpdiI6InFaYUUrTUFEN2F4b0VPZy83UWo4SXc9PSIsInZhbHVlIjoiTTBGTkVGMWphUGhmNEZONUhuYUNLM0RrTGxQRVQxODZVUU9CUzJGMXdZbGVlODRrelVwdHB1Ty9tQ2psWjN2aC8zVENzMDljeE9nSVRaYndxc2NqK3lnOWZGdnNBTDlQeEZRcUNIOHNIbEk9IiwibWFjIjoiMTdkNmJhMTM4MzkzZThkZTEzNTM2MzhkZDZmNTA3ZDk0YjUzOWIzZmIzY2JkYzMxYzY2MmQ2ZTI2M2I2YzYxYiJ9; hp=eyJpdiI6Ik5JQmxZSFlUcE1SVzcvMlZiRUsvbnc9PSIsInZhbHVlIjoiT21KWmh4Y0FjMDZwWjAybHBwaTVUUU9ESm1NRHhtMkRmWnZybkVTZ1UzeUtFdjA0OXk1Mnhrajg5TjZuYW9xSyIsIm1hYyI6IjlkZWZhZDA1OTA5MmM3YWQxMmU0MGExYjkxNmU2NjFiZGI2ZjE1OWQ3NGY1MjA0OWYzNWNjYjA5MDk3Nzg1NDkifQ%3D%3D; _ga=GA1.2.234139294.1632034758; _gid=GA1.2.2105621410.1632034758; _gat_gtag_UA_62785402_60=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78

Response headers

date
Sun, 19 Sep 2021 06:59:17 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6InBvR25GRkdhWkdGeGNjRlc4K2RUYVE9PSIsInZhbHVlIjoiRmZESzFIRU9WeXo4QkowdHBscTJtY01JSk55RFg3aXBJdnFXY0RFTU5TWWtkQTJ3WEF5NFp6dlcvclJuVmQ2RyIsIm1hYyI6IjQxMWNiZDIyMzk4YTM0Mjc5MDZhNTNhYWI0YjQ1YjgzNDhmZTMwYThjMTQ5MGVkZmQ1NmMyZmY0Nzg0ZDQwZTAifQ%3D%3D; expires=Wed, 29-Sep-2021 06:59:17 GMT; Max-Age=864000; path=/; samesite=lax _=eyJpdiI6ImtDWWJZVXpmeGVvdklSa0tUaTZMN0E9PSIsInZhbHVlIjoiWDhMR2M2c0x6cDdnOWdkYWx2OXVDNGZjZW51OFRYN0pHa2JDR1AwcHY3NTRnbEFUMTg0am1hRC9xRzR0QlpSMyIsIm1hYyI6ImNmZjdjOWIzYjMyMWNmNzBhOTAyMzYyMzgwZGQ1MTAxMjY0Yjg2ZTM1NWJkYWVmOGJiNGNmZDE2Y2FkOGE1MWUifQ%3D%3D; expires=Wed, 29-Sep-2021 06:59:17 GMT; Max-Age=864000; path=/; httponly; samesite=lax referrer=eyJpdiI6ImxHZ3Y4c3p1Z2t2STA5amJyNDZmWEE9PSIsInZhbHVlIjoiaFNPalBMMXY3OGZuWGRYNzZJY2tDMCt5QVQzdVdGYk1iV1gyVExZSkpBUnJrSDVlZkE4REhkMVdqUXVvbmNwNm14OGljb0VZR2dWcnBob2E2SnNPbUUwcFd4OXVjVGxoWWZaZUZBbkpDdm5pV3lzVFIxM2tSaVhIenc4R3VRTHBaLzcxQWhHcEVJeGE0dFlFd0JGMGRRPT0iLCJtYWMiOiIwMGVlMTQ5OTY4M2NiYjAyZjM3M2MwZDc5NGEwZDMyZDEzMzIzMzk0YTFlNmQzOTFhZTY4MDNjMzQ4NTFiMmJmIn0%3D; expires=Fri, 24-Sep-2021 06:59:17 GMT; Max-Age=432000; path=/; httponly; samesite=lax pixels=eyJpdiI6IlRQeDIrc3dSVWc2T055ei92cnNFY2c9PSIsInZhbHVlIjoiUjNXakM2cU8zWE56ZGdXeUdGdHRwb1dUb0d6Q09kUXpTUklCYm83UUVaYks3ajluNHFlNzFJaWREMG51UjlzQSIsIm1hYyI6ImZhMWRjNmEzMjA5N2QyY2ZkODg4NTc2YzBkMTYyZjFiZGNjM2Q0ZDVjZGM0MTVjMGU5YTI0M2ZjZGQzNDk2MmQifQ%3D%3D; expires=Fri, 24-Sep-2021 06:59:17 GMT; Max-Age=432000; path=/; httponly; samesite=lax
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KY%2B%2Brk4Z5JqH2t%2BcW5g8SXI7UQ1QtARYddsCJEQqzmkU33xBKv0YRaH5iNh%2BMzF7AreTroXK7bp0NUSCy0PbBQyBRn2L%2Bm6Dmfg%2FMb5v5zFa0d7%2FaJQTFY0K0QC18Tup"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6910ee33bd1c4126-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
iframe_api
www.youtube.com/ 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: memosurge.com
URL: https://memosurge.com/js/app.js?id=a5d2a03ff186afa79e79
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
15f82c1390578d6d20727a3bb7191dc62d07b221005c34f191eddae4cfe0e21b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:59:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires
Sun, 19 Sep 2021 06:59:17 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-62785402-60&cid=234139294.1632034758&jid=827157614&gjid=153950619&_gid=2105621410.1632034758&_u=YEBAAUAAAAAAAC~&z=1600088526
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://memosurge.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 19 Sep 2021 06:59:17 GMT
content-type
text/plain
access-control-allow-origin
https://memosurge.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ff8e4bff-f179-47ee-8dca-b544bb9455f4
https://memosurge.com/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://memosurge.com/ff8e4bff-f179-47ee-8dca-b544bb9455f4
Requested by
Host: memosurge.com
URL: https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
www-widgetapi.js
www.youtube.com/s/player/d7a19ed1/www-widgetapi.vflset/ 		135 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d7a19ed1/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
sffe /
Resource Hash
16de1d7645521d4b2909a9590e266c6a19dd4992b357f984d05b8e0683245bae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:58:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
69
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 21:16:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 19 Sep 2022 06:58:08 GMT
gypl_P0JWf8
www.youtube.com/embed/ Frame CB74 		56 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
9341de192317ce1f553a5a06c3429174a4b8df458b956cada0e8b7b7cfeba668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://memosurge.com/
accept-encoding
gzip, deflate, br
cookie
YSC=Y92Hr3gzuKU; VISITOR_INFO1_LIVE=KHviksyCL2U
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 19 Sep 2021 06:59:17 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
go.maxweb.com/conversion/iframe/ Frame 765C 		60 B
630 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go.maxweb.com/conversion/iframe/?a=6644&token=70017f079661ac00f777bce5e0a4e509
Requested by
Host: memosurge.com
URL: https://memosurge.com/pixels/maxweb-click?key=NONhGosFB4fKzB1uKD0dl6sGjLCNZUXx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.61.196.30 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
1e.c4.3da9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
f7a29c696bd827e4f8a4be565d1a38e140b0fbaaa9ea15fafe7dae6745380194

Request headers

Host
go.maxweb.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://memosurge.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://memosurge.com/

Response headers

server
nginx
date
Sun, 19 Sep 2021 06:59:18 GMT
content-type
text/html; charset=UTF-8
transfer-encoding
chunked
keep-alive
timeout=2
vary
Accept-Encoding
expires
Sun, 19 Sep 2021 07:59:18 GMT
cache-control
max-age=3600 private
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-encoding
gzip
www-player-webp.css
www.youtube.com/s/player/d7a19ed1/ Frame CB74 		329 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d7a19ed1/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
sffe /
Resource Hash
f0e6e2a301ea8e5884386e6780410150c1963082e8f39072361cda670e72558c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 07:39:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
83961
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46352
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 21:16:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 18 Sep 2022 07:39:56 GMT
www-embed-player.js
www.youtube.com/s/player/d7a19ed1/www-embed-player.vflset/ Frame CB74 		201 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d7a19ed1/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
sffe /
Resource Hash
405618050d05b34ee30b7434fe54da5aba80e997c722fce87cbe8bf37dc767ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
201308
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67291
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 21:16:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 16 Sep 2022 23:04:09 GMT
base.js
www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame CB74 		2 MB
505 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
sffe /
Resource Hash
356457fa6fd6703c1102e7d720768399835813e210e8910f83ba2f2e76ce3085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:06:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
201174
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
516948
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 21:16:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 16 Sep 2022 23:06:23 GMT
fetch-polyfill.js
www.youtube.com/s/player/d7a19ed1/fetch-polyfill.vflset/ Frame CB74 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d7a19ed1/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 20:12:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
38790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 21:16:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 18 Sep 2022 20:12:47 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CB74 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:58:13 GMT
x-content-type-options
nosniff
age
471664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 19:58:13 GMT
id
googleads.g.doubleclick.net/pagead/ Frame CB74
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
21856a322ca34154f1669ed4c848a787e790660c6e216af1df1b4ee68b9b032c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:59:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 19 Sep 2021 06:59:18 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame CB74 		29 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:57:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
80
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Sun, 19 Sep 2021 07:12:58 GMT
3kAHTdcT5fG0Js-DZv11sXxKdgJzwYcAKGwQ7tsGiFU.js
www.google.com/js/th/ Frame CB74 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/3kAHTdcT5fG0Js-DZv11sXxKdgJzwYcAKGwQ7tsGiFU.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
sffe /
Resource Hash
de40074dd713e5f1b426cf8366fd75b17c4a760273c18700286c10eedb068855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 14:42:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
231414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13157
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 13:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 16 Sep 2022 14:42:24 GMT
embed.js
www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame CB74 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
sffe /
Resource Hash
a5b43ebebb44674128bee8be97e893868e07ca3d5512310a0c22fe975b7c2739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:16:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
200589
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7340
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 21:16:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 16 Sep 2022 23:16:09 GMT
truncated
/ Frame CB74 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
AKedOLRYIUKfFwjqcbS4nyZyCdPnbN_bXJioa1853A=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CB74 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLRYIUKfFwjqcbS4nyZyCdPnbN_bXJioa1853A=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
fife /
Resource Hash
634cb97e54a59abcdd5bcf8afbc2829f4008a8b9303913246f2b868427c4c46d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:07:24 GMT
x-content-type-options
nosniff
server
fife
age
6714
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1025
x-xss-protection
0
expires
Mon, 20 Sep 2021 05:07:24 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/gypl_P0JWf8/ Frame CB74 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/gypl_P0JWf8/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.182 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f22.1e100.net
Software
sffe /
Resource Hash
025ae58e033dfc6ea8e759622ac581df6b9f5cdafc02578fe0cb50206ac5fb95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 05:44:12 GMT
x-content-type-options
nosniff
age
4506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16898
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 19 Sep 2021 07:44:12 GMT
player
www.youtube.com/youtubei/v1/ Frame CB74 		56 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
c54893838e2cb2004f5e95d072d09de0ca1747ba7114cd163e61fed0ccf05b2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20210915.1.2
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-Goog-Visitor-Id
CgtLSHZpa3N5Q0wyVSjFv5uKBg%3D%3D
Content-Type
application/json

Response headers

date
Sun, 19 Sep 2021 06:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17964
x-xss-protection
0
generate_204
www.youtube.com/ Frame CB74 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?kCIBAQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:59:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
qoe
www.youtube.com/api/stats/ Frame CB74 		0
19 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=244&afmt=251&cpn=Bk093u2tLtGI85ql&ei=xt9GYc_9Cs_UgAfruprwDg&el=embedded&docid=gypl_P0JWf8&ns=yt&fexp=23894289%2C23983296%2C24001373%2C24002022%2C24002025%2C24002922%2C24004644%2C24007246%2C24064674%2C24080738%2C24082662%2C24084120%2C24096481%2C24101842%2C24632128&cl=397162147&seq=1&cbr=Chrome&cbrver=92.0.4515.159&c=WEB_EMBEDDED_PLAYER&cver=1.20210915.1.2&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.007:B,0.124:B,0.124:B&cmt=0.007:0.000,0.124:0.000&ctmp=cc:t.114;useVodTrack&afs=0.124:251::i&vfs=0.124:244:244::r&view=0.124:892:624&bwe=0.124:130000&bat=0.124:1:1&vis=0.124:0&bh=0.124:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 06:59:18 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r1---sn-4g5ednd7.googlevideo.com/ Frame CB74 		192 KB
193 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1632056358&ei=xt9GYc_9Cs_UgAfruprwDg&ip=216.131.114.66&id=o-ADGp7Eh4Bq4j8AZW6qZoJ5K4BVlF8NUbV4B4EmGdRNBm&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=fL&mm=31%2C26&mn=sn-4g5ednd7%2Csn-2gb7sn7s&ms=au%2Conr&mv=m&mvi=1&pl=24&initcwndbps=180000&vprv=1&mime=video%2Fwebm&ns=8baBl72AZWD91Km36fA-cHIG&gir=yes&clen=32642615&dur=3050.249&lmt=1631988238431651&mt=1632034368&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5535434&n=7igyL9yOM36tjw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgB0hAPzsTDQAKCgrMh-D8N3py6JUkPO3ULYgkxyyx9TwCIF-6hqB6hiHaCQP7tuX7rNj1lKBV4lDhJqCtANvtn0Qw&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgFemE3c8xE8Bvxf9_kEN_WEOviWj-HL98LOZDTC6Q_zgCIETFiPs3F5oiIarC71q672HiPxH6KPNiNNrGaFdhpnK4&alr=yes&cpn=Bk093u2tLtGI85ql&cver=1.20210915.1.2&range=0-196814&rn=1&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.125.162.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s60-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
d145cd2f0beaf099afa8380b716c915cd8b3fba453fd09674cc44417de12ec8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 06:59:18 GMT
X-Restrict-Formats-Hint
None
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
196815
Last-Modified
Sat, 18 Sep 2021 18:03:58 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/webm
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
X-Content-Type-Options
nosniff
Expires
Sun, 19 Sep 2021 06:59:18 GMT
videoplayback
r1---sn-4g5ednd7.googlevideo.com/ Frame CB74 		70 KB
71 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1632056358&ei=xt9GYc_9Cs_UgAfruprwDg&ip=216.131.114.66&id=o-ADGp7Eh4Bq4j8AZW6qZoJ5K4BVlF8NUbV4B4EmGdRNBm&itag=251&source=youtube&requiressl=yes&mh=fL&mm=31%2C26&mn=sn-4g5ednd7%2Csn-2gb7sn7s&ms=au%2Conr&mv=m&mvi=1&pl=24&initcwndbps=180000&vprv=1&mime=audio%2Fwebm&ns=8baBl72AZWD91Km36fA-cHIG&gir=yes&clen=53936995&dur=3050.281&lmt=1631960835525645&mt=1632034368&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=7igyL9yOM36tjw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJk2vhS2DFObUU580RKiTLZrXIzPN5CMw3xFRfAY4bTBAiEAh-auoxqQT9zJclKU5-FZX7_7b0q55pogvb5BImmPJxY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgFemE3c8xE8Bvxf9_kEN_WEOviWj-HL98LOZDTC6Q_zgCIETFiPs3F5oiIarC71q672HiPxH6KPNiNNrGaFdhpnK4&alr=yes&cpn=Bk093u2tLtGI85ql&cver=1.20210915.1.2&range=0-71211&rn=2&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.125.162.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s60-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
6ab649d85667e968435267ccc0276c349ebaa2088818a862500c255af018309a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 06:59:18 GMT
X-Content-Type-Options
nosniff
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
71212
Last-Modified
Sat, 18 Sep 2021 10:27:15 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
audio/webm
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
Expires
Sun, 19 Sep 2021 06:59:18 GMT
endscreen.js
www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame CB74 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/endscreen.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
sffe /
Resource Hash
b219c775b483ef8b92a2310b53c5066f2ccc661bf8126194efc49fa2febbe40d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 13:47:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
148328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7110
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 21:16:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 17 Sep 2022 13:47:10 GMT
next
www.youtube.com/youtubei/v1/ Frame CB74 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
9c217b58ef63af80a8b861c949618b599d054ec30fd7fd7f70f7cfac936babcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20210915.1.2
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-Goog-Visitor-Id
CgtLSHZpa3N5Q0wyVSjFv5uKBg%3D%3D
Content-Type
application/json

Response headers

date
Sun, 19 Sep 2021 06:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1180
x-xss-protection
0
videoplayback
r1---sn-4g5ednd7.googlevideo.com/ Frame CB74 		179 KB
179 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1632056358&ei=xt9GYc_9Cs_UgAfruprwDg&ip=216.131.114.66&id=o-ADGp7Eh4Bq4j8AZW6qZoJ5K4BVlF8NUbV4B4EmGdRNBm&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=fL&mm=31%2C26&mn=sn-4g5ednd7%2Csn-2gb7sn7s&ms=au%2Conr&mv=m&mvi=1&pl=24&initcwndbps=180000&vprv=1&mime=video%2Fwebm&ns=8baBl72AZWD91Km36fA-cHIG&gir=yes&clen=32642615&dur=3050.249&lmt=1631988238431651&mt=1632034368&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5535434&n=7igyL9yOM36tjw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgB0hAPzsTDQAKCgrMh-D8N3py6JUkPO3ULYgkxyyx9TwCIF-6hqB6hiHaCQP7tuX7rNj1lKBV4lDhJqCtANvtn0Qw&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgFemE3c8xE8Bvxf9_kEN_WEOviWj-HL98LOZDTC6Q_zgCIETFiPs3F5oiIarC71q672HiPxH6KPNiNNrGaFdhpnK4&alr=yes&cpn=Bk093u2tLtGI85ql&cver=1.20210915.1.2&range=196815-380447&rn=3&rbuf=2687
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.162.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s60-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
a847d55f649259b7d4a59b006e94704af495eb43b2752eca8991e40271a33b3c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:59:18 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
183633
client-protocol
quic
last-modified
Sat, 18 Sep 2021 18:03:58 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Sun, 19 Sep 2021 06:59:18 GMT
videoplayback
r1---sn-4g5ednd7.googlevideo.com/ Frame CB74 		79 KB
79 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1632056358&ei=xt9GYc_9Cs_UgAfruprwDg&ip=216.131.114.66&id=o-ADGp7Eh4Bq4j8AZW6qZoJ5K4BVlF8NUbV4B4EmGdRNBm&itag=251&source=youtube&requiressl=yes&mh=fL&mm=31%2C26&mn=sn-4g5ednd7%2Csn-2gb7sn7s&ms=au%2Conr&mv=m&mvi=1&pl=24&initcwndbps=180000&vprv=1&mime=audio%2Fwebm&ns=8baBl72AZWD91Km36fA-cHIG&gir=yes&clen=53936995&dur=3050.281&lmt=1631960835525645&mt=1632034368&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=7igyL9yOM36tjw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJk2vhS2DFObUU580RKiTLZrXIzPN5CMw3xFRfAY4bTBAiEAh-auoxqQT9zJclKU5-FZX7_7b0q55pogvb5BImmPJxY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgFemE3c8xE8Bvxf9_kEN_WEOviWj-HL98LOZDTC6Q_zgCIETFiPs3F5oiIarC71q672HiPxH6KPNiNNrGaFdhpnK4&alr=yes&cpn=Bk093u2tLtGI85ql&cver=1.20210915.1.2&range=71212-151861&rn=4&rbuf=4484
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.162.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s60-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
d9ea4b18c6c44775818a592969e63b8eef714722436ccdf5ff773b51c42e8439
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:59:18 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80650
client-protocol
quic
last-modified
Sat, 18 Sep 2021 10:27:15 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sun, 19 Sep 2021 06:59:18 GMT
videoplayback
r1---sn-4g5ednd7.googlevideo.com/ Frame CB74 		443 KB
443 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1632056358&ei=xt9GYc_9Cs_UgAfruprwDg&ip=216.131.114.66&id=o-ADGp7Eh4Bq4j8AZW6qZoJ5K4BVlF8NUbV4B4EmGdRNBm&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=fL&mm=31%2C26&mn=sn-4g5ednd7%2Csn-2gb7sn7s&ms=au%2Conr&mv=m&mvi=1&pl=24&initcwndbps=180000&vprv=1&mime=video%2Fwebm&ns=8baBl72AZWD91Km36fA-cHIG&gir=yes&clen=32642615&dur=3050.249&lmt=1631988238431651&mt=1632034368&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5535434&n=7igyL9yOM36tjw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgB0hAPzsTDQAKCgrMh-D8N3py6JUkPO3ULYgkxyyx9TwCIF-6hqB6hiHaCQP7tuX7rNj1lKBV4lDhJqCtANvtn0Qw&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgFemE3c8xE8Bvxf9_kEN_WEOviWj-HL98LOZDTC6Q_zgCIETFiPs3F5oiIarC71q672HiPxH6KPNiNNrGaFdhpnK4&alr=yes&cpn=Bk093u2tLtGI85ql&cver=1.20210915.1.2&range=380448-834320&rn=5&rbuf=5333
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.162.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s60-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
cfa901a15a7f83e9630f742adf28ef21267ccfc748be5c2d6e9ddff2842b2713
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:59:18 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453873
client-protocol
quic
last-modified
Sat, 18 Sep 2021 18:03:58 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Sun, 19 Sep 2021 06:59:18 GMT
videoplayback
r1---sn-4g5ednd7.googlevideo.com/ Frame CB74 		187 KB
187 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1632056358&ei=xt9GYc_9Cs_UgAfruprwDg&ip=216.131.114.66&id=o-ADGp7Eh4Bq4j8AZW6qZoJ5K4BVlF8NUbV4B4EmGdRNBm&itag=251&source=youtube&requiressl=yes&mh=fL&mm=31%2C26&mn=sn-4g5ednd7%2Csn-2gb7sn7s&ms=au%2Conr&mv=m&mvi=1&pl=24&initcwndbps=180000&vprv=1&mime=audio%2Fwebm&ns=8baBl72AZWD91Km36fA-cHIG&gir=yes&clen=53936995&dur=3050.281&lmt=1631960835525645&mt=1632034368&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=7igyL9yOM36tjw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJk2vhS2DFObUU580RKiTLZrXIzPN5CMw3xFRfAY4bTBAiEAh-auoxqQT9zJclKU5-FZX7_7b0q55pogvb5BImmPJxY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgFemE3c8xE8Bvxf9_kEN_WEOviWj-HL98LOZDTC6Q_zgCIETFiPs3F5oiIarC71q672HiPxH6KPNiNNrGaFdhpnK4&alr=yes&cpn=Bk093u2tLtGI85ql&cver=1.20210915.1.2&range=151862-343126&rn=6&rbuf=10001
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.162.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s60-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
199246724f45a149057732045cd775b42fbbb4a6e5343f968ed59a43492dddd1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:59:18 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191265
client-protocol
quic
last-modified
Sat, 18 Sep 2021 10:27:15 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sun, 19 Sep 2021 06:59:18 GMT
playback
www.youtube.com/api/stats/ Frame CB74 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=Bk093u2tLtGI85ql&docid=gypl_P0JWf8&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fgypl_P0JWf8%3Fmute%3Dtrue%26controls%3D0%26modestbranding%3D1%26rel%3D0%26playsinline%3D1%26start%3D0%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fmemosurge.com%26widgetid%3D1&cmt=0.054&ei=xt9GYc_9Cs_UgAfruprwDg&fmt=244&fs=0&rt=0.305&of=wbAUJoLFDaeeOSJrHXH1sg&euri=https%3A%2F%2Fmemosurge.com%2F&lact=355&cl=397162147&mos=1&vm=CAEQABgEOjJBS1JhaHdDdVRsNEhiRThLQ1NIbXdzeXdoMjdSdnNuenJJckFuZHQ5eVFycGxaMnRMd2JQQVBta0tESjNoSkZtZ1RWUUtoNEk0cjdNRGlJQlVJNS1YbExzWmlGQnA5X24wdHp6ZXcxQnJOZEJtZG5LWnpidHJoVE1Id2NQYV9rZHFJQ2c&volume=100&cbr=Chrome&cbrver=92.0.4515.159&c=WEB_EMBEDDED_PLAYER&cver=1.20210915.1.2&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=de_DE&cr=US&len=3051&fexp=23894289%2C23983296%2C24001373%2C24002022%2C24002025%2C24002922%2C24004644%2C24007246%2C24064674%2C24080738%2C24082662%2C24084120%2C24096481%2C24101842%2C24632128&rtn=6&afmt=251&size=892%3A624&inview=0&muted=1
Requested by
Host: memosurge.com
URL: https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 06:59:18 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ptracking
www.youtube.com/ Frame CB74 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/ptracking?html5=1&video_id=gypl_P0JWf8&cpn=Bk093u2tLtGI85ql&ei=xt9GYc_9Cs_UgAfruprwDg&ptk=youtube_none&pltype=contentugc
Requested by
Host: memosurge.com
URL: https://memosurge.com/report?aff_id=366&subid2=6644_sessid20210919065938042&subid=78
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 06:59:18 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame CB74 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/gypl_P0JWf8?mute=true&controls=0&modestbranding=1&rel=0&playsinline=1&start=0&enablejsapi=1&origin=https%3A%2F%2Fmemosurge.com&widgetid=1
X-YouTube-Client-Version
1.20210915.1.2
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtLSHZpa3N5Q0wyVSjFv5uKBg%3D%3D
X-YouTube-Ad-Signals
dt=1632034757985&flash=0&frm=2&u_tz&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C892%2C624&vis=1&wgl=true&ca_type=image&bid=ANyPxKqF_FMkvs6fklLoWKagW-d95pr_B3SdzA5U-5HVu1Z6i25eIAW7AViqgnDYTpl1lge_hSl0BNJH0g3triSfScx4NgYakw

Response headers

date
Sun, 19 Sep 2021 06:59:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster object| App function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData string| mysrc object| newScript object| s function| ReadCookie function| getUrlParameter function| elementIsVisible function| scrollToElement function| _debounce number| modalZIndex object| modals function| Modal function| getModal function| openModal function| closeModal function| Dropdown function| showExitPopup object| vttjs function| WebVTT object| _wq object| __SENTRY__ object| player function| onYouTubeIframeAPIReady function| scrollToPlayer function| resizePlayers function| getStarted function| hideTranscriptButton object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions boolean| playerReady object| spitoday object| spiexpire function| SPIGetDomainName string| hostname object| spi_myNodelist number| spi_i string| spi_pattern_enc_bg string| spi_pattern_base_bg string| spi_replace_str_bg string| spi_pattern_enc_bg_html string| spi_pattern_base_bg_html string| spi_replace_str_bg_html string| spi_pattern_enc_spi string| spi_pattern_base_spi string| spi_replace_str_spi string| spi_pattern_enc_cbd string| spi_pattern_base_cbd string| spi_replace_str_cbd string| spi_replace_enc_cbd string| spi_replace_enc_bg string| spi_replace_enc_bg_html string| spi_replace_enc_spi string| spi_track_link

19 Cookies

Domain/Path Name / Value
memosurge.com/ Name: affiliate
Value: eyJpdiI6Im41YUM2MytBN1FPMkl5a3Y2QlZ6N2c9PSIsInZhbHVlIjoiem1Edmh1clVKSUZkdm1YanBaejIxUT09IiwibWFjIjoiZmJlMDhlNDIxOGZlMjgxYjE2MDNiNjQ5MWIzYTQ3OWJkOWFiZDJhZTRjMzcxMGQ4NGJkYTM2Y2RiMmRkMTg5ZSJ9
memosurge.com/ Name: hp
Value: eyJpdiI6Ik5JQmxZSFlUcE1SVzcvMlZiRUsvbnc9PSIsInZhbHVlIjoiT21KWmh4Y0FjMDZwWjAybHBwaTVUUU9ESm1NRHhtMkRmWnZybkVTZ1UzeUtFdjA0OXk1Mnhrajg5TjZuYW9xSyIsIm1hYyI6IjlkZWZhZDA1OTA5MmM3YWQxMmU0MGExYjkxNmU2NjFiZGI2ZjE1OWQ3NGY1MjA0OWYzNWNjYjA5MDk3Nzg1NDkifQ%3D%3D
.memosurge.com/ Name: _ga
Value: GA1.2.234139294.1632034758
.memosurge.com/ Name: _gid
Value: GA1.2.2105621410.1632034758
.memosurge.com/ Name: _gat_gtag_UA_62785402_60
Value: 1
memosurge.com/ Name: visited
Value: 1632034757729
.youtube.com/ Name: YSC
Value: Y92Hr3gzuKU
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: KHviksyCL2U
memosurge.com/ Name: XSRF-TOKEN
Value: eyJpdiI6InBvR25GRkdhWkdGeGNjRlc4K2RUYVE9PSIsInZhbHVlIjoiRmZESzFIRU9WeXo4QkowdHBscTJtY01JSk55RFg3aXBJdnFXY0RFTU5TWWtkQTJ3WEF5NFp6dlcvclJuVmQ2RyIsIm1hYyI6IjQxMWNiZDIyMzk4YTM0Mjc5MDZhNTNhYWI0YjQ1YjgzNDhmZTMwYThjMTQ5MGVkZmQ1NmMyZmY0Nzg0ZDQwZTAifQ%3D%3D
memosurge.com/ Name: _
Value: eyJpdiI6ImtDWWJZVXpmeGVvdklSa0tUaTZMN0E9PSIsInZhbHVlIjoiWDhMR2M2c0x6cDdnOWdkYWx2OXVDNGZjZW51OFRYN0pHa2JDR1AwcHY3NTRnbEFUMTg0am1hRC9xRzR0QlpSMyIsIm1hYyI6ImNmZjdjOWIzYjMyMWNmNzBhOTAyMzYyMzgwZGQ1MTAxMjY0Yjg2ZTM1NWJkYWVmOGJiNGNmZDE2Y2FkOGE1MWUifQ%3D%3D
memosurge.com/ Name: referrer
Value: eyJpdiI6ImxHZ3Y4c3p1Z2t2STA5amJyNDZmWEE9PSIsInZhbHVlIjoiaFNPalBMMXY3OGZuWGRYNzZJY2tDMCt5QVQzdVdGYk1iV1gyVExZSkpBUnJrSDVlZkE4REhkMVdqUXVvbmNwNm14OGljb0VZR2dWcnBob2E2SnNPbUUwcFd4OXVjVGxoWWZaZUZBbkpDdm5pV3lzVFIxM2tSaVhIenc4R3VRTHBaLzcxQWhHcEVJeGE0dFlFd0JGMGRRPT0iLCJtYWMiOiIwMGVlMTQ5OTY4M2NiYjAyZjM3M2MwZDc5NGEwZDMyZDEzMzIzMzk0YTFlNmQzOTFhZTY4MDNjMzQ4NTFiMmJmIn0%3D
memosurge.com/ Name: pixels
Value: eyJpdiI6IlRQeDIrc3dSVWc2T055ei92cnNFY2c9PSIsInZhbHVlIjoiUjNXakM2cU8zWE56ZGdXeUdGdHRwb1dUb0d6Q09kUXpTUklCYm83UUVaYks3ajluNHFlNzFJaWREMG51UjlzQSIsIm1hYyI6ImZhMWRjNmEzMjA5N2QyY2ZkODg4NTc2YzBkMTYyZjFiZGNjM2Q0ZDVjZGM0MTVjMGU5YTI0M2ZjZGQzNDk2MmQifQ%3D%3D
.doubleclick.net/ Name: IDE
Value: AHWqTUkE2_yTqRSo-3FJ4nOJP0Us-42QBk4jWo0hRmInuyV_v9T0JD3-6miyg7tH
.memosurge.com/ Name: sessid2
Value: sessid20210919065928649
.memosurge.com/ Name: spi_funnel_codename
Value:
.memosurge.com/ Name: aff_id
Value: 366
.memosurge.com/ Name: sid
Value: 78%7C6644_sessid20210919065938042
.memosurge.com/ Name: campaign_id
Value:
.memosurge.com/ Name: referrer
Value: 216.131.114.66:21-domain.biz:memosurge.com%2Freport

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0coitns4.embtrk.com
21-domain.biz
fonts.googleapis.com
fonts.gstatic.com
go.maxweb.com
googleads.g.doubleclick.net
i.ytimg.com
memosurge.com
mwdazzling.com
r1---sn-4g5ednd7.googlevideo.com
static.doubleclick.net
stats.g.doubleclick.net
tracking.buygoods.com
www.crackedjiggle.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.youtube.com
yt3.ggpht.com
104.21.91.198
142.250.181.225
142.250.185.100
142.250.185.142
142.250.185.174
142.250.185.66
142.250.186.138
142.250.186.182
142.250.186.99
142.250.74.198
142.251.5.154
152.70.239.203
169.61.196.27
169.61.196.30
172.217.16.136
209.236.123.240
34.123.133.9
74.125.162.102
025ae58e033dfc6ea8e759622ac581df6b9f5cdafc02578fe0cb50206ac5fb95
0e71777dc0787ae49c3e69bc67d14401f64194220ca475e54b6c1516d6a0fa48
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
147cea28898ed1dcde2282d11f27b992a509df97c7cc72fe80c9af8a88d6e7f8
15f82c1390578d6d20727a3bb7191dc62d07b221005c34f191eddae4cfe0e21b
16de1d7645521d4b2909a9590e266c6a19dd4992b357f984d05b8e0683245bae
199246724f45a149057732045cd775b42fbbb4a6e5343f968ed59a43492dddd1
21856a322ca34154f1669ed4c848a787e790660c6e216af1df1b4ee68b9b032c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
356457fa6fd6703c1102e7d720768399835813e210e8910f83ba2f2e76ce3085
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
405618050d05b34ee30b7434fe54da5aba80e997c722fce87cbe8bf37dc767ae
4550a55107a901b0869747d54ea68a4c9910e737576a735d1cb042d8f7f4718b
46686dc978c6f6c2014883eaafa8d0fa52c3ee4a260b382be98b43fa38cfbf86
4fe887a962bb99611a0fb826dffa77824671862aad22084b82d26785a27e9bae
58a0f1fc230a486d43ae4a4d154337f27e8516735e9d0d22a102093fc1f1ca2d
634cb97e54a59abcdd5bcf8afbc2829f4008a8b9303913246f2b868427c4c46d
66ebd4ac253961eb0f81cd79787f1121e7dca85ecd5ad4ea4b513b43f7eb3332
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6ab649d85667e968435267ccc0276c349ebaa2088818a862500c255af018309a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
9341de192317ce1f553a5a06c3429174a4b8df458b956cada0e8b7b7cfeba668
982167dc1bb3aff2d5d86f403e20291c89370ac4c9147f4e0cd5ba5247716af6
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
9965c019e7f84f47021eadf4b09b5ea111fe46f01737627df8558e7be9d14741
99998b1b810f795afab9e8b57f0353d669f2f52bc7ce9f6d70414a00a22d409c
9c217b58ef63af80a8b861c949618b599d054ec30fd7fd7f70f7cfac936babcd
a5b43ebebb44674128bee8be97e893868e07ca3d5512310a0c22fe975b7c2739
a847d55f649259b7d4a59b006e94704af495eb43b2752eca8991e40271a33b3c
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
afc4e5ddda3a76bbb4c8c3e6f81725a8b13f26e3d49a474366e575a2c3039841
b219c775b483ef8b92a2310b53c5066f2ccc661bf8126194efc49fa2febbe40d
b382b9c4225c21c4b29347753f77d1f284d4ab4a99284c676195be5992b8a055
c54893838e2cb2004f5e95d072d09de0ca1747ba7114cd163e61fed0ccf05b2a
cfa901a15a7f83e9630f742adf28ef21267ccfc748be5c2d6e9ddff2842b2713
d145cd2f0beaf099afa8380b716c915cd8b3fba453fd09674cc44417de12ec8c
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9ea4b18c6c44775818a592969e63b8eef714722436ccdf5ff773b51c42e8439
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de40074dd713e5f1b426cf8366fd75b17c4a760273c18700286c10eedb068855
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0e6e2a301ea8e5884386e6780410150c1963082e8f39072361cda670e72558c
f7a29c696bd827e4f8a4be565d1a38e140b0fbaaa9ea15fafe7dae6745380194
f7f8f934f56e520953929597562e70bb0df328994f73156d23df97535b14e4c9
f963522c3847eeecf8358c314f6293aa0d314fe539968df7a55c617538d5309c
fb61ad40f58efbf657662af1f5521484ddfa743ca506c4fec39b2bd7a307adb2
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fed81dbedde950159c20381f18f22f315fdd4ac7c362b00424ab088734cdc962