urlscan.io logo urlscan.io
SecurityTrails logo

sarafine.asite.xyz Open in urlscan Pro
13.250.255.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3OEFEsh
Effective URL: https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
Submission: On July 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 5 countries across 16 domains to perform 76 HTTP transactions. The main IP is 13.250.255.10, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is sarafine.asite.xyz.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on May 30th 2022. Valid for: 3 months.
This is the only time sarafine.asite.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-CL...)
1 1 52.77.0.178 16509 (AMAZON-02)
1 2 13.250.169.95 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
1 13.250.255.10 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
12 138.199.37.229 60068 (CDN77 ^_^)
19 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 3.1.52.184 16509 (AMAZON-02)
2 18.138.175.90 16509 (AMAZON-02)
1 13.214.5.92 16509 (AMAZON-02)
17 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
76 21
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
1    52.77.0.178 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-0-178.ap-southeast-1.compute.amazonaws.com
shorten.asia
2    13.250.169.95 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-169-95.ap-southeast-1.compute.amazonaws.com
ads000301494.go.scalef.net
1    2600:9000:206e:c200:0:e30c:c340:93a1 (United States)

ASN16509 (AMAZON-02, US)
i1-cdn.scalef.net
1    13.250.255.10 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-255-10.ap-southeast-1.compute.amazonaws.com
sarafine.asite.xyz
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    138.199.37.229 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-229.datapacket.com
w.ladicdn.com
19    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
img.youtube.com
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    3.1.52.184 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-52-184.ap-southeast-1.compute.amazonaws.com
service-api.accesstrade.vn
2    18.138.175.90 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-175-90.ap-southeast-1.compute.amazonaws.com
a.ladipage.com
1    13.214.5.92 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-214-5-92.ap-southeast-1.compute.amazonaws.com
g.ladicdn.com
17    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:800::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:400e:14::a (Ireland)

ASN15169 (GOOGLE, US)
rr5---sn-5hne6nzk.googlevideo.com
Apex Domain
Subdomains		 Transfer
21 gstatic.com
fonts.gstatic.com
www.gstatic.com
301 KB
18 youtube.com
img.youtube.com — Cisco Umbrella Rank: 3578
www.youtube.com — Cisco Umbrella Rank: 113
898 KB
13 ladicdn.com
w.ladicdn.com — Cisco Umbrella Rank: 65888
g.ladicdn.com — Cisco Umbrella Rank: 239150
1 MB
6 googlevideo.com
rr5---sn-5hne6nzk.googlevideo.com — Cisco Umbrella Rank: 60054
609 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 72
jnn-pa.googleapis.com — Cisco Umbrella Rank: 349
31 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
static.doubleclick.net — Cisco Umbrella Rank: 467
1 KB
3 scalef.net
ads000301494.go.scalef.net
i1-cdn.scalef.net
493 KB
2 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 259
8 KB
2 ladipage.com
a.ladipage.com — Cisco Umbrella Rank: 91408
632 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 144
16 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 10
14 KB
1 accesstrade.vn
service-api.accesstrade.vn
4 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 613
24 KB
1 asite.xyz
sarafine.asite.xyz
41 KB
1 shorten.asia
shorten.asia — Cisco Umbrella Rank: 442307
316 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4667
233 B
76 16
Domain Requested by
19 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
17 www.youtube.com w.ladicdn.com
www.youtube.com
12 w.ladicdn.com sarafine.asite.xyz
6 rr5---sn-5hne6nzk.googlevideo.com www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 yt3.ggpht.com www.youtube.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 a.ladipage.com w.ladicdn.com
2 ads000301494.go.scalef.net 1 redirects
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 g.ladicdn.com w.ladicdn.com
1 service-api.accesstrade.vn sarafine.asite.xyz
1 code.jquery.com sarafine.asite.xyz
1 img.youtube.com sarafine.asite.xyz
1 fonts.googleapis.com sarafine.asite.xyz
1 sarafine.asite.xyz
1 i1-cdn.scalef.net ads000301494.go.scalef.net
1 shorten.asia 1 redirects
1 bit.ly 1 redirects
76 22

This site contains no links.

Subject Issuer Validity Valid
*.go.scalef.net
Amazon		 2021-12-28 -
2023-01-26		 a year crt.sh
*.scalef.net
Amazon		 2021-09-28 -
2022-10-26		 a year crt.sh
sarafine.asite.xyz
ZeroSSL RSA Domain Secure Site CA		 2022-05-30 -
2022-08-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
w.ladicdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-24 -
2023-02-24		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.accesstrade.vn
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-04-25 -
2023-05-26		 a year crt.sh
a.ladipage.com
Amazon		 2022-06-17 -
2023-07-16		 a year crt.sh
g.ladicdn.com
ZeroSSL RSA Domain Secure Site CA		 2021-10-09 -
2022-10-09		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-07-19 -
2022-09-27		 2 months crt.sh

This page contains 2 frames:

Primary Page: https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
Frame ID: 6FEB9F8D37806885A09C4DEAE6FC4B8C
Requests: 40 HTTP requests in this frame

Frame: https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
Frame ID: DD3C1A5BA674824BA923B19A98E6FE51
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

#8 Tuần Sạch mỡ gan - Tan mỡ máu, Ổn định huyết áp. Đẩy lùi nỗi lo ĐỘT QUỴ.20 blood test15 the scientist

Page URL History Show full URLs

  1. https://bit.ly/3OEFEsh HTTP 301
    https://shorten.asia/rTGZ4ynX HTTP 302
    https://ads000301494.go.scalef.net/c/v3/CON000950385/?source=deeplink_generator&network_id=1&url=https%3A%2F%2F... Page URL
  2. https://ads000301494.go.scalef.net/c/v2/CON000950385/?source=deeplink_generator&network_id=1&url=https%3A%2F%2F... HTTP 302
    https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

76
Requests

99 %
HTTPS

64 %
IPv6

16
Domains

22
Subdomains

21
IPs

5
Countries

3833 kB
Transfer

6775 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3OEFEsh HTTP 301
    https://shorten.asia/rTGZ4ynX HTTP 302
    https://ads000301494.go.scalef.net/c/v3/CON000950385/?source=deeplink_generator&network_id=1&url=https%3A%2F%2Fsarafine.asite.xyz Page URL
  2. https://ads000301494.go.scalef.net/c/v2/CON000950385/?source=deeplink_generator&network_id=1&url=https%3A%2F%2Fsarafine.asite.xyz HTTP 302
    https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/3OEFEsh HTTP 301
  • https://shorten.asia/rTGZ4ynX HTTP 302
  • https://ads000301494.go.scalef.net/c/v3/CON000950385/?source=deeplink_generator&network_id=1&url=https%3A%2F%2Fsarafine.asite.xyz
Request Chain 46
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

76 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ads000301494.go.scalef.net/c/v3/CON000950385/
Redirect Chain
  • https://bit.ly/3OEFEsh
  • https://shorten.asia/rTGZ4ynX
  • https://ads000301494.go.scalef.net/c/v3/CON000950385/?source=deeplink_generator&network_id=1&url=https%3A%2F%2Fsarafine.asite.xyz
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads000301494.go.scalef.net/c/v3/CON000950385/?source=deeplink_generator&network_id=1&url=https%3A%2F%2Fsarafine.asite.xyz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.169.95 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-169-95.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
3e1fcbc11e41165441d30726387c3f1ea298fe196c6e7d08e5393af7abb3ab67

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-language
de-DE
content-type
text/html;charset=UTF-8
date
Thu, 28 Jul 2022 09:33:37 GMT

Redirect headers

Connection
keep-alive
Content-Length
481
Content-Type
text/html; charset=utf-8
Date
Thu, 28 Jul 2022 09:33:36 GMT
Location
https://ADS000301494.go.scalef.net/c/v3/CON000950385/?source=deeplink_generator&network_id=1&url=https%3A%2F%2Fsarafine.asite.xyz
Server
nginx/1.10.3 (Ubuntu)
1653367315_d687473a6633946dcd22_scaledjpg
i1-cdn.scalef.net/images/campaigns/logo/ 		489 KB
490 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1-cdn.scalef.net/images/campaigns/logo/1653367315_d687473a6633946dcd22_scaledjpg
Requested by
Host: ads000301494.go.scalef.net
URL: https://ads000301494.go.scalef.net/c/v3/CON000950385/?source=deeplink_generator&network_id=1&url=https%3A%2F%2Fsarafine.asite.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:c200:0:e30c:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
629a05834f733f098a9b495b98e82e90d761f376c1fb4466dcd9bc5c1f66e995

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads000301494.go.scalef.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 08:05:06 GMT
via
1.1 87459a7837f980cdc57ba8a2c23a55ae.cloudfront.net (CloudFront)
last-modified
Tue, 24 May 2022 04:41:56 GMT
server
AmazonS3
age
5312
etag
"cd0fdaee0046aafa68a4c2f04e512350"
x-cache
Hit from cloudfront
content-type
text/plain
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-length
501063
x-amz-cf-id
bMrNJTFeTExTFIpmD2MMe6Bnhm69Bt7YRw-x0GQ-yFCY_httb9IMwQ==
Primary Request /
sarafine.asite.xyz/
Redirect Chain
  • https://ads000301494.go.scalef.net/c/v2/CON000950385/?source=deeplink_generator&network_id=1&url=https%3A%2F%2Fsarafine.asite.xyz
  • https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
241 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.255.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-255-10.ap-southeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
aa69c3dca43011245c7d9be1c3c9f88e1310596001511414f27dddbeb55911ff

Request headers

Referer
https://ads000301494.go.scalef.net/c/v3/CON000950385/?source=deeplink_generator&network_id=1&url=https%3A%2F%2Fsarafine.asite.xyz
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 28 Jul 2022 09:33:38 GMT
server
openresty
statuscode
200
vary
Accept-Encoding

Redirect headers

content-language
de-DE
content-length
0
date
Thu, 28 Jul 2022 09:33:38 GMT
location
https://sarafine.asite.xyz?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Muli:bold,regular&display=swap
Requested by
Host: sarafine.asite.xyz
URL: https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
11d6f0979291db740ea8120162f168e03ad0383ca122fba0d3c9046c76087cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarafine.asite.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 09:33:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 28 Jul 2022 09:33:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Jul 2022 09:33:39 GMT
ladipage.vi.min.js
w.ladicdn.com/v2/source/ 		332 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1653875791278
Requested by
Host: sarafine.asite.xyz
URL: https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-229.datapacket.com
Software
BunnyCDN-DE-865 /
Resource Hash
89d12d4c3f4be2fffd2f1490521e7d7fdb6f5e5c1108a6fd7c6ae4ac95debfd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarafine.asite.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:39 GMT
content-encoding
br
cdn-edgestorageid
722
perma-cache
HIT
cdn-storageserver
NY-347
cdn-cachedat
06/09/2022 21:32:04
cdn-pullzone
575124
server
BunnyCDN-DE-865
last-modified
Mon, 30 May 2022 02:01:51 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
cdn-fileserver
341
etag
W/"6294258f-52f01"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
595f2f5d-bafe-46b1-9efc-ee9b65944aba
cache-control
public, max-age=31919000
cdn-requestid
1ab2e0ea13c7157cc0694e3e02e02b39
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
notify.svg
w.ladicdn.com/source/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/source/notify.svg
Requested by
Host: sarafine.asite.xyz
URL: https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-229.datapacket.com
Software
BunnyCDN-DE-865 /
Resource Hash
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarafine.asite.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:39 GMT
content-encoding
br
cdn-edgestorageid
601
perma-cache
HIT
cdn-storageserver
NY-267
cdn-cachedat
04/10/2022 19:09:43
cdn-pullzone
575124
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-DE-865
access-control-allow-origin
*
last-modified
Sat, 15 Jan 2022 00:24:51 GMT
cdn-proxyver
1.02
cdn-fileserver
264
etag
W/"61e21453-60b"
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestid
1467d6abe40237cb8ff296189f79deab
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Muli:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sarafine.asite.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 21:06:05 GMT
x-content-type-options
nosniff
age
217654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17908
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:23:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Jul 2023 21:06:05 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Muli:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sarafine.asite.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 20:41:06 GMT
x-content-type-options
nosniff
age
219153
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11872
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Jul 2023 20:41:06 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Muli:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sarafine.asite.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 08:44:49 GMT
x-content-type-options
nosniff
age
89330
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 08:44:49 GMT
If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2
fonts.gstatic.com/s/dancingscript/v24/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dancingscript/v24/If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Muli:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44f79d6564067d847cea0ab32624f0db3a4a3a4a0daedee4e5efbad531c88fac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sarafine.asite.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 07:53:40 GMT
x-content-type-options
nosniff
age
178799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42404
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:34:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Jul 2023 07:53:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Muli:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sarafine.asite.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 08:01:51 GMT
x-content-type-options
nosniff
age
5508
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Jul 2023 08:01:51 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlYHYjedg.woff2
fonts.gstatic.com/s/oswald/v49/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlYHYjedg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Muli:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff49193961823042609f9a392dda2d1eb41f751f567ba54413f21a837b07c725
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sarafine.asite.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 21:19:47 GMT
x-content-type-options
nosniff
age
216832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14156
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:38:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Jul 2023 21:19:47 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Muli:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sarafine.asite.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 17:04:23 GMT
x-content-type-options
nosniff
age
232156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11824
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Jul 2023 17:04:23 GMT
If2RXTr6YS-zF4S-kcSWSVi_szLuiuEViw.woff2
fonts.gstatic.com/s/dancingscript/v24/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dancingscript/v24/If2RXTr6YS-zF4S-kcSWSVi_szLuiuEViw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Muli:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1b7889978944d05819617952ff47a24a1cb5afa9d4c076d4109e63b76d06b02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sarafine.asite.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 18:21:27 GMT
x-content-type-options
nosniff
age
54732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22208
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:28:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 18:21:27 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Muli:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sarafine.asite.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 17:42:58 GMT
x-content-type-options
nosniff
age
229841
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31196
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:43:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Jul 2023 17:42:58 GMT
7Auwp_0qiz-afTzGLRrX.woff2
fonts.gstatic.com/s/muli/v28/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTzGLRrX.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Muli:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee6428dc15beb065bef14ce4cbab92a469d0fccfa20ec5b05455775e77a05b39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sarafine.asite.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 00:50:54 GMT
x-content-type-options
nosniff
age
117765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28504
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:36:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 00:50:54 GMT
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Muli:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sarafine.asite.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:10:19 GMT
x-content-type-options
nosniff
age
210200
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5560
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Jul 2023 23:10:19 GMT
truncated
/ 		166 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ffd35532dbce923eaf27285a4a5b19837f3ef3988b20bdf1f7919924c8281f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Muli:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sarafine.asite.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 21:51:35 GMT
x-content-type-options
nosniff
age
214924
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Jul 2023 21:51:35 GMT
hh-20200723025007.jpg
w.ladicdn.com/s1440x564/5c7362c6c417ab07e5196b05/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s1440x564/5c7362c6c417ab07e5196b05/hh-20200723025007.jpg
Requested by
Host: sarafine.asite.xyz
URL: https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-229.datapacket.com
Software
BunnyCDN-DE-865 /
Resource Hash
ceaf3edc52169b724417f08945de3fe219e8679b7766f9504d86ba2ab52d13d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarafine.asite.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:39 GMT
cdn-edgestorageid
755
perma-cache
HIT
cdn-storageserver
NY-347
cdn-cachedat
05/05/2022 00:45:43
cdn-pullzone
575124
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length
35555
server
BunnyCDN-DE-865
access-control-allow-origin
*
last-modified
Fri, 14 Jan 2022 05:02:52 GMT
cdn-proxyver
1.02
cdn-fileserver
266
etag
"61e103fc-8ae3"
content-type
image/jpeg
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestpullcode
200
cdn-requestid
a59babce27ceafa5fa51a0b61fa68cc0
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
uiyt-20200715085918.png
w.ladicdn.com/s550x500/5c7362c6c417ab07e5196b05/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s550x500/5c7362c6c417ab07e5196b05/uiyt-20200715085918.png
Requested by
Host: sarafine.asite.xyz
URL: https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-229.datapacket.com
Software
BunnyCDN-DE-865 /
Resource Hash
a53c77da843db322153c341b3530ab230de6a58da9eed3533d377552a479e9ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarafine.asite.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:39 GMT
cdn-edgestorageid
864
perma-cache
HIT
cdn-storageserver
NY-268
cdn-cachedat
03/12/2022 15:22:19
cdn-pullzone
575124
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length
54265
server
BunnyCDN-DE-865
access-control-allow-origin
*
last-modified
Thu, 20 Jan 2022 13:07:04 GMT
cdn-proxyver
1.02
cdn-fileserver
206
etag
"61e95e78-d3f9"
content-type
image/png
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestpullcode
200
cdn-requestid
eccc8fd1714af48a1be2237d3585c39f
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
hqdefault.jpg
img.youtube.com/vi/nRSwJ5__buA/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/nRSwJ5__buA/hqdefault.jpg
Requested by
Host: sarafine.asite.xyz
URL: https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f305859475a205c63122611e72115295022575cd2f0eb3f89f5ae6a8702d7305
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarafine.asite.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:39 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10409
x-xss-protection
0
server
sffe
etag
"1634206105"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 28 Jul 2022 11:33:39 GMT
hop-lo-20211014084936.png
w.ladicdn.com/s700x700/5c6cef6bef93a803f17402c2/ 		857 KB
859 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s700x700/5c6cef6bef93a803f17402c2/hop-lo-20211014084936.png
Requested by
Host: sarafine.asite.xyz
URL: https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-229.datapacket.com
Software
BunnyCDN-DE-865 /
Resource Hash
561786bfe976ac76f3f759f04d6868ffe0ce3d8da822fad80a31f7760f5f633d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarafine.asite.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:39 GMT
cdn-edgestorageid
601
perma-cache
HIT
cdn-storageserver
NY-346
cdn-cachedat
05/05/2022 00:45:42
cdn-pullzone
575124
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length
877761
server
BunnyCDN-DE-865
access-control-allow-origin
*
last-modified
Fri, 14 Jan 2022 05:09:20 GMT
cdn-proxyver
1.02
cdn-fileserver
259
etag
"61e10580-d64c1"
content-type
image/png
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestpullcode
200
cdn-requestid
e3c6b96c4da4af2b1021881abd708ee7
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
nhap-khau-nguyen-hop-20211007105359.png
w.ladicdn.com/s550x550/5c6cef6bef93a803f17402c2/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s550x550/5c6cef6bef93a803f17402c2/nhap-khau-nguyen-hop-20211007105359.png
Requested by
Host: sarafine.asite.xyz
URL: https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-229.datapacket.com
Software
BunnyCDN-DE-865 /
Resource Hash
122dec05dfb3c3ed5a11b40c7c9b6d6698fa2c9dcf701cc6b38058e89b08bc2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarafine.asite.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:39 GMT
cdn-edgestorageid
865
perma-cache
HIT
cdn-storageserver
NY-347
cdn-cachedat
05/05/2022 00:45:44
cdn-pullzone
575124
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length
43152
server
BunnyCDN-DE-865
access-control-allow-origin
*
last-modified
Fri, 14 Jan 2022 06:19:32 GMT
cdn-proxyver
1.02
cdn-fileserver
204
etag
"61e115f4-a890"
content-type
image/png
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestpullcode
200
cdn-requestid
c941534d9c5025a6937a6a429113f7d5
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
htv9-logo-20211014101100.png
w.ladicdn.com/s400x350/5c6cef6bef93a803f17402c2/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s400x350/5c6cef6bef93a803f17402c2/htv9-logo-20211014101100.png
Requested by
Host: sarafine.asite.xyz
URL: https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-229.datapacket.com
Software
BunnyCDN-DE-865 /
Resource Hash
da7f7d30807e144836e3cccf8fc43591e2fa9c098f91a8b084ac4bc6c94d4882

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarafine.asite.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:39 GMT
cdn-edgestorageid
874
perma-cache
HIT
cdn-storageserver
NY-347
cdn-cachedat
05/08/2022 11:05:31
cdn-pullzone
575124
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length
50820
server
BunnyCDN-DE-865
access-control-allow-origin
*
last-modified
Fri, 14 Jan 2022 05:09:25 GMT
cdn-proxyver
1.02
cdn-fileserver
259
etag
"61e10585-c684"
content-type
image/png
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestpullcode
200
cdn-requestid
274791b4688436cb9a4c75955d09fca7
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
4-20211013071908.jpg
w.ladicdn.com/s800x650/5c6cef6bef93a803f17402c2/ 		154 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s800x650/5c6cef6bef93a803f17402c2/4-20211013071908.jpg
Requested by
Host: sarafine.asite.xyz
URL: https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-229.datapacket.com
Software
BunnyCDN-DE-865 /
Resource Hash
6a5b0c7a4124722168af0172ad3cf55d851421014726549e1ace73480b3217e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarafine.asite.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:39 GMT
cdn-edgestorageid
874
perma-cache
HIT
cdn-storageserver
NY-347
cdn-cachedat
06/05/2022 04:12:23
cdn-pullzone
575124
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length
157365
server
BunnyCDN-DE-865
access-control-allow-origin
*
last-modified
Fri, 14 Jan 2022 06:46:16 GMT
cdn-proxyver
1.02
cdn-fileserver
268
etag
"61e11c38-266b5"
content-type
image/jpeg
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestpullcode
200
cdn-requestid
d6fed01af7fd9a4ac5ba8f2fbb2a4125
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
6uwy65-20200723031917.png
w.ladicdn.com/s450x450/5c7362c6c417ab07e5196b05/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s450x450/5c7362c6c417ab07e5196b05/6uwy65-20200723031917.png
Requested by
Host: sarafine.asite.xyz
URL: https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-229.datapacket.com
Software
BunnyCDN-DE-865 /
Resource Hash
0201d2825e32e7b9d32815fe94e619cc158b1c9a65b7a711a6666e71f22c1c25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarafine.asite.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:39 GMT
cdn-edgestorageid
874
perma-cache
HIT
cdn-storageserver
NY-346
cdn-cachedat
05/05/2022 00:45:44
cdn-pullzone
575124
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length
9541
server
BunnyCDN-DE-865
access-control-allow-origin
*
last-modified
Fri, 14 Jan 2022 06:51:50 GMT
cdn-proxyver
1.02
cdn-fileserver
203
etag
"61e11d86-2545"
content-type
image/png
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestpullcode
200
cdn-requestid
474b3df988c78a496140ad205062b427
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
picture1-20210829091259.png
w.ladicdn.com/s750x600/5c6cef6bef93a803f17402c2/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s750x600/5c6cef6bef93a803f17402c2/picture1-20210829091259.png
Requested by
Host: sarafine.asite.xyz
URL: https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-229.datapacket.com
Software
BunnyCDN-DE-865 /
Resource Hash
da475d942355f1ea55c4eae9799b5b47115576899897f920a3dcb797447ec81e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarafine.asite.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:39 GMT
cdn-edgestorageid
722
perma-cache
HIT
cdn-storageserver
NY-346
cdn-cachedat
07/25/2022 10:02:51
cdn-pullzone
575124
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length
93099
server
BunnyCDN-DE-865
access-control-allow-origin
*
last-modified
Fri, 14 Jan 2022 06:19:31 GMT
cdn-proxyver
1.02
cdn-fileserver
204
etag
"61e115f3-16bab"
content-type
image/png
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestpullcode
200
cdn-requestid
d8bb77ee2650a16cb6c4938711e70f8c
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
ladipage.min.css
w.ladicdn.com/v2/source/ 		66 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v2/source/ladipage.min.css?v=1653875791278
Requested by
Host: sarafine.asite.xyz
URL: https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-229.datapacket.com
Software
BunnyCDN-DE-865 /
Resource Hash
cdf280f70a1b4ee57e3451e5aecb0d56269e5feec54513bed76598df05acabdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarafine.asite.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:39 GMT
content-encoding
br
cdn-edgestorageid
874
perma-cache
HIT
cdn-storageserver
NY-346
cdn-cachedat
05/30/2022 02:13:06
cdn-pullzone
575124
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-DE-865
access-control-allow-origin
*
last-modified
Mon, 30 May 2022 02:01:50 GMT
cdn-proxyver
1.02
cdn-fileserver
353
etag
W/"6294258e-1071b"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestid
b90d41e1fcf7baf927700daaf5df9a13
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
dataset.min.js
w.ladicdn.com/v2/source/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v2/source/dataset.min.js?v=1653875791278
Requested by
Host: sarafine.asite.xyz
URL: https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-229.datapacket.com
Software
BunnyCDN-DE-865 /
Resource Hash
f9356ece164dd0260109c2eb9dcbf97f592b9471dc9fd9704a972ee44774e509

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarafine.asite.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:39 GMT
content-encoding
br
cdn-edgestorageid
723
perma-cache
HIT
cdn-storageserver
NY-347
cdn-cachedat
05/30/2022 02:28:35
cdn-pullzone
575124
server
BunnyCDN-DE-865
last-modified
Mon, 30 May 2022 02:07:32 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
cdn-fileserver
354
etag
W/"629426e4-1633"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
595f2f5d-bafe-46b1-9efc-ee9b65944aba
cache-control
public, max-age=31919000
cdn-requestid
05d19ac385eb7e3ad3fe15e8fb6c799e
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
jquery-3.4.1.slim.min.js
code.jquery.com/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.slim.min.js
Requested by
Host: sarafine.asite.xyz
URL: https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

Referer
https://sarafine.asite.xyz/
Origin
https://sarafine.asite.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:39 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1157d"
vary
Accept-Encoding
x-hw
1659000819.dop151.am5.t,1659000819.cds231.am5.hn,1659000819.cds246.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24328
d2c.js
service-api.accesstrade.vn/js/v2/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service-api.accesstrade.vn/js/v2/d2c.js
Requested by
Host: sarafine.asite.xyz
URL: https://sarafine.asite.xyz/?click_id=5bd7825448e940cc9fede0a73c5d03e9&aff_network=SF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.52.184 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-52-184.ap-southeast-1.compute.amazonaws.com
Software
LiteSpeed /
Resource Hash
64617037040aa2a42e350b01e3b753ac94f13ed34bab0693510f0a109b13c9d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarafine.asite.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:40 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 10:57:59 GMT
server
LiteSpeed
etag
"3ba4-62e11a37-45c3f;gz"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3671
expires
Thu, 04 Aug 2022 09:33:40 GMT
If2RXTr6YS-zF4S-kcSWSVi_szLviuEViw.woff2
fonts.gstatic.com/s/dancingscript/v24/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dancingscript/v24/If2RXTr6YS-zF4S-kcSWSVi_szLviuEViw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Muli:bold,regular&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bbb408727c2554198f81abd63e4283ebe8e9da39e2541482bab9013e1a3fde1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sarafine.asite.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 00:54:35 GMT
x-content-type-options
nosniff
age
203944
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7408
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:34:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Jul 2023 00:54:35 GMT
7Auwp_0qiz-afT3GLRrX.woff2
fonts.gstatic.com/s/muli/v28/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afT3GLRrX.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Muli:bold,regular&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d58bdfc9d7ec30ad27b69b7b778cf94aa644a4d357542a5c30d758182ef4125
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sarafine.asite.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 12:28:35 GMT
x-content-type-options
nosniff
age
594304
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10980
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:48:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Jul 2023 12:28:35 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlZHYjedg.woff2
fonts.gstatic.com/s/oswald/v49/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlZHYjedg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Muli:bold,regular&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ded0bb5abaface50de91235f0efb29bb16541560b0c71458d49a740777808a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sarafine.asite.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 07:44:16 GMT
x-content-type-options
nosniff
age
6563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4552
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:46:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Jul 2023 07:44:16 GMT
KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Muli:bold,regular&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sarafine.asite.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 13:17:22 GMT
x-content-type-options
nosniff
age
245777
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5548
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Jul 2023 13:17:22 GMT
event
a.ladipage.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.175.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-175-90.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view
Access-Control-Request-Method
POST
Origin
https://sarafine.asite.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
2592000
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 28 Jul 2022 09:33:40 GMT
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
0
5b1a076f9066d950710a3d7f.json
g.ladicdn.com/dataset/ 		2 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ladicdn.com/dataset/5b1a076f9066d950710a3d7f.json?id=6141c12dd1330500bc2814bd
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1653875791278
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.214.5.92 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-214-5-92.ap-southeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarafine.asite.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Jul 2022 09:33:40 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
statuscode
200
server
openresty
content-length
2
content-type
text/plain; charset=utf-8
event
a.ladipage.com/ 		106 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1653875791278
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.175.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-175-90.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

LADI_CLIENT_ID
20ff8a06-8b3f-4b29-7880-c8d32bfc48bb
LADI_CAMP_ORIGIN_URL
LADI_CAMP_ID
accept-language
de-DE,de;q=0.9
LADI_CAMP_FORM_SUBMIT
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
LADI_FORM_SUBMIT
0
LADI_CAMP_NAME
Content-Type
application/json
Referer
https://sarafine.asite.xyz/
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW
0
LADI_PAGE_VIEW
1
LADI_CAMP_TYPE

Response headers

date
Thu, 28 Jul 2022 09:33:40 GMT
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-max-age
2592000
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection
0
iframe_api
www.youtube.com/ 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1653875791278
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8722f97a0b10b306b5620ed65f3d984b45ef368875b9594348320123369917d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarafine.asite.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 28 Jul 2022 09:33:39 GMT
www-widgetapi.js
www.youtube.com/s/player/240bde48/www-widgetapi.vflset/ 		160 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/240bde48/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b76b80cb8d205a887a5d5d72b6179eb97e637b001d3360ac935b96b92796ecc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sarafine.asite.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 08:54:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
2351
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52713
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 00:15:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 28 Jul 2023 08:54:28 GMT
nRSwJ5__buA
www.youtube.com/embed/ Frame DD3C 		62 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
45b66b55c1add1732590e85554d130bf16e569604d8ed286fe68068708fbe0c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sarafine.asite.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Thu, 28 Jul 2022 09:33:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
www-player.css
www.youtube.com/s/player/240bde48/ Frame DD3C 		340 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/240bde48/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb599e114d2bc2f901597ac2b6cbf99e6e6e7de9501a5c1a600ea2d6bad68d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 14:48:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
67491
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47800
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 00:15:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Jul 2023 14:48:49 GMT
www-embed-player.js
www.youtube.com/s/player/240bde48/www-embed-player.vflset/ Frame DD3C 		308 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/240bde48/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
126a7f1527363ca12ba70485e469f9cf583b319537a76cfded51a20f52128be5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 14:48:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
67491
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97242
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 00:15:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Jul 2023 14:48:49 GMT
base.js
www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/ Frame DD3C 		2 MB
564 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
333c385f1afe99ad2f9c25f1cb0bff7bdcf017a2cd4c025bf6cb0238da22217d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 14:48:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
67488
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
577713
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 00:15:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Jul 2023 14:48:52 GMT
fetch-polyfill.js
www.youtube.com/s/player/240bde48/fetch-polyfill.vflset/ Frame DD3C 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/240bde48/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 14:48:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
67491
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 00:15:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Jul 2023 14:48:49 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DD3C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 11:18:05 GMT
x-content-type-options
nosniff
age
166535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 26 Jul 2023 11:18:05 GMT
id
googleads.g.doubleclick.net/pagead/ Frame DD3C
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
Protocol
H3
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d494f08d40704cc8562479d44dcd96c5e2097899d3c95c0c1b07c7fce2f57d10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 28 Jul 2022 09:33:40 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame DD3C 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:19:42 GMT
x-content-type-options
nosniff
age
838
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Jul 2022 09:34:42 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 28 Jul 2022 09:33:40 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame DD3C 		63 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e5cbe2b4d3920820cff306869dc8e6850f8356a7b8dd52e826b3c8de9bd98804
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 28 Jul 2022 09:33:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
30064
x-xss-protection
0
remote.js
www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/ Frame DD3C 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74983bfb9a159887f14e49ddf837e1dfcc9707700d77c9caecfd1cc15d3d1a9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 14:50:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
67366
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37767
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 00:15:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Jul 2023 14:50:54 GMT
f2rKiNYtp5mcnE6SIkgPJqBXFZM4eH8COPZoJ440RtI.js
www.google.com/js/th/ Frame DD3C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/f2rKiNYtp5mcnE6SIkgPJqBXFZM4eH8COPZoJ440RtI.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f6aca88d62da7999c9c4e9222480f26a057159338787f0238f668278e3446d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 00:21:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
33159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13863
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 13:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Jul 2023 00:21:01 GMT
embed.js
www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/ Frame DD3C 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b53587af6a12f7fad3bfad6b7b54c87e617be23251df237e82aab784bbdbc36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 14:48:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
67484
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8109
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 00:15:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Jul 2023 14:48:56 GMT
truncated
/ Frame DD3C 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
_f_mV3t2Gk1DzPXivxTkqYbppj0VDsZSsMyWp1HXQU41D5vJxHmcOZGzGcmdWYnbB9JEJzc=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame DD3C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/_f_mV3t2Gk1DzPXivxTkqYbppj0VDsZSsMyWp1HXQU41D5vJxHmcOZGzGcmdWYnbB9JEJzc=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1d5b2220951d8e45cc8b0f992b59cdff89926d2d6ada34acd28f9de62628b719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 08:05:06 GMT
x-content-type-options
nosniff
age
5314
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3172
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 27 Jul 2022 22:46:00 GMT
sddefault.webp
i.ytimg.com/vi_webp/nRSwJ5__buA/ Frame DD3C 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/nRSwJ5__buA/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc6e1de163dee47f538879c1163c8d22c93bf5d6b70e0757abed3f86446f1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 07:59:30 GMT
x-content-type-options
nosniff
age
5650
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16254
x-xss-protection
0
server
sffe
etag
"1634206105"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 28 Jul 2022 09:59:30 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DD3C 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 08:54:30 GMT
x-content-type-options
nosniff
age
2350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11936
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Jul 2023 08:54:30 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame DD3C 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 28 Jul 2022 09:33:40 GMT
player
www.youtube.com/youtubei/v1/ Frame DD3C 		64 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ea47d4a8cac8c0b2c2fcf2469397a9da7602cc9c9dc492bdbb0825f7d21a62e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20220726.01.00
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
X-Goog-Visitor-Id
CgtKTWZvUjZLa3VDOCj0r4mXBg%3D%3D
Content-Type
application/json

Response headers

date
Thu, 28 Jul 2022 09:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21835
x-xss-protection
0
expires
Thu, 28 Jul 2022 09:33:40 GMT
truncated
/ Frame DD3C 		235 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7798d605df9f2d3ff7ce2fb2017c7a0fbd3e9a753a71b8ba89e90b143634be87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DD3C 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 20:22:38 GMT
x-content-type-options
nosniff
age
47462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5224
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 27 Jul 2023 20:22:38 GMT
generate_204
www.youtube.com/ Frame DD3C 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?kcZVqQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
qoe
www.youtube.com/api/stats/ Frame DD3C 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?fmt=243&afmt=251&cpn=8EoauuGXYIhSM02w&el=embedded&ns=yt&fexp=23748146%2C23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24135692%2C24169501%2C24199709%2C24226335%2C24238983%2C24241936%2C24242719%2C24245161%2C24245745%2C24248085%2C24248385%2C24252017%2C24254429%2C39321934&cl=463446027&seq=1&docid=nRSwJ5__buA&ei=9FfiYsaEIMqd8gPB4LlY&event=streamingstats&plid=AAXk2jqXTO-C9sko&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FnRSwJ5__buA%3Frel%3D0%26modestbranding%3D0%26playsinline%3D1%26controls%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fsarafine.asite.xyz%26widgetid%3D1&cbr=Chrome&cbrver=103.0.5060.134&c=WEB_EMBEDDED_PLAYER&cver=1.20220726.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.011:B,0.151:B,0.151:B&cmt=0.011:0.000,0.151:0.000&afs=0.150:251::i&vfs=0.151:243:243::r&view=0.151:354:199&bwe=0.151:130000&bat=0.151:1:1&vis=0.151:0&bh=0.151:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
X-YouTube-Client-Version
1.20220726.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtKTWZvUjZLa3VDOCj0r4mXBg%3D%3D
X-YouTube-Ad-Signals
dt=1659000826129&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C354%2C199&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 09:33:40 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr5---sn-5hne6nzk.googlevideo.com/ Frame DD3C 		90 KB
91 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr5---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1659022420&ei=9FfiYsaEIMqd8gPB4LlY&ip=2a03%3A1b20%3A6%3Af011%3A%3A4e&id=o-AMxoCVSbWlw_Qq1GOLQHfU8i-8nuzTyPXKXtZiMvMF1H&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=3D&mm=31%2C26&mn=sn-5hne6nzk%2Csn-5goeen7k&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=1330000&spc=lT-Khu4p8U_oMFR5gtGddBa4O4nxINU&vprv=1&mime=video%2Fwebm&ns=HDWos6R3_MvE6jYFdmDoz_4H&gir=yes&clen=4462236&dur=184.840&lmt=1635085626326901&mt=1659000530&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=W9Ee18qmuEoLQA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAP2a4mNf_Go2okr1C4wJW3AIb7QZFAJsgwQe5ZQSpmCRAiBp9z-H4sn-m39LvFTuDxqCpWNVDTvZynJpGNvKEbpzxw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgBuVY06zx2JiQZH1EXaQ4TXwKk9w5FteHlxuKHQrum7wCIQCPnegaHcVU7XI90iH5CrlM5wAyGJOqL45tqBEAjk78aQ%3D%3D&alr=yes&cpn=8EoauuGXYIhSM02w&cver=1.20220726.01.00&range=0-92418&rn=1&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:14::a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
623ead29ba3bcbebd36b493f6cf62071d003333d8a54d71bcfeccd90ef9ee3e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 09:33:40 GMT
X-Restrict-Formats-Hint
None
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
92419
Last-Modified
Sun, 24 Oct 2021 14:27:06 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/webm
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
X-Content-Type-Options
nosniff
Expires
Thu, 28 Jul 2022 09:33:40 GMT
videoplayback
rr5---sn-5hne6nzk.googlevideo.com/ Frame DD3C 		65 KB
66 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr5---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1659022420&ei=9FfiYsaEIMqd8gPB4LlY&ip=2a03%3A1b20%3A6%3Af011%3A%3A4e&id=o-AMxoCVSbWlw_Qq1GOLQHfU8i-8nuzTyPXKXtZiMvMF1H&itag=251&source=youtube&requiressl=yes&mh=3D&mm=31%2C26&mn=sn-5hne6nzk%2Csn-5goeen7k&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=1330000&spc=lT-Khu4p8U_oMFR5gtGddBa4O4nxINU&vprv=1&mime=audio%2Fwebm&ns=HDWos6R3_MvE6jYFdmDoz_4H&gir=yes&clen=2769313&dur=184.861&lmt=1635085603547421&mt=1659000530&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=W9Ee18qmuEoLQA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPmeNx43G2AGV1_MpQL6E_ohQnO1t2khfmfCT78q8w_9AiEAkrK1a9VreVRZFZkle8Z3Xg81ACzWC90Vgng6qFiKoIc%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgBuVY06zx2JiQZH1EXaQ4TXwKk9w5FteHlxuKHQrum7wCIQCPnegaHcVU7XI90iH5CrlM5wAyGJOqL45tqBEAjk78aQ%3D%3D&alr=yes&cpn=8EoauuGXYIhSM02w&cver=1.20220726.01.00&range=0-66121&rn=2&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:14::a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
db78d4a79d636ad4eb4a88bc0cf03750e699e862eb0444194f349dfcba22213b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 09:33:40 GMT
X-Content-Type-Options
nosniff
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
66122
Last-Modified
Sun, 24 Oct 2021 14:26:43 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
audio/webm
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
Expires
Thu, 28 Jul 2022 09:33:40 GMT
captions.js
www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/ Frame DD3C 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/captions.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adfba81173a386158ddfdc8390a5e0e84e27a92bb23a11f550c7e0d93f741a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 14:50:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
67366
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24425
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 00:15:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Jul 2023 14:50:54 GMT
endscreen.js
www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/ Frame DD3C 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/endscreen.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac956246af4b550f447af02912612cb65226870f77339c9cfa5742ce46a864a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 14:50:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
67366
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7962
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 00:15:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Jul 2023 14:50:54 GMT
next
www.youtube.com/youtubei/v1/ Frame DD3C 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d4a14036c816c164615f500ed003e46c581cd9bc0a591be14c0faae512b87ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20220726.01.00
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
X-Goog-Visitor-Id
CgtKTWZvUjZLa3VDOCj0r4mXBg%3D%3D
Content-Type
application/json

Response headers

date
Thu, 28 Jul 2022 09:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1961
x-xss-protection
0
expires
Thu, 28 Jul 2022 09:33:40 GMT
cast_sender.js
www.gstatic.com/eureka/clank/103/ Frame DD3C 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/103/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15123
x-xss-protection
0
last-modified
Mon, 02 May 2022 15:04:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 29 Jul 2022 09:25:56 GMT
videoplayback
rr5---sn-5hne6nzk.googlevideo.com/ Frame DD3C 		86 KB
86 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr5---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1659022420&ei=9FfiYsaEIMqd8gPB4LlY&ip=2a03%3A1b20%3A6%3Af011%3A%3A4e&id=o-AMxoCVSbWlw_Qq1GOLQHfU8i-8nuzTyPXKXtZiMvMF1H&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=3D&mm=31%2C26&mn=sn-5hne6nzk%2Csn-5goeen7k&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=1330000&spc=lT-Khu4p8U_oMFR5gtGddBa4O4nxINU&vprv=1&mime=video%2Fwebm&ns=HDWos6R3_MvE6jYFdmDoz_4H&gir=yes&clen=4462236&dur=184.840&lmt=1635085626326901&mt=1659000530&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=W9Ee18qmuEoLQA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAP2a4mNf_Go2okr1C4wJW3AIb7QZFAJsgwQe5ZQSpmCRAiBp9z-H4sn-m39LvFTuDxqCpWNVDTvZynJpGNvKEbpzxw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgBuVY06zx2JiQZH1EXaQ4TXwKk9w5FteHlxuKHQrum7wCIQCPnegaHcVU7XI90iH5CrlM5wAyGJOqL45tqBEAjk78aQ%3D%3D&alr=yes&cpn=8EoauuGXYIhSM02w&cver=1.20220726.01.00&range=92419-180514&rn=3&rbuf=2610
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:14::a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
ad8893835fcdd6842144e3188825955f97aa2440ed8a625ddc0a356683d4cc9d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:40 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88096
client-protocol
quic
last-modified
Sun, 24 Oct 2021 14:27:06 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Thu, 28 Jul 2022 09:33:40 GMT
_f_mV3t2Gk1DzPXivxTkqYbppj0VDsZSsMyWp1HXQU41D5vJxHmcOZGzGcmdWYnbB9JEJzc=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame DD3C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/_f_mV3t2Gk1DzPXivxTkqYbppj0VDsZSsMyWp1HXQU41D5vJxHmcOZGzGcmdWYnbB9JEJzc=s88-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
05c6ee85b7627d98f2689885712b267cf078f903d1087a438df26f58a79a2fb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 08:05:08 GMT
x-content-type-options
nosniff
age
5312
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4687
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 27 Jul 2022 22:46:00 GMT
playback
www.youtube.com/api/stats/ Frame DD3C 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=8EoauuGXYIhSM02w&ver=2&cmt=0.004&fmt=243&fs=0&rt=0.426&euri=https%3A%2F%2Fsarafine.asite.xyz%2F&lact=527&cl=463446027&mos=1&volume=100&cbr=Chrome&cbrver=103.0.5060.134&c=WEB_EMBEDDED_PLAYER&cver=1.20220726.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&hl=de_DE&cr=DE&len=184.861&fexp=23748146%2C23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24135692%2C24169501%2C24199709%2C24226335%2C24238983%2C24241936%2C24242719%2C24245161%2C24245745%2C24248085%2C24248385%2C24252017%2C24254429%2C39321934&rtn=9&afmt=251&size=354%3A199&inview=1&muted=1&docid=nRSwJ5__buA&ei=9FfiYsaEIMqd8gPB4LlY&plid=AAXk2jqXTO-C9sko&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FnRSwJ5__buA%3Frel%3D0%26modestbranding%3D0%26playsinline%3D1%26controls%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fsarafine.asite.xyz%26widgetid%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBS1JhaHdBaFVMQVpqWlFoRXpSNVlsaWV3ZW51SHlsQjFjWlk4dUZwM0o3YWJxaEN3Z2JUQVBta0tETGJuUFkzcTdMQ3lCbDM3clVMdGZ2QXE1TXJnNnZtTjVVMFhIS21mNDlUVDVsaDZPaWd6R1l6dzAyTk5DV3ByRnNWc2JoNU1XcnBiVnMw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
X-YouTube-Client-Version
1.20220726.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtKTWZvUjZLa3VDOCj0r4mXBg%3D%3D
X-YouTube-Ad-Signals
dt=1659000826129&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C354%2C199&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 09:33:40 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ptracking
www.youtube.com/ Frame DD3C 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/ptracking?html5=1&video_id=nRSwJ5__buA&cpn=8EoauuGXYIhSM02w&ei=9FfiYsaEIMqd8gPB4LlY&ptk=youtube_none&pltype=contentugc
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/nRSwJ5__buA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsarafine.asite.xyz&widgetid=1
X-YouTube-Client-Version
1.20220726.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtKTWZvUjZLa3VDOCj0r4mXBg%3D%3D
X-YouTube-Ad-Signals
dt=1659000826129&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C354%2C199&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 09:33:40 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr5---sn-5hne6nzk.googlevideo.com/ Frame DD3C 		74 KB
74 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr5---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1659022420&ei=9FfiYsaEIMqd8gPB4LlY&ip=2a03%3A1b20%3A6%3Af011%3A%3A4e&id=o-AMxoCVSbWlw_Qq1GOLQHfU8i-8nuzTyPXKXtZiMvMF1H&itag=251&source=youtube&requiressl=yes&mh=3D&mm=31%2C26&mn=sn-5hne6nzk%2Csn-5goeen7k&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=1330000&spc=lT-Khu4p8U_oMFR5gtGddBa4O4nxINU&vprv=1&mime=audio%2Fwebm&ns=HDWos6R3_MvE6jYFdmDoz_4H&gir=yes&clen=2769313&dur=184.861&lmt=1635085603547421&mt=1659000530&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=W9Ee18qmuEoLQA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPmeNx43G2AGV1_MpQL6E_ohQnO1t2khfmfCT78q8w_9AiEAkrK1a9VreVRZFZkle8Z3Xg81ACzWC90Vgng6qFiKoIc%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgBuVY06zx2JiQZH1EXaQ4TXwKk9w5FteHlxuKHQrum7wCIQCPnegaHcVU7XI90iH5CrlM5wAyGJOqL45tqBEAjk78aQ%3D%3D&alr=yes&cpn=8EoauuGXYIhSM02w&cver=1.20220726.01.00&range=66122-142298&rn=4&rbuf=4625
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:14::a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
fe5ec1c126ea52a12416286fbff46784335a58dd9601441be65c66b494efe19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:40 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76177
client-protocol
quic
last-modified
Sun, 24 Oct 2021 14:26:43 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Thu, 28 Jul 2022 09:33:40 GMT
videoplayback
rr5---sn-5hne6nzk.googlevideo.com/ Frame DD3C 		163 KB
163 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr5---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1659022420&ei=9FfiYsaEIMqd8gPB4LlY&ip=2a03%3A1b20%3A6%3Af011%3A%3A4e&id=o-AMxoCVSbWlw_Qq1GOLQHfU8i-8nuzTyPXKXtZiMvMF1H&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=3D&mm=31%2C26&mn=sn-5hne6nzk%2Csn-5goeen7k&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=1330000&spc=lT-Khu4p8U_oMFR5gtGddBa4O4nxINU&vprv=1&mime=video%2Fwebm&ns=HDWos6R3_MvE6jYFdmDoz_4H&gir=yes&clen=4462236&dur=184.840&lmt=1635085626326901&mt=1659000530&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=W9Ee18qmuEoLQA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAP2a4mNf_Go2okr1C4wJW3AIb7QZFAJsgwQe5ZQSpmCRAiBp9z-H4sn-m39LvFTuDxqCpWNVDTvZynJpGNvKEbpzxw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgBuVY06zx2JiQZH1EXaQ4TXwKk9w5FteHlxuKHQrum7wCIQCPnegaHcVU7XI90iH5CrlM5wAyGJOqL45tqBEAjk78aQ%3D%3D&alr=yes&cpn=8EoauuGXYIhSM02w&cver=1.20220726.01.00&range=180515-347711&rn=5&rbuf=5120
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:14::a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
28c82f519c3afbffccd8caaf8524bd05122a473bb2efd77fc7101a438e59a0b1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:40 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
167197
client-protocol
quic
last-modified
Sun, 24 Oct 2021 14:27:06 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Thu, 28 Jul 2022 09:33:40 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame DD3C 		98 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32f53e85bca7c6e86aeb3804da0caedb7316903d0a0805e94db1611a9cf3ddb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 28 Jul 2022 09:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 28 Jul 2022 09:33:40 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
videoplayback
rr5---sn-5hne6nzk.googlevideo.com/ Frame DD3C 		128 KB
128 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr5---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1659022420&ei=9FfiYsaEIMqd8gPB4LlY&ip=2a03%3A1b20%3A6%3Af011%3A%3A4e&id=o-AMxoCVSbWlw_Qq1GOLQHfU8i-8nuzTyPXKXtZiMvMF1H&itag=251&source=youtube&requiressl=yes&mh=3D&mm=31%2C26&mn=sn-5hne6nzk%2Csn-5goeen7k&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=1330000&spc=lT-Khu4p8U_oMFR5gtGddBa4O4nxINU&vprv=1&mime=audio%2Fwebm&ns=HDWos6R3_MvE6jYFdmDoz_4H&gir=yes&clen=2769313&dur=184.861&lmt=1635085603547421&mt=1659000530&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=W9Ee18qmuEoLQA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPmeNx43G2AGV1_MpQL6E_ohQnO1t2khfmfCT78q8w_9AiEAkrK1a9VreVRZFZkle8Z3Xg81ACzWC90Vgng6qFiKoIc%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgBuVY06zx2JiQZH1EXaQ4TXwKk9w5FteHlxuKHQrum7wCIQCPnegaHcVU7XI90iH5CrlM5wAyGJOqL45tqBEAjk78aQ%3D%3D&alr=yes&cpn=8EoauuGXYIhSM02w&cver=1.20220726.01.00&range=142299-273328&rn=6&rbuf=10001
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:14::a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
976e520ca979980818011d62ac43c37b75cec5d1ef1a87fd53ad0b3b032949cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:33:41 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131030
client-protocol
quic
last-modified
Sun, 24 Oct 2021 14:26:43 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Thu, 28 Jul 2022 09:33:41 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| ladi_viewport boolean| ladi_is_desktop function| ladi_fbq function| LadiPageScriptV2 object| Base64 object| LadiPageScript object| LadiFormApi function| parseFloatLadiPage function| decodeURIComponentLadiPage function| lightbox_run function| lightbox_iframe function| lightbox_image function| lightbox_video function| LadiPageLibraryV2 function| LadiPageAppV2 function| ladi object| LadiPageApp function| onYouTubeIframeAPIReady function| $ function| jQuery object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytExports object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_

10 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: m6s9xz-578e9e7fa00a33da8a-00w
ads000301494.go.scalef.net/ Name: at_finger_print
Value: 212e22a47f39ec7b8913fe9cad89b99f
sarafine.asite.xyz/ Name: LADI_DNS_CHECK
Value: "2022-07-28 09:33:38.951504053 +0000 UTC m=+17207.013995422"
sarafine.asite.xyz/ Name: LADI_CLIENT_ID
Value: 20ff8a06-8b3f-4b29-7880-c8d32bfc48bb
sarafine.asite.xyz/ Name: LADI_FORM_SUBMIT
Value: 0
sarafine.asite.xyz/ Name: LADI_PAGE_VIEW
Value: 1
sarafine.asite.xyz/ Name: _timenow
Value: 1659000825404
.youtube.com/ Name: YSC
Value: ITcmTZ5BxJ8
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: JMfoR6KkuC8
sarafine.asite.xyz/ Name: d2c_click_id
Value: 5bd7825448e940cc9fede0a73c5d03e9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
ads000301494.go.scalef.net
bit.ly
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
g.ladicdn.com
googleads.g.doubleclick.net
i.ytimg.com
i1-cdn.scalef.net
img.youtube.com
jnn-pa.googleapis.com
rr5---sn-5hne6nzk.googlevideo.com
sarafine.asite.xyz
service-api.accesstrade.vn
shorten.asia
static.doubleclick.net
w.ladicdn.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
13.214.5.92
13.250.169.95
13.250.255.10
138.199.37.229
18.138.175.90
2001:4de0:ac18::1:a:1b
2600:9000:206e:c200:0:e30c:c340:93a1
2a00:1450:4001:800::2016
2a00:1450:4001:801::2003
2a00:1450:4001:801::200a
2a00:1450:4001:803::2004
2a00:1450:4001:809::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:828::2006
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:400e:14::a
3.1.52.184
52.77.0.178
67.199.248.10
0201d2825e32e7b9d32815fe94e619cc158b1c9a65b7a711a6666e71f22c1c25
05c6ee85b7627d98f2689885712b267cf078f903d1087a438df26f58a79a2fb7
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
11d6f0979291db740ea8120162f168e03ad0383ca122fba0d3c9046c76087cad
122dec05dfb3c3ed5a11b40c7c9b6d6698fa2c9dcf701cc6b38058e89b08bc2d
126a7f1527363ca12ba70485e469f9cf583b319537a76cfded51a20f52128be5
1adfba81173a386158ddfdc8390a5e0e84e27a92bb23a11f550c7e0d93f741a4
1d5b2220951d8e45cc8b0f992b59cdff89926d2d6ada34acd28f9de62628b719
28c82f519c3afbffccd8caaf8524bd05122a473bb2efd77fc7101a438e59a0b1
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
32f53e85bca7c6e86aeb3804da0caedb7316903d0a0805e94db1611a9cf3ddb6
333c385f1afe99ad2f9c25f1cb0bff7bdcf017a2cd4c025bf6cb0238da22217d
3bbb408727c2554198f81abd63e4283ebe8e9da39e2541482bab9013e1a3fde1
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3d58bdfc9d7ec30ad27b69b7b778cf94aa644a4d357542a5c30d758182ef4125
3e1fcbc11e41165441d30726387c3f1ea298fe196c6e7d08e5393af7abb3ab67
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f79d6564067d847cea0ab32624f0db3a4a3a4a0daedee4e5efbad531c88fac
45b66b55c1add1732590e85554d130bf16e569604d8ed286fe68068708fbe0c9
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843
561786bfe976ac76f3f759f04d6868ffe0ce3d8da822fad80a31f7760f5f633d
623ead29ba3bcbebd36b493f6cf62071d003333d8a54d71bcfeccd90ef9ee3e7
629a05834f733f098a9b495b98e82e90d761f376c1fb4466dcd9bc5c1f66e995
64617037040aa2a42e350b01e3b753ac94f13ed34bab0693510f0a109b13c9d6
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a5b0c7a4124722168af0172ad3cf55d851421014726549e1ace73480b3217e3
74983bfb9a159887f14e49ddf837e1dfcc9707700d77c9caecfd1cc15d3d1a9b
7798d605df9f2d3ff7ce2fb2017c7a0fbd3e9a753a71b8ba89e90b143634be87
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
7f6aca88d62da7999c9c4e9222480f26a057159338787f0238f668278e3446d2
7fc6e1de163dee47f538879c1163c8d22c93bf5d6b70e0757abed3f86446f1b7
7ffd35532dbce923eaf27285a4a5b19837f3ef3988b20bdf1f7919924c8281f0
8722f97a0b10b306b5620ed65f3d984b45ef368875b9594348320123369917d6
89d12d4c3f4be2fffd2f1490521e7d7fdb6f5e5c1108a6fd7c6ae4ac95debfd5
976e520ca979980818011d62ac43c37b75cec5d1ef1a87fd53ad0b3b032949cd
9b53587af6a12f7fad3bfad6b7b54c87e617be23251df237e82aab784bbdbc36
9ded0bb5abaface50de91235f0efb29bb16541560b0c71458d49a740777808a2
a53c77da843db322153c341b3530ab230de6a58da9eed3533d377552a479e9ef
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
aa69c3dca43011245c7d9be1c3c9f88e1310596001511414f27dddbeb55911ff
ac956246af4b550f447af02912612cb65226870f77339c9cfa5742ce46a864a2
ad8893835fcdd6842144e3188825955f97aa2440ed8a625ddc0a356683d4cc9d
b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95
b76b80cb8d205a887a5d5d72b6179eb97e637b001d3360ac935b96b92796ecc5
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12
cdf280f70a1b4ee57e3451e5aecb0d56269e5feec54513bed76598df05acabdf
ceaf3edc52169b724417f08945de3fe219e8679b7766f9504d86ba2ab52d13d0
d1b7889978944d05819617952ff47a24a1cb5afa9d4c076d4109e63b76d06b02
d494f08d40704cc8562479d44dcd96c5e2097899d3c95c0c1b07c7fce2f57d10
d4a14036c816c164615f500ed003e46c581cd9bc0a591be14c0faae512b87ae9
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
da475d942355f1ea55c4eae9799b5b47115576899897f920a3dcb797447ec81e
da7f7d30807e144836e3cccf8fc43591e2fa9c098f91a8b084ac4bc6c94d4882
db78d4a79d636ad4eb4a88bc0cf03750e699e862eb0444194f349dfcba22213b
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cbe2b4d3920820cff306869dc8e6850f8356a7b8dd52e826b3c8de9bd98804
ea47d4a8cac8c0b2c2fcf2469397a9da7602cc9c9dc492bdbb0825f7d21a62e6
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee6428dc15beb065bef14ce4cbab92a469d0fccfa20ec5b05455775e77a05b39
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f305859475a205c63122611e72115295022575cd2f0eb3f89f5ae6a8702d7305
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9356ece164dd0260109c2eb9dcbf97f592b9471dc9fd9704a972ee44774e509
fb599e114d2bc2f901597ac2b6cbf99e6e6e7de9501a5c1a600ea2d6bad68d91
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fe5ec1c126ea52a12416286fbff46784335a58dd9601441be65c66b494efe19c
ff49193961823042609f9a392dda2d1eb41f751f567ba54413f21a837b07c725