tryfungosem.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.bonebrothdietfast.com/?t=c&ids=NTc2NDQ3OTA3__NjYwMQ==__MTE2Nzk4MjEz__OTk0__1320&url=aHR0cHMlM0ElMkYlMkZsaW5rcy5ub3VzaG...
Effective URL:
https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
Submission: On April 26 via api (April 26th 2023, 8:47:08 pm UTC) from BE — Scanned from DE

Summary HTTP 68 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 15 domains to perform 68 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is tryfungosem.com.
TLS certificate: Issued by GTS CA 1P5 on April 19th 2023. Valid for: 3 months.

This is the only time tryfungosem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	172.105.251.66 172.105.251.66	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	139.162.156.95 139.162.156.95	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 14	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1 3	2606:4700:310... 2606:4700:3108::ac42:288d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
1	2606:4700:310... 2606:4700:3108::ac42:28ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:66::a	15169 (GOOGLE) (GOOGLE)
68	18

1 172.105.251.66 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: vsrv379.armadaservers.com

click.bonebrothdietfast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.162.156.95 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: vsrv494.armadaservers.com

links.noushealthy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tryfungosem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3108::ac42:288d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

display.buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:28ea (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube-nocookie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:66::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr5---sn-4g5e6nze.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	youtube-nocookie.com www.youtube-nocookie.com — Cisco Umbrella Rank: 4355	908 KB
14	tryfungosem.com 1 redirects tryfungosem.com	584 KB
8	gstatic.com fonts.gstatic.com	123 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 607 fonts.googleapis.com — Cisco Umbrella Rank: 119 jnn-pa.googleapis.com — Cisco Umbrella Rank: 310	38 KB
5	googlevideo.com rr5---sn-4g5e6nze.googlevideo.com — Cisco Umbrella Rank: 64729	1 MB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 region1.google-analytics.com — Cisco Umbrella Rank: 1718	66 KB
4	buygoods.com 1 redirects display.buygoods.com — Cisco Umbrella Rank: 212360 tracking.buygoods.com — Cisco Umbrella Rank: 165916 www.buygoods.com — Cisco Umbrella Rank: 243354 buygoods.com — Cisco Umbrella Rank: 127086	9 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	205 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 209	6 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	64 KB
2	noushealthy.com links.noushealthy.com	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 16	14 KB
1	ravenjs.com cdn.ravenjs.com — Cisco Umbrella Rank: 10987	11 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 997	30 KB
1	bonebrothdietfast.com click.bonebrothdietfast.com	390 B
68	15

	Domain	Requested by
15	www.youtube-nocookie.com	www.youtube.com www.youtube-nocookie.com
14	tryfungosem.com	1 redirects links.noushealthy.com tryfungosem.com
8	fonts.gstatic.com	fonts.googleapis.com www.youtube-nocookie.com
5	rr5---sn-4g5e6nze.googlevideo.com	www.youtube-nocookie.com
4	jnn-pa.googleapis.com	www.youtube-nocookie.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	tryfungosem.com www.googletagmanager.com
2	yt3.ggpht.com	www.youtube-nocookie.com
2	www.youtube.com	tryfungosem.com www.youtube.com
2	region1.google-analytics.com	www.googletagmanager.com
2	links.noushealthy.com	links.noushealthy.com
1	www.google.com	www.youtube-nocookie.com
1	buygoods.com	tryfungosem.com
1	www.buygoods.com	1 redirects
1	tracking.buygoods.com	tryfungosem.com
1	fonts.googleapis.com	ajax.googleapis.com
1	cdn.ravenjs.com	tryfungosem.com
1	code.jquery.com	tryfungosem.com
1	display.buygoods.com	tryfungosem.com
1	ajax.googleapis.com	tryfungosem.com
1	click.bonebrothdietfast.com
68	21

This site contains links to these domains. Also see Links.

Domain
www.buygoods.com

Subject Issuer	Validity	Valid
click.bonebrothdietfast.com R3	`2023-02-26` - `2023-05-27`	3 months	crt.sh
*.noushealthy.com R3	`2023-04-22` - `2023-07-21`	3 months	crt.sh
tryfungosem.com GTS CA 1P5	`2023-04-19` - `2023-07-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-08` - `2023-12-08`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
cdn.ravenjs.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-08-30` - `2023-10-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-04-18` - `2023-06-27`	2 months	crt.sh

This page contains 2 frames:

Primary Page: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
Frame ID: 595AC4EA591599B99B40A535FA4FECE5
Requests: 39 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/6P3iFIavHKI?autoplay=1&cc_lang_pref=EN&cc_load_policy=1&controls=0&disablekb=1&fs=0&playsinline=1&rel=0&modestbranding=1&iv_load_policy=3&showinfo=0&wmode=transparent&origin=https%3A%2F%2Ftryfungosem.com&enablejsapi=1&widgetid=1
Frame ID: A7AF9CC78F15981D807820B8FBDF015A
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FungoSem - Fight Off All Intrusive Fungus In Your Body.

Page URL History Show full URLs

https://click.bonebrothdietfast.com/?t=c&ids=NTc2NDQ3OTA3__NjYwMQ==__MTE2Nzk4MjEz__OTk0__1320&url=aHR0cHMlM0ElMk... Page URL
https://links.noushealthy.com/kd25 Page URL
https://tryfungosem.com/fsbg-xpa-xbn/?aff_id=230&subid=3apagiop0425fungosem HTTP 302
https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425... Page URL

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Checkout

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

68
Requests

99 %
HTTPS

88 %
IPv6

15
Domains

21
Subdomains

18
IPs

3
Countries

3487 kB
Transfer

6997 kB
Size

17
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.buygoods.com/secure/checkout.html?sessid2=sessid20230426204728054&aff_id=230&sid=3apagiop0425fungosem&account_id=7148&product_codename=FSM01&redirect=aHR0cHM6Ly90cnlmdW5nb3NlbS5jb20vZnNiZy14cGEteGJuL3UxLWEucGhw
Title: ADD TO CART

Search URL Search Domain Scan URL

URL: https://www.buygoods.com/secure/checkout.html?sessid2=sessid20230426204728054&aff_id=230&sid=3apagiop0425fungosem&account_id=7148&product_codename=FSM06&redirect=aHR0cHM6Ly90cnlmdW5nb3NlbS5jb20vZnNiZy14cGEteGJuL3UxLWEucGhw
Title: ADD TO CART

Search URL Search Domain Scan URL

URL: https://www.buygoods.com/secure/checkout.html?sessid2=sessid20230426204728054&aff_id=230&sid=3apagiop0425fungosem&account_id=7148&product_codename=FSM03&redirect=aHR0cHM6Ly90cnlmdW5nb3NlbS5jb20vZnNiZy14cGEteGJuL3UxLWEucGhw
Title: ADD TO CART

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.bonebrothdietfast.com/?t=c&ids=NTc2NDQ3OTA3__NjYwMQ==__MTE2Nzk4MjEz__OTk0__1320&url=aHR0cHMlM0ElMkYlMkZsaW5rcy5ub3VzaGVhbHRoeS5jb20lMkZrZDI1 Page URL
https://links.noushealthy.com/kd25 Page URL
https://tryfungosem.com/fsbg-xpa-xbn/?aff_id=230&subid=3apagiop0425fungosem HTTP 302
https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://www.buygoods.com/images/buygoods_black.png HTTP 301
https://buygoods.com/images/buygoods_black.png

68 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
click.bonebrothdietfast.com/ 82 B
390 B 182ms
155ms Document
text/html 172.105.251.66
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://click.bonebrothdietfast.com/?t=c&ids=NTc2NDQ3OTA3__NjYwMQ==__MTE2Nzk4MjEz__OTk0__1320&url=aHR0cHMlM0ElMkYlMkZsaW5rcy5ub3VzaGVhbHRoeS5jb20lMkZrZDI1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.105.251.66 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv379.armadaservers.com

Software

nginx /

Resource Hash

210b0114b95bb07f894a98abee5395346b7dd7c33152ef2040e320a7d11c6c69

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 26 Apr 2023 20:47:03 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H2 200 kd25 Show response
links.noushealthy.com/ 665 B
1 KB 1162ms
1023ms Document
text/html 139.162.156.95
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://links.noushealthy.com/kd25

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.162.156.95 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv494.armadaservers.com

Software

nginx /

Resource Hash

b0cc772c80a187470a831e8fff845eb026bd8b7e7b91ea7d63e1f6e11a21918f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://click.bonebrothdietfast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=UTF-8
date: Wed, 26 Apr 2023 20:47:04 GMT
expires: Mon, 07 Jul 1777 07:07:07 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-redirect-powered-by: Pretty Link Executive 3.4.1 http://prettylink.com
x-robots-tag: noindex, nofollow
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H2 200 javascript-redirect.js Show response
links.noushealthy.com/wp-content/plugins/pretty-link/pro/js/ 99 B
464 B 10ms
9ms Script
application/javascript 139.162.156.95
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://links.noushealthy.com/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.4.1

Requested by

Host: links.noushealthy.com
URL: https://links.noushealthy.com/kd25

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.162.156.95 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv494.armadaservers.com

Software

nginx /

Resource Hash

ed8fa1ff8b55dd19225f59a5e74520a8b20206c2f6d354e1e6f0e5881d93fe4a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://links.noushealthy.com/kd25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Fri, 26 May 2023 20:47:04 GMT
date: Wed, 26 Apr 2023 20:47:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 22 Apr 2023 11:53:20 GMT
server: nginx
x-server-powered-by: Engintron
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 99
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2

200

Primary Request index.php Show response
tryfungosem.com/fsbg-xpa-xbn/
Redirect Chain

https://tryfungosem.com/fsbg-xpa-xbn/?aff_id=230&subid=3apagiop0425fungosem
https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem

82 KB
26 KB

129ms
128ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
Requested by: Host: links.noushealthy.com
URL: https://links.noushealthy.com/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.4.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a20bbd75fc15dcf4cc783aada6229946dfba6755a18c62122d12494b76afd7

Request headers

Referer: https://links.noushealthy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7be1adc7bf1937c8-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 26 Apr 2023 20:47:05 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZO1hR459Jjm3IAoc0v1auEpTCLKX90JdWyZcqTDGt15F01P%2Fxw0U8C%2FD7dPEORzmPKbO2Z%2F8VeKgb%2Fb4d1fi3WYliwhWID%2FNPUjnXhx64teXHWpVcB3b8jVDS9P19r587lUTRXfNaOoKUzij%2FBw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7be1adc64d1f37c8-FRA
content-type: text/html; charset=UTF-8
date: Wed, 26 Apr 2023 20:47:04 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3x47c4Xf1BSi7zOeArRnn%2FsqdBGsdTI%2BisAiJadyEwq7jHU2HWHmZkz7QuqxJ7T1gcQ2KkJ%2BiR4jTJz7nQa%2B11fJcBWpy6EJmX%2FYaiRE3iHuj%2FAT%2BQ7fcCRx7rH%2BpKPSCIickN8fSb7oijv3XQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 49ms
25ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-131822362-22

Requested by

Host: tryfungosem.com
URL: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf85a2b5735f40b2588d22e0367541d74b3fcdbac22d78bb19ab25ef10ba2e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61823
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 19:05:22 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Apr 2023 20:47:05 GMT

GET
H3 200 normalize.css
tryfungosem.com/assets/css/ 2 KB
1 KB 253ms
252ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryfungosem.com/assets/css/normalize.css
Requested by: Host: tryfungosem.com
URL: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77fdd8416fc2d407eacd148dfea6e7131816d0333df6097e6485ba2a3b0775be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Wed, 16 Feb 2022 16:47:25 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=7772
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5WvWlAnaayrqBsCnZstoNTETy3nclGn2hGuEuOSgfQ21V7HaOQRMSIPkiNaFH3cI0MfEm%2Fit9JFZImAO64bw9NJ%2FXj%2Fxy%2F53TQSzoZU%2BMRS4wcwGfAagB1A6v4yPhPTftS6VOq%2FH0U4QyqipC4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7be1adc88dab90ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 webflow.css
tryfungosem.com/assets/css/ 29 KB
8 KB 234ms
233ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryfungosem.com/assets/css/webflow.css
Requested by: Host: tryfungosem.com
URL: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abe863de43fddf9de30804ca27a78b351e7e5b50791f0533e8c86773fa880dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Wed, 16 Feb 2022 16:47:25 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=39069
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FEUDccB10wIvu7eKT0aDHe0X%2FNCUIR6LDrDnzsEAp0SHl%2FTgD4LMwQCpiA2s2w0yWNbigG9ZsteGNKY7S6xazwN4tt%2FIWFPT6p4oe6Iwl2tANC4NApJregYTUORU9l8WrRH2r%2Bl0v%2BN5hcayXg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7be1adc88dac90ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fungosem.css
tryfungosem.com/assets/css/ 88 KB
9 KB 239ms
239ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryfungosem.com/assets/css/fungosem.css?v=1.2
Requested by: Host: tryfungosem.com
URL: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 131314f89e6887b85114ac9696a768c06421052c5536c5066a1592b98f7a45a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Tue, 12 Apr 2022 17:39:40 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=114169
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eh13O1PfQ%2Fv%2FXg25wVry00jWa17gtWNxjzC%2FP8%2Fwru4dfRy%2FJd0363%2BCQP7jVkjuMyBIz61Jz8I47yAf%2F5BRoKbmQ9m6g1jbhdhbhESs3kexYVLQypOWCgIdcQbHYDYcZ%2Bj%2Fl4yJPliwcH5oyfs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7be1adc88dad90ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 48ms
11ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: tryfungosem.com
URL: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Apr 2024 03:27:07 GMT

GET
H3 200 FUNGOSEMx1-500px.png
tryfungosem.com/assets/images/ 81 KB
82 KB 225ms
224ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tryfungosem.com/assets/images/FUNGOSEMx1-500px.png
Requested by: Host: tryfungosem.com
URL: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de8f444da981c9d26bac27fd47f3380a98e7bf44170ac02ac2fa6f324e936260

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:05 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 16 Feb 2022 16:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhVHgq8%2BnxRlWSVzrixWaYlhzF%2FNSZfDleCLVyis4VLwmVO1OsKzogaV3W%2F%2Fjqbt5wuA85xp3Ts4cxkjIvKhwlfNhgpu2qp5kq9cmT%2B9kBRVXAc49LEvGggYBoVW0QiNlg3%2FFDFgMMbs38nNHqU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7be1adca3f5190ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 82984

GET
H3 200 FUNGOSEMx6-500px.png
tryfungosem.com/assets/images/ 186 KB
186 KB 249ms
247ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tryfungosem.com/assets/images/FUNGOSEMx6-500px.png
Requested by: Host: tryfungosem.com
URL: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b0ec431977d095fe64f082e17b5f082466c5add2747c3ef1f1223e1ee022af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:05 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 21 Mar 2022 15:31:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jF3AzWnxfvAqBtxLFbtQNEnCZvdNu6G7KaFbCn5f0zyw5wAfQ%2BnEoQelRZsX%2BgbusdzbC6upQpJZSmZDHL79ZsQmUavVzu2ST6te0R2pfVmSIpYgzygOlsDwCmTcKpjU1%2F3JAvSyNhihf6wsV8g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7be1adca3f5290ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 190332

GET
H3 200 FUNGOSEMx3-500px.png
tryfungosem.com/assets/images/ 136 KB
136 KB 259ms
257ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tryfungosem.com/assets/images/FUNGOSEMx3-500px.png
Requested by: Host: tryfungosem.com
URL: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acbe478065fd2671e924caa46a705ab23227f64cc50087bcc00f3ffe949aaeea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:05 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 16 Feb 2022 16:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5TYrg9qNkhieFuTsglualww6JNW3EcRPsfqkrxVhbt2xCNu8Ol4qBr3ZPPyoqn4fi1wftccEFMbVUD72Qgspvazs1p7pWR3TSF%2Bc3ksXu5Wh9pZF%2BwVhlKiG3ulGIMh%2F6LdfF4H%2F8Sr5D8rFV4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7be1adca3f5490ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 138908

GET
H3 200 email-decode.min.js Show response
tryfungosem.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 22ms
22ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tryfungosem.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: tryfungosem.com
URL: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 21 Apr 2023 12:39:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6442841a-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wV3tt76c28sehu08QiSD%2BPq46t%2FaI1QRoQSRb5TTwpimGojemf1jbWxr80%2FkWkUhL2rojz7OK8aBgyeivylb%2Fma4e7mQ2ZYQftpdbo1w%2FaZGAbrI7CWmtjqTscYxj%2FpoEsiY2WI7amU9NEkXfto%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7be1adca2f3c90ef-FRA
expires: Fri, 28 Apr 2023 20:47:05 GMT

GET
H2 200 disclaimer Show response
display.buygoods.com/v1/ 1 KB
2 KB 788ms
734ms Script
text/plain 2606:4700:3108::ac42:288d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=7148

Requested by

Host: tryfungosem.com
URL: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:288d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b13361361dead3e8f8e37c273ea784761ba62008f9a6775fa36ff671302a3236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:06 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
cf-ray: 7be1adca78a3918c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
73 KB 43ms
41ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N01EWCGKPZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131822362-22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b9effc64f3b9cb7d349d1be38fc5d018300f574b12b5df201c993b843535462

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74499
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 26 Apr 2023 20:47:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
72 KB 36ms
34ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BDPT9RCPX0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131822362-22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0bae1503b748427333ca3639d6e9aac7ce6fba4718c7009f403c65c5448ba6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73146
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 26 Apr 2023 20:47:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 36ms
9ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131822362-22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Apr 2023 20:35:44 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 681
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 26 Apr 2023 22:35:44 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 57ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: tryfungosem.com
URL: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://tryfungosem.com/
Origin: https://tryfungosem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:05 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-15d84"
vary: Accept-Encoding
x-hw: 1682542025.dop055.fr8.t,1682542025.cds321.fr8.hn,1682542025.cds327.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H3 200 yt.js Show response
tryfungosem.com/assets/js/ 4 KB
2 KB 225ms
223ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryfungosem.com/assets/js/yt.js
Requested by: Host: tryfungosem.com
URL: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c27099adea072870ffe13f2b900183e3902d64239a1d2ed6540f4251d85af54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Tue, 26 Jul 2022 13:30:18 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=5456
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkbjlYur9xYh%2FYNuLNHXZrl7YB3UiKem5XcIk9RpdDR5CY51kuvt%2Fu%2FvwecwZ2aK%2Fb%2FUR1hWSYxFpOShwjaNYuXM%2F04Hu7DvGkuIZOsO0hL0X%2FWdmN2pc%2BYypSqcbirn0ZIskgicfhrBJ%2F1TJCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7be1adca3f4c90ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 webflow.js Show response
tryfungosem.com/assets/js/ 177 KB
56 KB 243ms
241ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryfungosem.com/assets/js/webflow.js
Requested by: Host: tryfungosem.com
URL: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 270d752d6736a4413c963d5bc28f7fac208eb2e7918d1750abbf487d77a80133

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Wed, 16 Feb 2022 16:47:25 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=181316
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6hr8SnT2SikbSwBu%2FKfNxJ%2FWJPTaPrFIQDymuF1YKqeUIkVWYb0GbTM7fFj42%2BAWimCN%2F1sunx8lEtH72txBzlq5e6Szm29qbWbfnha6mR554EPSsFJ2bOQSK8E3ESguH0bm%2BzXTccQuFwZd8k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7be1adca3f4d90ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 accordion.js Show response
tryfungosem.com/assets/js/ 987 B
849 B 234ms
232ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryfungosem.com/assets/js/accordion.js
Requested by: Host: tryfungosem.com
URL: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1650045c1d458e96e909a1c7a2536b56f2e33e6b4bc84b8413869a6ead9ad556

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Wed, 16 Feb 2022 16:47:25 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1710
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKwcqgLfKWthp1OFeV5v5AmAHsgfD1sdfA6LIkNba5yOFdDnKHHYnD1H7nGz5znCzzrTEClVrxVVdW7wvfj%2B6PW7QK536qn86%2F%2BAoevetpnPpgAsbM%2FHVYvfgR1yLnyFGgfE7%2B0OCj7C6rrvWaE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7be1adca3f4f90ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.22.3/ 28 KB
11 KB 44ms
12ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.22.3/raven.min.js
Requested by: Host: tryfungosem.com
URL: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: e3a3611ec00f56101effa6e34d814e8311783179e3bed23cd74c90f92ba9667f

Request headers

Referer: https://tryfungosem.com/
Origin: https://tryfungosem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:05 GMT
content-encoding: gzip
last-modified: Tue, 13 Feb 2018 10:14:13 GMT
server: Fastly
age: 60330
etag: "fa070961d2a2647811b3c79fd72499f3"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 10752

GET
H2 200 css
fonts.googleapis.com/ 36 KB
1 KB 19ms
19ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CPoppins:200,regular,700,900

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

553b18c5fd5f0642b3a16fb5909e3a6b8837b71ab5f4f089a309dd35f7bece74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Apr 2023 20:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 20:47:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Apr 2023 20:47:05 GMT

GET
H2 200 / Show response
tracking.buygoods.com/track/ 7 KB
2 KB 446ms
369ms Script
application/javascript 2606:4700:3108::ac42:28ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.buygoods.com/track/?a=7148&firstcookie=0&tracking_redirect=&referrer=https%3A%2F%2Flinks.noushealthy.com%2F&sessid2=&product=FSM01,FSM06,FSM03&caller_url=https%3A%2F%2Ftryfungosem.com%2Ffsbg-xpa-xbn%2Findex.php%3Fsessid%3DMTY4Mjg4NzYyNA%3D%3D%26aff_id%3D230%26subid%3D3apagiop0425fungosem
Requested by: Host: tryfungosem.com
URL: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f44df2bcb224516421814385ab13b0bb7559fb8f852a7e349e03235d3c3f4cc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 20:47:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control: no-cache, must-revalidate
cf-ray: 7be1adcaac0203c4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, Jan 12 1999 01:01:01 GMT

GET
H3 404 Logo.png
tryfungosem.com/assets/images/ 315 B
315 B 255ms
255ms Image
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tryfungosem.com/assets/images/Logo.png
Requested by: Host: tryfungosem.com
URL: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:05 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbLJyFhVg7kXsDfekEsKeOEB06QENY3MEGjmzcXcdusq2WUY4KxkHlra%2FaSwVXqCPOyA5zU5liocVYoj4En%2BbPDcXdSo2v9VBYQSvG9PqD%2BFtDweXtq1d7Ura1VpqiHPIkmlaFor2IKuFIBc8n8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7be1adca4f6390ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 39ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CPoppins:200,regular,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tryfungosem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 18:31:37 GMT
x-content-type-options: nosniff
age: 353728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 18:31:37 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v25/ 31 KB
31 KB 47ms
17ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tryfungosem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:07:57 GMT
x-content-type-options: nosniff
age: 412748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31760
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 02:07:57 GMT

GET
H2 200 pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 52ms
23ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f0c572590421075878908e0b380c5a6d404f72aa7d6d125385943be658f8399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tryfungosem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:06:27 GMT
x-content-type-options: nosniff
age: 398438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7932
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:10:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 06:06:27 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 52ms
24ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tryfungosem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:52:39 GMT
x-content-type-options: nosniff
age: 399266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 05:52:39 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 50ms
22ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tryfungosem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:41:35 GMT
x-content-type-options: nosniff
age: 363930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 15:41:35 GMT

GET
H2 200 pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 7 KB
8 KB 50ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tryfungosem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:26 GMT
x-content-type-options: nosniff
age: 499299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7632
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:09:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:26 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 114 KB
45 KB 234ms
234ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-W39LD24&t=gtag_UA_131822362_22&cid=1697382814.1682542025

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7f0394a6e917078a41c91d002bdfbf195aaec25bb5a29c15c173c7d9f849730

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45430
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 19:05:22 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Apr 2023 20:47:05 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
245 B 38ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BDPT9RCPX0&gtm=45je34j0&_p=1627211536&cid=1697382814.1682542025&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682542025&sct=1&seg=0&dl=https%3A%2F%2Ftryfungosem.com%2Ffsbg-xpa-xbn%2Findex.php%3Fsessid%3DMTY4Mjg4NzYyNA%3D%3D%26aff_id%3D230%26subid%3D3apagiop0425fungosem&dr=https%3A%2F%2Flinks.noushealthy.com%2F&dt=FungoSem%20-%20Fight%20Off%20All%20Intrusive%20Fungus%20In%20Your%20Body.&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BDPT9RCPX0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 20:47:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tryfungosem.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 16ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N01EWCGKPZ&gtm=45je34j0&_p=1627211536&cid=1697382814.1682542025&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682542025&sct=1&seg=0&dl=https%3A%2F%2Ftryfungosem.com%2Ffsbg-xpa-xbn%2Findex.php%3Fsessid%3DMTY4Mjg4NzYyNA%3D%3D%26aff_id%3D230%26subid%3D3apagiop0425fungosem&dr=https%3A%2F%2Flinks.noushealthy.com%2F&dt=FungoSem%20-%20Fight%20Off%20All%20Intrusive%20Fungus%20In%20Your%20Body.&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N01EWCGKPZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 20:47:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tryfungosem.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
14ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1627211536&t=pageview&_s=1&dl=https%3A%2F%2Ftryfungosem.com%2Ffsbg-xpa-xbn%2Findex.php%3Fsessid%3DMTY4Mjg4NzYyNA%3D%3D%26aff_id%3D230%26subid%3D3apagiop0425fungosem&dr=https%3A%2F%2Flinks.noushealthy.com%2F&ul=en-us&de=UTF-8&dt=FungoSem%20-%20Fight%20Off%20All%20Intrusive%20Fungus%20In%20Your%20Body.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACUADRAAAACAAI~&jid=99406349&gjid=1105632891&cid=1697382814.1682542025&tid=UA-131822362-22&_gid=230048259.1682542025&_r=1&gtm=457e34j0&jsscut=1&z=1342118141

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tryfungosem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 20:47:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tryfungosem.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

buygoods_black.png
buygoods.com/images/
Redirect Chain

https://www.buygoods.com/images/buygoods_black.png
https://buygoods.com/images/buygoods_black.png

4 KB
5 KB

30ms
20ms

Image
image/webp

2606:4700:3108::ac42:288d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buygoods.com/images/buygoods_black.png

Requested by

Host: tryfungosem.com
URL: https://tryfungosem.com/fsbg-xpa-xbn/index.php?sessid=MTY4Mjg4NzYyNA==&aff_id=230&subid=3apagiop0425fungosem

Protocol

Server

2606:4700:3108::ac42:288d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33123ac79fae6dd7ea03a3b2d7784cbac68cb4e4ca4527d570fdc8a628210159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:06 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 27083
cf-polished: origFmt=png, origSize=9596
content-disposition: inline; filename="buygoods_black.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4492
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Sep 2017 06:30:00 GMT
server: cloudflare
etag: "59b77ee8-257c"
vary: Accept
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7be1add29bf4918c-FRA
expires: Sat, 23 Apr 2033 20:47:06 GMT

Redirect headers

date: Wed, 26 Apr 2023 20:47:06 GMT
cf-cache-status: HIT
server: cloudflare
vary: Accept-Encoding
location: https://buygoods.com/images/buygoods_black.png
cache-control: public, max-age=14400
cf-ray: 7be1adcf3f60918c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Thu, 27 Apr 2023 00:47:06 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 51ms
25ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: tryfungosem.com
URL: https://tryfungosem.com/assets/js/yt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8bab85b95f89aa7f5c373fa5efc3302de8591b891ae12025fbf85cf5ebe9f9d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 26 Apr 2023 20:47:06 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/73d31b49/www-widgetapi.vflset/ 184 KB
62 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/73d31b49/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a31750b13ae0d33b406c8aec9180493c556adc363a23224d6a7201cac96694f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 937
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63019
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 00:12:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 25 Apr 2024 20:31:29 GMT

GET
H2 200 6P3iFIavHKI Show response
www.youtube-nocookie.com/embed/ Frame A7AF 73 KB
30 KB 60ms
59ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/6P3iFIavHKI?autoplay=1&cc_lang_pref=EN&cc_load_policy=1&controls=0&disablekb=1&fs=0&playsinline=1&rel=0&modestbranding=1&iv_load_policy=3&showinfo=0&wmode=transparent&origin=https%3A%2F%2Ftryfungosem.com&enablejsapi=1&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/73d31b49/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64dbbcce9d3358110695eb93e6921987eacbc122c109903db04a97c8d2e32376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tryfungosem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 20:47:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmDnk0SIEsH4Bi0uvITor+113VdZiHamGsT0EG6UHXgEXROwfKYSeE1NWAqwKRr6CFPJ/xqXmMgs+r58fAMEMQgAAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube-nocookie.com/s/player/73d31b49/ Frame A7AF 399 KB
51 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/73d31b49/www-player.css

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/6P3iFIavHKI?autoplay=1&cc_lang_pref=EN&cc_load_policy=1&controls=0&disablekb=1&fs=0&playsinline=1&rel=0&modestbranding=1&iv_load_policy=3&showinfo=0&wmode=transparent&origin=https%3A%2F%2Ftryfungosem.com&enablejsapi=1&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ea0a01f96c3798625cef6b11e6b056ada0164538b579787a6111c404b92a480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/6P3iFIavHKI?autoplay=1&cc_lang_pref=EN&cc_load_policy=1&controls=0&disablekb=1&fs=0&playsinline=1&rel=0&modestbranding=1&iv_load_policy=3&showinfo=0&wmode=transparent&origin=https%3A%2F%2Ftryfungosem.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51998
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 00:12:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 23 Apr 2024 14:57:31 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube-nocookie.com/s/player/73d31b49/www-embed-player.vflset/ Frame A7AF 359 KB
110 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/73d31b49/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e1d1d734a67c4e0867b34bdbb37d011784095fb20afe60a792805da6efc754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/6P3iFIavHKI?autoplay=1&cc_lang_pref=EN&cc_load_policy=1&controls=0&disablekb=1&fs=0&playsinline=1&rel=0&modestbranding=1&iv_load_policy=3&showinfo=0&wmode=transparent&origin=https%3A%2F%2Ftryfungosem.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112547
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 00:12:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 23 Apr 2024 14:57:31 GMT

GET
H3 200 base.js Show response
www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/ Frame A7AF 2 MB
623 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23633def502d33211ef1adb1325b756eb489f02be5f152ac1df472cc6d534432

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/6P3iFIavHKI?autoplay=1&cc_lang_pref=EN&cc_load_policy=1&controls=0&disablekb=1&fs=0&playsinline=1&rel=0&modestbranding=1&iv_load_policy=3&showinfo=0&wmode=transparent&origin=https%3A%2F%2Ftryfungosem.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 637326
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 00:12:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 23 Apr 2024 14:57:31 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube-nocookie.com/s/player/73d31b49/fetch-polyfill.vflset/ Frame A7AF 9 KB
3 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/73d31b49/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/6P3iFIavHKI?autoplay=1&cc_lang_pref=EN&cc_load_policy=1&controls=0&disablekb=1&fs=0&playsinline=1&rel=0&modestbranding=1&iv_load_policy=3&showinfo=0&wmode=transparent&origin=https%3A%2F%2Ftryfungosem.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 00:12:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 23 Apr 2024 14:57:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A7AF 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:24:03 GMT
x-content-type-options: nosniff
age: 339783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 22:24:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A7AF 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:41:31 GMT
x-content-type-options: nosniff
age: 338735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 22:41:31 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 42ms
15ms Preflight
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube-nocookie.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 26 Apr 2023 20:47:06 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A7AF 66 KB
30 KB 27ms
26ms XHR
application/json+protobuf 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4c6bc74019d15ca7dad83034ec07201527072c94c1588e50051fd0196f7d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube-nocookie.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 26 Apr 2023 20:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30844
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube-nocookie.com/youtubei/v1/ Frame A7AF 59 KB
23 KB 78ms
78ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

584e1199673e3737b083969771b609abfc2499859a6f038f5a81f4323cb37b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube-nocookie.com/embed/6P3iFIavHKI?autoplay=1&cc_lang_pref=EN&cc_load_policy=1&controls=0&disablekb=1&fs=0&playsinline=1&rel=0&modestbranding=1&iv_load_policy=3&showinfo=0&wmode=transparent&origin=https%3A%2F%2Ftryfungosem.com&enablejsapi=1&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230423.00.00
X-Goog-Visitor-Id: CgtGODgyQjlfR0hSOCjKm6aiBg%3D%3D

Response headers

date: Wed, 26 Apr 2023 20:47:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23600
x-xss-protection: 0
expires: Wed, 26 Apr 2023 20:47:06 GMT

GET
H2 200 bPE89HDH-V4wnA2wrUoYzsMhnZJxcfZA3FCGYAqq1aQ.js Show response
www.google.com/js/th/ Frame A7AF 36 KB
14 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/bPE89HDH-V4wnA2wrUoYzsMhnZJxcfZA3FCGYAqq1aQ.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cf13cf470c7f95e309c0db0ad4a18cec3219d927171f640dc5086600aaad5a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 18:12:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 354867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14280
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 18:12:39 GMT

GET
H3 200 embed.js Show response
www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/ Frame A7AF 29 KB
9 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

766bfadf6eb80390e6a432e6010144b9fb8c3ca474a6f2a7c7ab9cc23d22f8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/6P3iFIavHKI?autoplay=1&cc_lang_pref=EN&cc_load_policy=1&controls=0&disablekb=1&fs=0&playsinline=1&rel=0&modestbranding=1&iv_load_policy=3&showinfo=0&wmode=transparent&origin=https%3A%2F%2Ftryfungosem.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:57:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9042
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 00:12:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 23 Apr 2024 14:57:32 GMT

GET
DATA 200
OK truncated
/ Frame A7AF 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 NlUNSIFvo5wCYcXQ-u4I5THZLnIccH0HJcHijT-zuHJHm1QFIESzhmmPsHnye5GjmTjcE4QXHw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame A7AF 3 KB
3 KB 49ms
9ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/NlUNSIFvo5wCYcXQ-u4I5THZLnIccH0HJcHijT-zuHJHm1QFIESzhmmPsHnye5GjmTjcE4QXHw=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

32e0316859a4252b536c71eb3fd42ad96880f2cd8bb2741b003daf1fa03a0b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 19:38:14 GMT
x-content-type-options: nosniff
age: 4132
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:38:14 GMT

GET
H3 200 unmute.png
tryfungosem.com/assets/images/ 75 KB
75 KB 16ms
15ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tryfungosem.com/assets/images/unmute.png
Requested by: Host: tryfungosem.com
URL: https://tryfungosem.com/assets/css/fungosem.css?v=1.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0926eef5c86ab4152bf3a18aadc4065c29c0482c60e235547b2204e268247773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tryfungosem.com/assets/css/fungosem.css?v=1.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:06 GMT
cf-cache-status: HIT
last-modified: Tue, 12 Apr 2022 16:52:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5001
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OulK4zctiCuhiO3zmjFHi4M2o4oJHg8pq54%2Fq%2FjIdBGLbcVFSd1ISB5HNo6ANKTDkimeahJJ6WA0ft6VdV8zsOpVldzO3zJu4GGD%2F%2F1Fz1mJ7%2BSNpIyk5JCLdjBF4CoKSFBjuD8EnUHrB5aa%2FPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7be1add19e2e90ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76468

GET
H3 204 generate_204
www.youtube-nocookie.com/ Frame A7AF 0
10 B 10ms
10ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube-nocookie.com/generate_204?MJ6yyw
Requested by: Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/6P3iFIavHKI?autoplay=1&cc_lang_pref=EN&cc_load_policy=1&controls=0&disablekb=1&fs=0&playsinline=1&rel=0&modestbranding=1&iv_load_policy=3&showinfo=0&wmode=transparent&origin=https%3A%2F%2Ftryfungosem.com&enablejsapi=1&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/6P3iFIavHKI?autoplay=1&cc_lang_pref=EN&cc_load_policy=1&controls=0&disablekb=1&fs=0&playsinline=1&rel=0&modestbranding=1&iv_load_policy=3&showinfo=0&wmode=transparent&origin=https%3A%2F%2Ftryfungosem.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:47:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 16ms
16ms Preflight
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube-nocookie.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 26 Apr 2023 20:47:06 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A7AF 90 B
133 B 27ms
26ms XHR
application/json+protobuf 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae21a8bfc3d22ea41ab709beaa74202a94517a9ee38fc869d9d0ab13481603d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube-nocookie.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 26 Apr 2023 20:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube-nocookie.com/api/stats/ Frame A7AF 0
17 B 18ms
17ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/api/stats/qoe?fmt=134&afmt=251&cpn=8TLCuP41NTFiPeKB&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24219382%2C24255165%2C24406084%2C24415864%2C24439361%2C24462372%2C24468691%2C24499532%2C24499792%2C24516157%2C24534290%2C24539776%2C39323074&cl=526486891&seq=1&docid=6P3iFIavHKI&ei=yo1JZPajHNqH1gLR54XgCw&event=streamingstats&plid=AAX6Q1fPAHr_AUk_&referrer=https%3A%2F%2Fwww.youtube-nocookie.com%2Fembed%2F6P3iFIavHKI%3Fautoplay%3D1%26cc_lang_pref%3DEN%26cc_load_policy%3D1%26controls%3D0%26disablekb%3D1%26fs%3D0%26playsinline%3D1%26rel%3D0%26modestbranding%3D1%26iv_load_policy%3D3%26showinfo%3D0%26wmode%3Dtransparent%26origin%3Dhttps%253A%252F%252Ftryfungosem.com%26enablejsapi%3D1%26widgetid%3D1&cbr=Chrome&cbrver=112.0.5615.121&c=WEB_EMBEDDED_PLAYER&cver=1.20230423.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.007:B,0.041:S,0.154:S,0.154:S&cat=streaming&cmt=0.007:0.000,0.041:0.000,0.154:0.000&afs=0.153:251::i&vfs=0.154:134:134::r&view=0.154:1080:608&bwe=0.154:130000&bat=0.154:1:1&vis=0.154:0&bh=0.154:0.000

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/6P3iFIavHKI?autoplay=1&cc_lang_pref=EN&cc_load_policy=1&controls=0&disablekb=1&fs=0&playsinline=1&rel=0&modestbranding=1&iv_load_policy=3&showinfo=0&wmode=transparent&origin=https%3A%2F%2Ftryfungosem.com&enablejsapi=1&widgetid=1
X-YouTube-Client-Version: 1.20230423.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtGODgyQjlfR0hSOCjKm6aiBg%3D%3D
X-YouTube-Ad-Signals: dt=1682542026371&flash=0&frm=2&u_tz&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1080%2C608&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 20:47:06 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr5---sn-4g5e6nze.googlevideo.com/ Frame A7AF 195 KB
196 KB 89ms
43ms Fetch
video/mp4 2a00:1450:4001:66::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5e6nze.googlevideo.com/videoplayback?expire=1682563626&ei=yo1JZPajHNqH1gLR54XgCw&ip=2a01%3A4a0%3A2b%3A%3A7&id=o-APqLJlK7uj_zozplcD2kUZdkpJJIwxJela0U0iBpchSe&itag=134&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&mh=Eh&mm=31%2C29&mn=sn-4g5e6nze%2Csn-4g5ednkl&ms=au%2Crdu&mv=m&mvi=5&pl=43&initcwndbps=922500&spc=qEK7B6DKJ_vjrzXNZPlexpaYDkhIozaPBPdWBdXqSA&vprv=1&mime=video%2Fmp4&ns=cTvR2A8NsJUF25WkhS9J6QQN&gir=yes&clen=108202245&dur=2453.750&lmt=1674484247413355&mt=1682541661&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=7oaVaIaihpwZiw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANPa73QHdaZkSDsp5IJiBAB1wYaYi_o_0TwH8StScTzuAiACoyJSVJc59LNi4NxLlirreHti_zzKEpxzWyYtgjKoUw%3D%3D&alr=yes&sig=AOq0QJ8wRQIhAPUSPs4dk-lsdMT5Dcfjj8mXmRS0LAMjUIHgTLesXTkYAiBRbZ7ObqwyLrrtrSnk_4rvjaJ5K4AhCvlY6QtLkxlpBw%3D%3D&cpn=8TLCuP41NTFiPeKB&cver=1.20230423.00.00&range=0-199946&rn=1&rbuf=0&pot=IigquCq-TvGncmnfXv9l_E3Be9JG3niIQutl-0DzR45L0WjfD4tunRn8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:66::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

032457348b7f0d30cb973ae53d6c81116ff20e36b2cc6305ab277dc8fe4fe275

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 20:47:06 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 199947
Last-Modified: Mon, 23 Jan 2023 14:30:47 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
Expires: Wed, 26 Apr 2023 20:47:06 GMT

POST
H/1.1 200
OK videoplayback Show response
rr5---sn-4g5e6nze.googlevideo.com/ Frame A7AF 68 KB
69 KB 77ms
31ms Fetch
audio/webm 2a00:1450:4001:66::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5e6nze.googlevideo.com/videoplayback?expire=1682563626&ei=yo1JZPajHNqH1gLR54XgCw&ip=2a01%3A4a0%3A2b%3A%3A7&id=o-APqLJlK7uj_zozplcD2kUZdkpJJIwxJela0U0iBpchSe&itag=251&source=youtube&requiressl=yes&mh=Eh&mm=31%2C29&mn=sn-4g5e6nze%2Csn-4g5ednkl&ms=au%2Crdu&mv=m&mvi=5&pl=43&initcwndbps=922500&spc=qEK7B6DKJ_vjrzXNZPlexpaYDkhIozaPBPdWBdXqSA&vprv=1&mime=audio%2Fwebm&ns=cTvR2A8NsJUF25WkhS9J6QQN&gir=yes&clen=43070963&dur=2453.761&lmt=1645820740489712&mt=1682541661&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=7oaVaIaihpwZiw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgdnt1_otOsHqU6490Av-LkV1eNiRV2VXc391bUXHDLo8CIALX8d9qllweMwnfpvCpzrBIcdnDH0S6VU25-i5JAIUJ&alr=yes&sig=AOq0QJ8wRAIgC6p2wAm_h3Ed70j9sW7OCaWskCbRJMRq7OxuHyAeXo0CIFSGZjajvQIN7imq9hdK8bDGA70j5ckFyxKkDpXp8yZ2&cpn=8TLCuP41NTFiPeKB&cver=1.20230423.00.00&range=0-70130&rn=2&rbuf=0&pot=IihjZmNgBy_urCABFyEsIgQfMgwPADFWCzUsJQktDlACDyEBRlUnQ1Ai

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:66::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

fff99d5f9c242c41ccf143aa29415efbe6e249b68db423fe77ac223b19add487

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 20:47:06 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 70131
Last-Modified: Fri, 25 Feb 2022 20:25:40 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
Expires: Wed, 26 Apr 2023 20:47:06 GMT

GET
H3 200 captions.js Show response
www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/ Frame A7AF 69 KB
25 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31c5dbcb8d0236e696a9bbb3db2a244e31ca2dec4d671b2693702de681743c62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/6P3iFIavHKI?autoplay=1&cc_lang_pref=EN&cc_load_policy=1&controls=0&disablekb=1&fs=0&playsinline=1&rel=0&modestbranding=1&iv_load_policy=3&showinfo=0&wmode=transparent&origin=https%3A%2F%2Ftryfungosem.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26066
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 00:12:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 23 Apr 2024 14:59:03 GMT

GET
H3 200 endscreen.js Show response
www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/ Frame A7AF 33 KB
9 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3971005c21bf938e2a4fd8c2b2fa17adf47d7b6f3c67f715642ac196d0783fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/6P3iFIavHKI?autoplay=1&cc_lang_pref=EN&cc_load_policy=1&controls=0&disablekb=1&fs=0&playsinline=1&rel=0&modestbranding=1&iv_load_policy=3&showinfo=0&wmode=transparent&origin=https%3A%2F%2Ftryfungosem.com&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9003
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 00:12:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 23 Apr 2024 14:59:03 GMT

POST
H3 200 next Show response
www.youtube-nocookie.com/youtubei/v1/ Frame A7AF 6 KB
2 KB 204ms
204ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

a458be59a33b34156865b66765214f1a063efdaa9ec1f17f8805bf4507889892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube-nocookie.com/embed/6P3iFIavHKI?autoplay=1&cc_lang_pref=EN&cc_load_policy=1&controls=0&disablekb=1&fs=0&playsinline=1&rel=0&modestbranding=1&iv_load_policy=3&showinfo=0&wmode=transparent&origin=https%3A%2F%2Ftryfungosem.com&enablejsapi=1&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230423.00.00
X-Goog-Visitor-Id: CgtGODgyQjlfR0hSOCjKm6aiBg%3D%3D

Response headers

date: Wed, 26 Apr 2023 20:47:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1914
x-xss-protection: 0
expires: Wed, 26 Apr 2023 20:47:06 GMT

GET
H3 200 timedtext Show response
www.youtube-nocookie.com/api/ Frame A7AF 99 KB
24 KB 26ms
25ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/api/timedtext?v=6P3iFIavHKI&caps=asr&xoaf=4&hl=de&ip=0.0.0.0&ipbits=0&expire=1682567226&sparams=ip%2Cipbits%2Cexpire%2Cv%2Ccaps%2Cxoaf&signature=3504ACD5E860AA6A96C0E0B85C5891325F83A917.DB9B4C3CBF978E44F3440B6B454103D31974F604&key=yt8&lang=en-US&fmt=json3&xorb=2&xobt=3&xovt=3&cbr=Chrome&cbrver=112.0.5615.121&c=WEB_EMBEDDED_PLAYER&cver=1.20230423.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

video-timedtext /

Resource Hash

fc50c3f178d43d1ca437a797aebfac29f2cf33f493df49f17968e129ebc02df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/6P3iFIavHKI?autoplay=1&cc_lang_pref=EN&cc_load_policy=1&controls=0&disablekb=1&fs=0&playsinline=1&rel=0&modestbranding=1&iv_load_policy=3&showinfo=0&wmode=transparent&origin=https%3A%2F%2Ftryfungosem.com&enablejsapi=1&widgetid=1
X-YouTube-Client-Version: 1.20230423.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtGODgyQjlfR0hSOCjKm6aiBg%3D%3D
X-YouTube-Ad-Signals: dt=1682542026371&flash=0&frm=2&u_tz&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1080%2C608&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 20:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: video-timedtext
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24127
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 videoplayback Show response
rr5---sn-4g5e6nze.googlevideo.com/ Frame A7AF 76 KB
76 KB 24ms
11ms Fetch
audio/webm 2a00:1450:4001:66::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5e6nze.googlevideo.com/videoplayback?expire=1682563626&ei=yo1JZPajHNqH1gLR54XgCw&ip=2a01%3A4a0%3A2b%3A%3A7&id=o-APqLJlK7uj_zozplcD2kUZdkpJJIwxJela0U0iBpchSe&itag=251&source=youtube&requiressl=yes&mh=Eh&mm=31%2C29&mn=sn-4g5e6nze%2Csn-4g5ednkl&ms=au%2Crdu&mv=m&mvi=5&pl=43&initcwndbps=922500&spc=qEK7B6DKJ_vjrzXNZPlexpaYDkhIozaPBPdWBdXqSA&vprv=1&mime=audio%2Fwebm&ns=cTvR2A8NsJUF25WkhS9J6QQN&gir=yes&clen=43070963&dur=2453.761&lmt=1645820740489712&mt=1682541661&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=7oaVaIaihpwZiw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgdnt1_otOsHqU6490Av-LkV1eNiRV2VXc391bUXHDLo8CIALX8d9qllweMwnfpvCpzrBIcdnDH0S6VU25-i5JAIUJ&alr=yes&sig=AOq0QJ8wRAIgC6p2wAm_h3Ed70j9sW7OCaWskCbRJMRq7OxuHyAeXo0CIFSGZjajvQIN7imq9hdK8bDGA70j5ckFyxKkDpXp8yZ2&cpn=8TLCuP41NTFiPeKB&cver=1.20230423.00.00&range=70131-147763&rn=3&rbuf=3895&pot=MmQmDRdAbRZm7yY12R5j7-kUvk_Y9VBrRVR5DsWWpyfgbYIgx-9oVke41isPj3i4KrteTq0oeC3zl591XTmd-D6mzFD-Pc6q4x01QPsAvsgUTCHB1eY-8kNFlsFQBIwcfcaOYPZA

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:66::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

50498f3eff9ac696bdc9ae625f947e12a44f7851e7c62ed398f75763415cb863

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 26 Apr 2023 20:47:06 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
content-length: 77633
last-modified: Fri, 25 Feb 2022 20:25:40 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
expires: Wed, 26 Apr 2023 20:47:06 GMT

POST
H3 200 videoplayback Show response
rr5---sn-4g5e6nze.googlevideo.com/ Frame A7AF 166 KB
166 KB 11ms
10ms Fetch
audio/webm 2a00:1450:4001:66::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5e6nze.googlevideo.com/videoplayback?expire=1682563626&ei=yo1JZPajHNqH1gLR54XgCw&ip=2a01%3A4a0%3A2b%3A%3A7&id=o-APqLJlK7uj_zozplcD2kUZdkpJJIwxJela0U0iBpchSe&itag=251&source=youtube&requiressl=yes&mh=Eh&mm=31%2C29&mn=sn-4g5e6nze%2Csn-4g5ednkl&ms=au%2Crdu&mv=m&mvi=5&pl=43&initcwndbps=922500&spc=qEK7B6DKJ_vjrzXNZPlexpaYDkhIozaPBPdWBdXqSA&vprv=1&mime=audio%2Fwebm&ns=cTvR2A8NsJUF25WkhS9J6QQN&gir=yes&clen=43070963&dur=2453.761&lmt=1645820740489712&mt=1682541661&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=7oaVaIaihpwZiw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgdnt1_otOsHqU6490Av-LkV1eNiRV2VXc391bUXHDLo8CIALX8d9qllweMwnfpvCpzrBIcdnDH0S6VU25-i5JAIUJ&alr=yes&sig=AOq0QJ8wRAIgC6p2wAm_h3Ed70j9sW7OCaWskCbRJMRq7OxuHyAeXo0CIFSGZjajvQIN7imq9hdK8bDGA70j5ckFyxKkDpXp8yZ2&cpn=8TLCuP41NTFiPeKB&cver=1.20230423.00.00&range=147764-317359&rn=4&rbuf=8508&pot=MmQmDRdAbRZm7yY12R5j7-kUvk_Y9VBrRVR5DsWWpyfgbYIgx-9oVke41isPj3i4KrteTq0oeC3zl591XTmd-D6mzFD-Pc6q4x01QPsAvsgUTCHB1eY-8kNFlsFQBIwcfcaOYPZA

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:66::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7b73126bb7e72cf11cb045c507fc1306061c4b7da381a0916d078d410c4f2e7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 26 Apr 2023 20:47:06 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
content-length: 169596
last-modified: Fri, 25 Feb 2022 20:25:40 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
expires: Wed, 26 Apr 2023 20:47:06 GMT

POST
H3 200 videoplayback Show response
rr5---sn-4g5e6nze.googlevideo.com/ Frame A7AF 921 KB
921 KB 10ms
10ms Fetch
video/mp4 2a00:1450:4001:66::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5e6nze.googlevideo.com/videoplayback?expire=1682563626&ei=yo1JZPajHNqH1gLR54XgCw&ip=2a01%3A4a0%3A2b%3A%3A7&id=o-APqLJlK7uj_zozplcD2kUZdkpJJIwxJela0U0iBpchSe&itag=134&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&mh=Eh&mm=31%2C29&mn=sn-4g5e6nze%2Csn-4g5ednkl&ms=au%2Crdu&mv=m&mvi=5&pl=43&initcwndbps=922500&spc=qEK7B6DKJ_vjrzXNZPlexpaYDkhIozaPBPdWBdXqSA&vprv=1&mime=video%2Fmp4&ns=cTvR2A8NsJUF25WkhS9J6QQN&gir=yes&clen=108202245&dur=2453.750&lmt=1674484247413355&mt=1682541661&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=7oaVaIaihpwZiw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANPa73QHdaZkSDsp5IJiBAB1wYaYi_o_0TwH8StScTzuAiACoyJSVJc59LNi4NxLlirreHti_zzKEpxzWyYtgjKoUw%3D%3D&alr=yes&sig=AOq0QJ8wRQIhAPUSPs4dk-lsdMT5Dcfjj8mXmRS0LAMjUIHgTLesXTkYAiBRbZ7ObqwyLrrtrSnk_4rvjaJ5K4AhCvlY6QtLkxlpBw%3D%3D&cpn=8TLCuP41NTFiPeKB&cver=1.20230423.00.00&range=199947-1143069&rn=5&rbuf=10089&pot=MmQmDRdAbRZm7yY12R5j7-kUvk_Y9VBrRVR5DsWWpyfgbYIgx-9oVke41isPj3i4KrteTq0oeC3zl591XTmd-D6mzFD-Pc6q4x01QPsAvsgUTCHB1eY-8kNFlsFQBIwcfcaOYPZA

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:66::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

260ab97d15f301848e7d6a8d3a4f06fb4f4a829802e05e13e1e6de7595c3e5f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 26 Apr 2023 20:47:06 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
content-length: 943123
last-modified: Mon, 23 Jan 2023 14:30:47 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
expires: Wed, 26 Apr 2023 20:47:06 GMT

GET
H3 204 playback Show response
www.youtube-nocookie.com/api/stats/ Frame A7AF 0
17 B 17ms
16ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/api/stats/playback?ns=yt&el=embedded&cpn=8TLCuP41NTFiPeKB&ver=2&cmt=0.056&fmt=134&fs=0&rt=0.382&euri=https%3A%2F%2Ftryfungosem.com%2F&lact=407&cl=526486891&mos=1&volume=100&cbr=Chrome&cbrver=112.0.5615.121&c=WEB_EMBEDDED_PLAYER&cver=1.20230423.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&splay=1&hl=de_DE&cr=DE&len=2454&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24219382%2C24255165%2C24406084%2C24415864%2C24439361%2C24462372%2C24468691%2C24499532%2C24499792%2C24516157%2C24534290%2C24539776%2C39323074&rtn=3&afmt=251&size=1080%3A608&inview=0&muted=1&cc=.en-US&docid=6P3iFIavHKI&ei=yo1JZPajHNqH1gLR54XgCw&plid=AAX6Q1fPAHr_AUk_&referrer=https%3A%2F%2Fwww.youtube-nocookie.com%2Fembed%2F6P3iFIavHKI%3Fautoplay%3D1%26cc_lang_pref%3DEN%26cc_load_policy%3D1%26controls%3D0%26disablekb%3D1%26fs%3D0%26playsinline%3D1%26rel%3D0%26modestbranding%3D1%26iv_load_policy%3D3%26showinfo%3D0%26wmode%3Dtransparent%26origin%3Dhttps%253A%252F%252Ftryfungosem.com%26enablejsapi%3D1%26widgetid%3D1&of=jkXipMQz5KCbj11grlsDCg&vm=CAQQARgCOjJBTE03ZXZLOTNCTjJraEhiWWlRNHpSeVZ6RTNCM3BpMUxXcGt1anJzQjNwTUpXOTZsUWJbQVBta0tESmZZVmNMcnFtRjB6ZUYzYUdheTlSeWc0dVc2MWo1ckRCY3ZvQ2RyNUxhT1NlTkh2aENDQzVfQzU0T1UyNHF0TWJ3d2g4VDIzLXBuUG41UE1TeW1nRWgB

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/6P3iFIavHKI?autoplay=1&cc_lang_pref=EN&cc_load_policy=1&controls=0&disablekb=1&fs=0&playsinline=1&rel=0&modestbranding=1&iv_load_policy=3&showinfo=0&wmode=transparent&origin=https%3A%2F%2Ftryfungosem.com&enablejsapi=1&widgetid=1
X-YouTube-Client-Version: 1.20230423.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtGODgyQjlfR0hSOCjKm6aiBg%3D%3D
X-YouTube-Ad-Signals: dt=1682542026371&flash=0&frm=2&u_tz&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1080%2C608&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 20:47:06 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube-nocookie.com/ Frame A7AF 0
19 B 15ms
15ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/ptracking?html5=1&video_id=6P3iFIavHKI&cpn=8TLCuP41NTFiPeKB&ei=yo1JZPajHNqH1gLR54XgCw&ptk=youtube_multi&oid=CJrNvEi8Or-NngtwKSzzIQ.TnX-no9QHua4uFvgz2cB9w.n6LW3gapPpduYeCdT3QRyw&pltype=contentugc

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/73d31b49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/6P3iFIavHKI?autoplay=1&cc_lang_pref=EN&cc_load_policy=1&controls=0&disablekb=1&fs=0&playsinline=1&rel=0&modestbranding=1&iv_load_policy=3&showinfo=0&wmode=transparent&origin=https%3A%2F%2Ftryfungosem.com&enablejsapi=1&widgetid=1
X-YouTube-Client-Version: 1.20230423.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtGODgyQjlfR0hSOCjKm6aiBg%3D%3D
X-YouTube-Ad-Signals: dt=1682542026371&flash=0&frm=2&u_tz&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1080%2C608&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 20:47:06 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 NlUNSIFvo5wCYcXQ-u4I5THZLnIccH0HJcHijT-zuHJHm1QFIESzhmmPsHnye5GjmTjcE4QXHw=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame A7AF 3 KB
3 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/NlUNSIFvo5wCYcXQ-u4I5THZLnIccH0HJcHijT-zuHJHm1QFIESzhmmPsHnye5GjmTjcE4QXHw=s88-c-k-c0x00ffffff-no-rj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

305f0c6aec5425e6401afc5931b233cc68bdaabc7eb01b1381223e83bcfff262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:09:35 GMT
x-content-type-options: nosniff
age: 2251
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3364
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 27 Apr 2023 20:09:35 GMT

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
links.noushealthy.com/	1970-01-20 12:05:34	Name: prli_click_4 Value: kd25
links.noushealthy.com/	1970-01-20 20:07:58	Name: prli_visitor Value: 64498dc88716f
tryfungosem.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0555d6d31492c732b0d0143c7a8707d1
tryfungosem.com/	1970-01-20 11:23:44	Name: __cflb Value: 0H28upmg3HpFiXquczEWQEGVxC4vbxGPAQkMNCT5bDe
.tryfungosem.com/	1970-01-20 11:23:48	Name: _gid Value: GA1.2.230048259.1682542025
.tryfungosem.com/	1970-01-20 20:58:22	Name: _ga_BDPT9RCPX0 Value: GS1.1.1682542025.1.0.1682542025.0.0.0
.tryfungosem.com/	1970-01-20 20:58:22	Name: _ga Value: GA1.1.1697382814.1682542025
.tryfungosem.com/	1970-01-20 20:58:22	Name: _ga_N01EWCGKPZ Value: GS1.1.1682542025.1.0.1682542025.0.0.0
.tryfungosem.com/	1970-01-20 11:22:22	Name: _gat_gtag_UA_131822362_22 Value: 1
.tryfungosem.com/	1970-01-20 13:31:58	Name: sessid2 Value: sessid20230426204728054
.tryfungosem.com/	1970-01-20 13:31:58	Name: spi_funnel_codename Value:
.tryfungosem.com/	1970-01-20 13:31:58	Name: aff_id Value: 230
.tryfungosem.com/	1970-01-20 13:31:58	Name: sid Value: 3apagiop0425fungosem
.tryfungosem.com/	1970-01-20 13:31:58	Name: campaign_id Value:
.tryfungosem.com/	1970-01-20 13:31:58	Name: referrer Value: 2a01:4a0:2b::7:links.noushealthy.com:tryfungosem.com%2Ffsbg-xpa-xbn
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: xvv_PLDFb1o
.youtube.com/	1970-01-20 15:41:34	Name: VISITOR_INFO1_LIVE Value: oSlLRd3mHTk

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tryfungosem.com/assets/images/Logo.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.youtube.com/s/player/73d31b49/www-widgetapi.vflset/www-widgetapi.js(Line 1107) Message: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
buygoods.com
cdn.ravenjs.com
click.bonebrothdietfast.com
code.jquery.com
display.buygoods.com
fonts.googleapis.com
fonts.gstatic.com
jnn-pa.googleapis.com
links.noushealthy.com
region1.google-analytics.com
rr5---sn-4g5e6nze.googlevideo.com
tracking.buygoods.com
tryfungosem.com
www.buygoods.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.youtube-nocookie.com
www.youtube.com
yt3.ggpht.com
139.162.156.95
172.105.251.66
2001:4860:4802:34::36
2001:4de0:ac18::1:a:1a
2606:4700:3108::ac42:288d
2606:4700:3108::ac42:28ea
2a00:1450:4001:66::a
2a00:1450:4001:801::200e
2a00:1450:4001:809::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2001
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a04:4e42:200::729
2a06:98c1:3121::3
032457348b7f0d30cb973ae53d6c81116ff20e36b2cc6305ab277dc8fe4fe275
05e1d1d734a67c4e0867b34bdbb37d011784095fb20afe60a792805da6efc754
0926eef5c86ab4152bf3a18aadc4065c29c0482c60e235547b2204e268247773
0ea0a01f96c3798625cef6b11e6b056ada0164538b579787a6111c404b92a480
131314f89e6887b85114ac9696a768c06421052c5536c5066a1592b98f7a45a8
13a20bbd75fc15dcf4cc783aada6229946dfba6755a18c62122d12494b76afd7
1650045c1d458e96e909a1c7a2536b56f2e33e6b4bc84b8413869a6ead9ad556
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
210b0114b95bb07f894a98abee5395346b7dd7c33152ef2040e320a7d11c6c69
23633def502d33211ef1adb1325b756eb489f02be5f152ac1df472cc6d534432
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
260ab97d15f301848e7d6a8d3a4f06fb4f4a829802e05e13e1e6de7595c3e5f8
270d752d6736a4413c963d5bc28f7fac208eb2e7918d1750abbf487d77a80133
305f0c6aec5425e6401afc5931b233cc68bdaabc7eb01b1381223e83bcfff262
31c5dbcb8d0236e696a9bbb3db2a244e31ca2dec4d671b2693702de681743c62
32e0316859a4252b536c71eb3fd42ad96880f2cd8bb2741b003daf1fa03a0b6e
33123ac79fae6dd7ea03a3b2d7784cbac68cb4e4ca4527d570fdc8a628210159
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
3c27099adea072870ffe13f2b900183e3902d64239a1d2ed6540f4251d85af54
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
50498f3eff9ac696bdc9ae625f947e12a44f7851e7c62ed398f75763415cb863
553b18c5fd5f0642b3a16fb5909e3a6b8837b71ab5f4f089a309dd35f7bece74
584e1199673e3737b083969771b609abfc2499859a6f038f5a81f4323cb37b39
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
64dbbcce9d3358110695eb93e6921987eacbc122c109903db04a97c8d2e32376
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b0ec431977d095fe64f082e17b5f082466c5add2747c3ef1f1223e1ee022af0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf13cf470c7f95e309c0db0ad4a18cec3219d927171f640dc5086600aaad5a4
6f0c572590421075878908e0b380c5a6d404f72aa7d6d125385943be658f8399
766bfadf6eb80390e6a432e6010144b9fb8c3ca474a6f2a7c7ab9cc23d22f8dc
77fdd8416fc2d407eacd148dfea6e7131816d0333df6097e6485ba2a3b0775be
7b73126bb7e72cf11cb045c507fc1306061c4b7da381a0916d078d410c4f2e7d
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8b9effc64f3b9cb7d349d1be38fc5d018300f574b12b5df201c993b843535462
8bab85b95f89aa7f5c373fa5efc3302de8591b891ae12025fbf85cf5ebe9f9d7
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9a4c6bc74019d15ca7dad83034ec07201527072c94c1588e50051fd0196f7d9e
a31750b13ae0d33b406c8aec9180493c556adc363a23224d6a7201cac96694f3
a458be59a33b34156865b66765214f1a063efdaa9ec1f17f8805bf4507889892
abe863de43fddf9de30804ca27a78b351e7e5b50791f0533e8c86773fa880dde
acbe478065fd2671e924caa46a705ab23227f64cc50087bcc00f3ffe949aaeea
ae21a8bfc3d22ea41ab709beaa74202a94517a9ee38fc869d9d0ab13481603d3
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b0cc772c80a187470a831e8fff845eb026bd8b7e7b91ea7d63e1f6e11a21918f
b13361361dead3e8f8e37c273ea784761ba62008f9a6775fa36ff671302a3236
c0bae1503b748427333ca3639d6e9aac7ce6fba4718c7009f403c65c5448ba6e
cf85a2b5735f40b2588d22e0367541d74b3fcdbac22d78bb19ab25ef10ba2e76
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d7f0394a6e917078a41c91d002bdfbf195aaec25bb5a29c15c173c7d9f849730
de8f444da981c9d26bac27fd47f3380a98e7bf44170ac02ac2fa6f324e936260
e3a3611ec00f56101effa6e34d814e8311783179e3bed23cd74c90f92ba9667f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ed8fa1ff8b55dd19225f59a5e74520a8b20206c2f6d354e1e6f0e5881d93fe4a
f3971005c21bf938e2a4fd8c2b2fa17adf47d7b6f3c67f715642ac196d0783fc
f44df2bcb224516421814385ab13b0bb7559fb8f852a7e349e03235d3c3f4cc2
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc50c3f178d43d1ca437a797aebfac29f2cf33f493df49f17968e129ebc02df0
fff99d5f9c242c41ccf143aa29415efbe6e249b68db423fe77ac223b19add487

tryfungosem.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

99 %HTTPS

88 %IPv6

15 Domains

21 Subdomains

18 IPs

3 Countries

3487 kBTransfer

6997 kBSize

17 Cookies

3 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tryfungosem.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

99 %
HTTPS

88 %
IPv6

15
Domains

21
Subdomains

18
IPs

3
Countries

3487 kB
Transfer

6997 kB
Size

17
Cookies

68 HTTP transactions
1 data transactions