urlscan.io logo urlscan.io
SecurityTrails logo

fonderfonds.at Open in urlscan Pro
92.114.88.236  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/37WNgDZ?JHBVfcDswReDfcgVuhjnINhuBGYvfCDrtSEXYFTgyHUBjnINBHygvTFCDR
Effective URL: http://fonderfonds.at/index/cz/index.html
Submission: On March 06 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 10 domains to perform 73 HTTP transactions. The main IP is 92.114.88.236, located in Petrila, Romania and belongs to ELECTROSIM-AS, RO. The main domain is fonderfonds.at.
This is the only time fonderfonds.at was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

1    67.199.248.10 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
1    95.181.172.133 (Meppel, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: erushekovuyacheslav13.msk.network
realtyretreiver.com
57    92.114.88.236 (Petrila, Romania)

ASN39425 (ELECTROSIM-AS, RO)
PTR: 92.114.88.236.tvhcc.ro
fonderfonds.at
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s.ytimg.com
19    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
6    2a00:1450:4001:59::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r3---sn-4g5e6nlk.googlevideo.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2607:f8b0:4007:2::7 (United States)

ASN15169 (GOOGLE, US)
r2---sn-a5meknzl.googlevideo.com
Domain Requested by
57 fonderfonds.at 18 redirects fonderfonds.at
19 www.youtube.com s.ytimg.com
www.youtube.com
fonderfonds.at
6 r3---sn-4g5e6nlk.googlevideo.com www.youtube.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
1 r2---sn-a5meknzl.googlevideo.com www.youtube.com
1 www.gstatic.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 s.ytimg.com realtyretreiver.com
1 realtyretreiver.com
1 bit.ly 1 redirects
73 13

This site contains no links.

Subject Issuer Validity Valid
realtyretreiver.com
R3		 2021-03-01 -
2021-05-30		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.googleusercontent.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.c.docs.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-04		 2 months crt.sh

This page contains 2 frames:

Primary Page: http://fonderfonds.at/index/cz/index.html
Frame ID: 956AD7E5618C4E8A759F0FFBE44D1E5B
Requests: 41 HTTP requests in this frame

Frame: https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
Frame ID: FE551EC1B0EE143B832A9B54B3D8284B
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/37WNgDZ?JHBVfcDswReDfcgVuhjnINhuBGYvfCDrtSEXYFTgyHUBjnINBHygvTFCDR HTTP 301
    https://realtyretreiver.com/9wJnd9aDUT Page URL
  2. http://fonderfonds.at/ HTTP 302
    http://fonderfonds.at/ HTTP 302
    http://fonderfonds.at/index/cz/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

73
Requests

47 %
HTTPS

77 %
IPv6

10
Domains

13
Subdomains

13
IPs

4
Countries

2920 kB
Transfer

4573 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/37WNgDZ?JHBVfcDswReDfcgVuhjnINhuBGYvfCDrtSEXYFTgyHUBjnINBHygvTFCDR HTTP 301
    https://realtyretreiver.com/9wJnd9aDUT Page URL
  2. http://fonderfonds.at/ HTTP 302
    http://fonderfonds.at/ HTTP 302
    http://fonderfonds.at/index/cz/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/37WNgDZ?JHBVfcDswReDfcgVuhjnINhuBGYvfCDrtSEXYFTgyHUBjnINBHygvTFCDR HTTP 301
  • https://realtyretreiver.com/9wJnd9aDUT
Request Chain 14
  • http://fonderfonds.at/index/cz/images/logo.png HTTP 302
  • http://fonderfonds.at/ HTTP 302
  • http://fonderfonds.at/ HTTP 302
  • http://fonderfonds.at/index/cz/index.html
Request Chain 15
  • http://fonderfonds.at/index/cz/images/volume_1.png HTTP 302
  • http://fonderfonds.at/ HTTP 302
  • http://fonderfonds.at/index/cz/index.html
Request Chain 16
  • http://fonderfonds.at/index/cz/images/xsecureIcons.png.pagespeed.ic.fPbNmmvfc4.png HTTP 302
  • http://fonderfonds.at/ HTTP 302
  • http://fonderfonds.at/index/cz/index.html
Request Chain 17
  • http://fonderfonds.at/index/cz/images/xportrait_pic.jpg.pagespeed.ic.uPQJjx3oDE.jpg HTTP 302
  • http://fonderfonds.at/ HTTP 302
  • http://fonderfonds.at/ HTTP 302
  • http://fonderfonds.at/index/cz/index.html
Request Chain 33
  • http://fonderfonds.at/index/cz/images/bigGradientBg.jpg HTTP 302
  • http://fonderfonds.at/ HTTP 302
  • http://fonderfonds.at/ HTTP 302
  • http://fonderfonds.at/index/cz/index.html
Request Chain 35
  • http://fonderfonds.at/index/cz/fonts/glyphicons-halflings-regular.woff2 HTTP 302
  • http://fonderfonds.at/ HTTP 302
  • http://fonderfonds.at/ HTTP 302
  • http://fonderfonds.at/index/cz/index.html
Request Chain 46
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
9wJnd9aDUT
realtyretreiver.com/
Redirect Chain
  • https://bit.ly/37WNgDZ?JHBVfcDswReDfcgVuhjnINhuBGYvfCDrtSEXYFTgyHUBjnINBHygvTFCDR
  • https://realtyretreiver.com/9wJnd9aDUT
62 B
342 B 		Document
General
Check archive.org
Download Go to
Full URL
https://realtyretreiver.com/9wJnd9aDUT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.181.172.133 Meppel, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
erushekovuyacheslav13.msk.network
Software
nginx /
Resource Hash
761847fa129a994e4d2e03812bf7117768ae331c633605c402ace4822f15be14

Request headers

Host
realtyretreiver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Sat, 06 Mar 2021 18:01:41 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
62
Connection
keep-alive
Keep-Alive
timeout=60
Last-Modified
Tue, 02 Mar 2021 07:49:31 GMT
ETag
"3e-5bc88f98b1401"
Accept-Ranges
bytes

Redirect headers

server
nginx
date
Sat, 06 Mar 2021 18:01:41 GMT
content-type
text/html; charset=utf-8
content-length
125
cache-control
private, max-age=90
content-security-policy
referrer always;
location
https://realtyretreiver.com/9wJnd9aDUT
referrer-policy
unsafe-url
set-cookie
_bit=l26i1F-175dd7db2f0de13d73-00S; Domain=bit.ly; Expires=Thu, 02 Sep 2021 18:01:41 GMT
via
1.1 google
alt-svc
clear
Primary Request Cookie set index.html
fonderfonds.at/index/cz/
Redirect Chain
  • http://fonderfonds.at/
  • http://fonderfonds.at/
  • http://fonderfonds.at/index/cz/index.html
41 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
bbeda48c246539f4377aded36d766df4c2540cf8526b8ac969ada167376421e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
fonderfonds.at
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
XSRF-TOKEN=eyJpdiI6IlBWckh2M0dqWUVHbE5DUjNmZmtEdWc9PSIsInZhbHVlIjoiazl1UWVKZnJxenFFV2FKU2t6RzJSN0VNM2E0dnhxQ3FFL1NyWmVqYWREMWpFWTJscm9FRUcvM1Y1TEdxOGZMUi90UmtZSDlWMjd6aW9Db1ZYdGo2dTBua0RJSlorM1VWQWQvaEF2TzZROWRmRDluOWlLUXVNcWM3SlQwazl6Z1EiLCJtYWMiOiJmYjQ2YTMzY2RmNGJlZWNkMmMwOWRiNWM3NDQxMDUxZDJiMDY4YTMwNjNlMmVkMjMwMmEyMWQ2MjY4YzMxMjFjIn0%3D; hotdollar20_session=eyJpdiI6InQvaW84MjhwTGNEay9PSXk4ZUVTN1E9PSIsInZhbHVlIjoiQ1hrcERWMUQvdkdLczVscDNwbFl0K3crZUlmRkxKblhVY3BCVm9LOHJXRDVRRjUxcDczSW9tbVJZMk0rdXowK0xlTGtwMEhvYWt6anVxL0lQSFN4ZUtEUnpNdHAvNXBlZi9xS2oxVHJFank4YngzQnlCSndJdlVNVEt0enhOdDciLCJtYWMiOiJkOGFhYTFkM2Y5ZDdjMzdlZTFiYzJjNzc3YTViMDY1ZWQ1OTg5ZDI4MmFiMzZlYTU4MTViYTRhYzNlYjM4NTE3In0%3D; visit=eyJpdiI6Ikt5WVZvUHhCV04ybmNLSGtKQXMzR3c9PSIsInZhbHVlIjoiQ2FZYVp4WVUzdkpSRTk4cXlpMlJTdFBzSHY5VnRqN1EzSjlwVjlEalBzVUdiNDVNVDlsOGZFYXB1cVBPTWJUYkdaUW5adVUwOVoxcGt6UjcxcmFIQVNTeElDbFhVYVE2Y0lGcWVYMjBrYXcvcWFPbktHMkJMZDgvQWdOcGEyVVFyVm1SRzFCYkZlMmYwZGgvY1ZWY1FacWNIWDgyQ29tNnRUcGk3U2lzTHJDRElrTVNEcGdoWFJHUzltTlZQYXIvTlBUZktacXNLaW5Mc1NWRml5Q1hUUW1yUE1hakRZd1lBVzFrUWljazU4WXNqVy84UEZSS3FGUDFjcmxiSERqTFI2TUR4UW5YdEZCaEpRdFd3eGRJdjhBT2JMcmpkeHZNeWM4ZS9oZ1dybHFDaDRMTWxocEdabHd0SlVJQUhjOGFCUFk0c2pabUFtNjFhOWMvZVFhdk9LdVJnSmZtZkhMRnhQM1RJckN5VE5mK0dsREJaZS9FWXZqSFFKZ1VIelo2MkZJTVUzSVFJUUEzNEJPRFZpMFQ0YklOZ0FFU0RvNG9hU0NxR1JXKzNZRzROcXhTblNDZUlmQVNQeHJsckhZdTRKR28xYVBmRzFxcjNuMGVXdzExSkE9PSIsIm1hYyI6ImZiNjQxNjdiYWM0ZTZmYTE3N2Y3ZmRkMjQ0YTgyMjVlYWMzZjgxNDM5Y2YxZjE2YWFjMGNlNWE1OWVmNGQ4ZmUifQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://realtyretreiver.com/9wJnd9aDUT

Response headers

Server
nginx/1.14.2
Date
Sat, 06 Mar 2021 18:01:42 GMT
Content-Type
text/html; charset=UTF-8
Connection
close
X-Powered-By
PHP/7.4.15
Cache-Control
private, must-revalidate
pragma
no-cache
expires
-1
Set-Cookie
XSRF-TOKEN=eyJpdiI6IlZINWhTeGdkSVRkekdRT2hLSTZUcnc9PSIsInZhbHVlIjoiSjV0N2g1a2J3ei85QzlST3lFVzh1QWVFUTFodEs0ekI2eVpOZkRrMUgyQkQ2VUl6MUxDYVBLdlRuRXFLMmJ2U2Z6VTJ3WGJKdVZ4T2t6VXZzWmZSWDZJWkJtWXpEZm15aGExY2ZpUjBYMk4xNmh4OExiaFhWakgxbzdCdyt1YTQiLCJtYWMiOiJiNDkxM2NiZWI2MjU3YzhkMWNhZjUxYTU3MTc5YjZlZjQ5ZWE2YzllZGZmNTZjMzYyOWU1NzUzYjI1YmFiZTcxIn0%3D; expires=Sun, 07-Mar-2021 18:01:47 GMT; Max-Age=86400; path=/; samesite=lax hotdollar20_session=eyJpdiI6Im5UWEVReTNJNTg3cUlFYjdwQ01adFE9PSIsInZhbHVlIjoidEVGNDJ6WGdkZ1EybWxPOUVyd1J6cm96OVMxdmw1OWpNbWlHZ0RTZURHMFRaZmlhcWl4bi85Q2F6T2lEbFkxdHcwNnUrbVBZSmVjbzVFV29SY29lemYwb2ZwY2N0THozZStVdE5iemxHT01yYWlIaWhOSGpTR2Y5YTNMUjNkL0oiLCJtYWMiOiJhZmE1NTUwNGE1ZThiZTc1YTI0NDE0NTVmMzA0ZWM0NTg2ZTIwOGQzYTRhOWU3ZmI5YmJiYTMyZTY0NWY0MjYwIn0%3D; expires=Sun, 07-Mar-2021 18:01:47 GMT; Max-Age=86400; path=/; httponly; samesite=lax
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff

Redirect headers

Server
nginx/1.14.2
Date
Sat, 06 Mar 2021 18:01:42 GMT
Content-Type
text/html; charset=UTF-8
Connection
close
X-Powered-By
PHP/7.4.15
Location
index/cz/index.html
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
bootstrap_25k.css
fonderfonds.at/index/cz/css/ 		143 KB
144 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/css/bootstrap_25k.css?v=3
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
3f571002edbd9f9ae70f1b86811e4f40d91e41c6e6b12bae9a7e8ddc27b16050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:43 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
font-awesome.min.css
fonderfonds.at/index/cz/css/ 		27 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/css/font-awesome.min.css?v=3
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
da5fef44142e203dc5d147181556ac359870d4c9bc92602c057a8c0dba73cd4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:43 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
css.css
fonderfonds.at/index/cz/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/css/css.css?v=3
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
06b4f21c4e8d0a64ec3145169bc13f2da82ef3fda223881d4eed5ee2860b4e0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:43 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
layout_tftday.css
fonderfonds.at/index/cz/css/ 		23 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/css/layout_tftday.css?v=3
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
ae55d2043f04460459fa4e90d09d91cf457ee5105b50b918edfe98fe62089e3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:43 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
style_tftday.css
fonderfonds.at/index/cz/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/css/style_tftday.css?v=
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
0388216b3c94943503d61fcbf774581a92c27c323d050c4832c6cc1a8b50c25f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:43 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
style_tftday_counter.css
fonderfonds.at/index/cz/css/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/css/style_tftday_counter.css?v=3
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
ff84b4572a90f0171e0504356c503108a15bcd85a8f5bb2a7dae6919d9d14d06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:43 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
form.css
fonderfonds.at/index/cz/css/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/css/form.css?v=3
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
6dff14e12abf3f9adb52718e1f4e4972ca92e89c5c5e629d50ae9c5d7d12097e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:43 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
intlTelInput.css
fonderfonds.at/index/cz/css/ 		18 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/css/intlTelInput.css?v=3
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
9d6b8750ade4c3b0b1f9dfa23246b21012542cd251c64045441d4791e17f15b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:43 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
checkbox-svg.css
fonderfonds.at/index/cz/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/css/checkbox-svg.css
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
a32e5568e4f9004cd16f6cf5c4e1b20240bf0732d19872ca94546e4867ae7664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:43 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
finish-pop-0.png
fonderfonds.at/index/cz/images/ 		310 KB
311 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fonderfonds.at/index/cz/images/finish-pop-0.png
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
58825c638778d2dd77c526fa9d2c85107007565d890f46b285f51ab2ef6b5787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:47 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
finish-pop-1.png
fonderfonds.at/index/cz/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fonderfonds.at/index/cz/images/finish-pop-1.png?
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
7ec7dab4829888dfc54301f9f680bbcf1908523d49f3f6549a101a1481103e52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:47 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
finish-pop-2.png
fonderfonds.at/index/cz/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fonderfonds.at/index/cz/images/finish-pop-2.png?
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
22124179da4e79adceac7abe423fc21360af24dd44130701b324653bbd2b220d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:47 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
finish-pop-3.png
fonderfonds.at/index/cz/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fonderfonds.at/index/cz/images/finish-pop-3.png?
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
11f9f53d6e668313aabd981e32ac0650d803e248f62f07d4665294a9d772b545
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:47 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
index.html
fonderfonds.at/index/cz/
Redirect Chain
  • http://fonderfonds.at/index/cz/images/logo.png
  • http://fonderfonds.at/
  • http://fonderfonds.at/
  • http://fonderfonds.at/index/cz/index.html
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fonderfonds.at/index/cz/index.html
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:46 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1

Redirect headers

Date
Sat, 06 Mar 2021 18:01:45 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Location
index/cz/index.html
Connection
close
X-XSS-Protection
1; mode=block
index.html
fonderfonds.at/index/cz/
Redirect Chain
  • http://fonderfonds.at/index/cz/images/volume_1.png
  • http://fonderfonds.at/
  • http://fonderfonds.at/index/cz/index.html
199 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fonderfonds.at/index/cz/index.html
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:45 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1

Redirect headers

Date
Sat, 06 Mar 2021 18:01:45 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Location
index/cz/index.html
Connection
close
X-XSS-Protection
1; mode=block
index.html
fonderfonds.at/index/cz/
Redirect Chain
  • http://fonderfonds.at/index/cz/images/xsecureIcons.png.pagespeed.ic.fPbNmmvfc4.png
  • http://fonderfonds.at/
  • http://fonderfonds.at/index/cz/index.html
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fonderfonds.at/index/cz/index.html
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:45 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1

Redirect headers

Date
Sat, 06 Mar 2021 18:01:45 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Location
index/cz/index.html
Connection
close
X-XSS-Protection
1; mode=block
index.html
fonderfonds.at/index/cz/
Redirect Chain
  • http://fonderfonds.at/index/cz/images/xportrait_pic.jpg.pagespeed.ic.uPQJjx3oDE.jpg
  • http://fonderfonds.at/
  • http://fonderfonds.at/
  • http://fonderfonds.at/index/cz/index.html
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fonderfonds.at/index/cz/index.html
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:46 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1

Redirect headers

Date
Sat, 06 Mar 2021 18:01:45 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Location
index/cz/index.html
Connection
close
X-XSS-Protection
1; mode=block
podpis.png
fonderfonds.at/index/cz/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fonderfonds.at/index/cz/images/podpis.png
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
6d2696d6ec59221e391551d98e4126dd1508a0088098889c3daed664458650d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:47 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
video_block_1.jpg
fonderfonds.at/index/cz/images/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fonderfonds.at/index/cz/images/video_block_1.jpg
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
dad318f3739d53ee9cb7f2a8b53a8f3a4476e7631000d082783f5f2b2f49680c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:47 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
video_block_2.jpg
fonderfonds.at/index/cz/images/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fonderfonds.at/index/cz/images/video_block_2.jpg
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
7127faab2dcbc0faffa232b985efc0824f20de905ce6236d3b2fd91487261f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:48 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
video_block_3.jpg
fonderfonds.at/index/cz/images/ 		27 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fonderfonds.at/index/cz/images/video_block_3.jpg
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
9140cb9ad80ddb7e6d427eeda194c03a1ccdbd347e8f0dc52dffd9c22ba88e47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:48 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
jquery-3.3.1.min.js
fonderfonds.at/index/cz/js/ 		85 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/js/jquery-3.3.1.min.js?v=18
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:43 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
bootstrap.js
fonderfonds.at/index/cz/js/ 		67 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/js/bootstrap.js?v=18
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:43 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
jquery.validate.min.js
fonderfonds.at/index/cz/js/ 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/js/jquery.validate.min.js?v=18
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:43 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
device.min.js
fonderfonds.at/index/cz/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/js/device.min.js?v=18
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
44427cb2a51e54cca2cb648212f313ce64433ce7454e3df0c386c0156e98e36a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:44 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
getdetector.js
fonderfonds.at/index/cz/js/ 		216 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/js/getdetector.js?v=18
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
aa4fe92e09f94671f24e453a8cf9527c0851f65b608c7f9fab304608353ae354
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:44 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
intlTelInput.js
fonderfonds.at/index/cz/js/ 		69 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/js/intlTelInput.js?v=18
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
31a2122d72133636252b85ec92f056c15518f3d16600c43875e1454f9fe37d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:46 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
countries.js
fonderfonds.at/index/cz/js/ 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/js/countries.js?v=18
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
86f67a9118325764fc8590b1be174a6247615f5643cae7118560d2824c67e1ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:46 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
seedrandom.min.js
fonderfonds.at/index/cz/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/js/seedrandom.min.js?v=18
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
302363ec4b38d6c84acc7b7a7c806ca17aafa4d089262545ef1eff8a110a5c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:46 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
counter.js
fonderfonds.at/index/cz/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/js/counter.js?v=18
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
5df1a11f9a98aa7fdbbbbf73d6f12da660160427cdec63bdcec4a5bec15fca62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:47 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
valid.js
fonderfonds.at/index/cz/js/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/js/valid.js?v=20
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
72f5dc31121e315e5c2c9523f117d98c7cb6a3eef33b762695054fa8903165fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:47 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
custom.js
fonderfonds.at/index/cz/js/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/js/custom.js?v=18
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
ef49acb69473f036b75e49d70f586bacd988120beff2a5814f99fe8a77cc147a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:47 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
index.html
fonderfonds.at/index/cz/
Redirect Chain
  • http://fonderfonds.at/index/cz/images/bigGradientBg.jpg
  • http://fonderfonds.at/
  • http://fonderfonds.at/
  • http://fonderfonds.at/index/cz/index.html
199 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fonderfonds.at/index/cz/index.html
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/css/layout_tftday.css?v=3
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/css/layout_tftday.css?v=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:45 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1

Redirect headers

Date
Sat, 06 Mar 2021 18:01:45 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Location
index/cz/index.html
Connection
close
X-XSS-Protection
1; mode=block
greenArrowBg.png
fonderfonds.at/index/cz/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fonderfonds.at/index/cz/images/greenArrowBg.png
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/css/layout_tftday.css?v=3
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
0f174b81aaa460f6bd5840e115588286091444b4a241aa70aab4ffb163d49bed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/css/layout_tftday.css?v=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:48 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
index.html
fonderfonds.at/index/cz/
Redirect Chain
  • http://fonderfonds.at/index/cz/fonts/glyphicons-halflings-regular.woff2
  • http://fonderfonds.at/
  • http://fonderfonds.at/
  • http://fonderfonds.at/index/cz/index.html
41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/index.html
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/css/bootstrap_25k.css?v=3
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
bbeda48c246539f4377aded36d766df4c2540cf8526b8ac969ada167376421e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://fonderfonds.at/index/cz/css/bootstrap_25k.css?v=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:45 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1

Redirect headers

Date
Sat, 06 Mar 2021 18:01:45 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Location
index/cz/index.html
Connection
close
X-XSS-Protection
1; mode=block
glyphicons-halflings-regular.woff
fonderfonds.at/index/cz/fonts/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/fonts/glyphicons-halflings-regular.woff
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/css/bootstrap_25k.css?v=3
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
http://fonderfonds.at
Referer
http://fonderfonds.at/index/cz/css/bootstrap_25k.css?v=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:46 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
index.php
fonderfonds.at/ 		16 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index.php?getCountryCode
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/js/jquery-3.3.1.min.js?v=18
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
2f967108f972570cc70587bb45277c96042a045923b3c7e07856e8676b1bf853
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://fonderfonds.at/index/cz/index.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 18:01:47 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Connection
close
X-XSS-Protection
1; mode=block
youtubeUP.js
fonderfonds.at/index/cz/js/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://fonderfonds.at/index/cz/js/youtubeUP.js
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/js/jquery-3.3.1.min.js?v=18
Protocol
HTTP/1.1
Server
92.114.88.236 Petrila, Romania, ASN39425 (ELECTROSIM-AS, RO),
Reverse DNS
92.114.88.236.tvhcc.ro
Software
nginx/1.14.2 / PHP/7.4.15
Resource Hash
b9de670fa01f21580f6c9e8e01c0a1a697cf2062b2d5321f76bd44d8af8b93dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
http://fonderfonds.at/index/cz/index.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 06 Mar 2021 18:01:47 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.14.2
X-Powered-By
PHP/7.4.15
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
expires
-1
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflN2g023/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflN2g023/www-widgetapi.js
Requested by
Host: realtyretreiver.com
URL: https://realtyretreiver.com/9wJnd9aDUT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6d1f0f7c29c75c0bf3f35fdb95ef16b1ca016bce397885dcb56c6c8c0b8367f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonderfonds.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 20:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
164771
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7738
x-xss-protection
0
last-modified
Sat, 23 Feb 2019 21:30:08 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Fri, 12 Mar 2021 20:15:36 GMT
b5kQwW5hSkU
www.youtube.com/embed/ Frame FE55 		52 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
Requested by
Host: s.ytimg.com
URL: https://s.ytimg.com/yts/jsbin/www-widgetapi-vflN2g023/www-widgetapi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
39728ed30773954d52fe546ebf9850c623c28d6650ba061ea7120aea2277d7f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://fonderfonds.at/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://fonderfonds.at/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 06 Mar 2021 18:01:47 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=x2y7lwp1jG4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=1UMNA3vFeSk; Domain=.youtube.com; Expires=Thu, 02-Sep-2021 18:01:47 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+540; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
www-player-webp.css
www.youtube.com/s/player/a09205f7/ Frame FE55 		340 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/a09205f7/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 12:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 23:49:38 GMT
server
sffe
age
21192
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52174
x-xss-protection
0
expires
Sun, 06 Mar 2022 12:08:36 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FE55 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
166823
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:25 GMT
www-embed-player.js
www.youtube.com/s/player/a09205f7/www-embed-player.vflset/ Frame FE55 		159 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/a09205f7/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46f87edccd58edd2f7ffba4ea616912cc4a7d14a0d4378f1ea973614926adc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 01:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 23:49:38 GMT
server
sffe
age
144983
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58950
x-xss-protection
0
expires
Sat, 05 Mar 2022 01:45:25 GMT
base.js
www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/ Frame FE55 		2 MB
504 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575ade33ee74c627918d75a53d1a1d846d54c866ede92999cb27a9f29eeb9476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 01:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 23:49:38 GMT
server
sffe
age
144415
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
516112
x-xss-protection
0
expires
Sat, 05 Mar 2022 01:54:53 GMT
fetch-polyfill.js
www.youtube.com/s/player/a09205f7/fetch-polyfill.vflset/ Frame FE55 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/a09205f7/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 02:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 23:49:38 GMT
server
sffe
age
57100
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Sun, 06 Mar 2022 02:10:08 GMT
id
googleads.g.doubleclick.net/pagead/ Frame FE55
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
921 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d506a67aa9b0a2ef837f78a6a8eef68ed7c567bd4c441c98ec67932b690970cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 18:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 06 Mar 2021 18:01:48 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame FE55 		29 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 17:48:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
814
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Sat, 06 Mar 2021 18:03:14 GMT
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
www.google.com/js/bg/ Frame FE55 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 15:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
95652
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Sat, 05 Mar 2022 15:27:36 GMT
embed.js
www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/ Frame FE55 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7a8aeacb5d1adba0f3eb014cf3117011f4ee9f5aaa36f939334473288906733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 01:57:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 23:49:38 GMT
server
sffe
age
144286
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9666
x-xss-protection
0
expires
Sat, 05 Mar 2022 01:57:02 GMT
player
www.youtube.com/youtubei/v1/ Frame FE55 		50 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
752e77a35ad532f2ee86c338a7ac5984826b31f332b8f8fe9cbe1feb333f4cb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20210304.1.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id
CgsxVU1OQTN2RmVTayiLh4-CBg%3D%3D
Content-Type
application/json

Response headers

date
Sat, 06 Mar 2021 18:01:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16259
x-xss-protection
0
expires
Sat, 06 Mar 2021 18:01:48 GMT
truncated
/ Frame FE55 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwngLkJ--8f5GVHE_AGq7bPC0_QoWsn9DN_z9jA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame FE55 		1003 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwngLkJ--8f5GVHE_AGq7bPC0_QoWsn9DN_z9jA=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5403d7af7a0adfb77adf677f3e3b5c38d3555a484d0bc60340c5cfa08fab6f64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 14:12:48 GMT
x-content-type-options
nosniff
server
fife
age
13740
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1003
x-xss-protection
0
expires
Sun, 07 Mar 2021 14:12:48 GMT
truncated
/ Frame FE55 		302 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab7809ad7b746d18a0f59960c5c0dcf95446de8753a29cd59db589304fe2806d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
player
www.youtube.com/youtubei/v1/ Frame FE55 		50 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b6e7d60485d6302ebf157bbca8b790c988bc8ee09f8e34484c9acc35bd69cc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20210304.1.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id
CgsxVU1OQTN2RmVTayiLh4-CBg%3D%3D
Content-Type
application/json

Response headers

date
Sat, 06 Mar 2021 18:01:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16092
x-xss-protection
0
expires
Sat, 06 Mar 2021 18:01:48 GMT
next
www.youtube.com/youtubei/v1/ Frame FE55 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8a64e49e9cd7f866c8c561365f0ede644156ab684b1e741ed0ce9993c472a97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20210304.1.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id
CgsxVU1OQTN2RmVTayiLh4-CBg%3D%3D
Content-Type
application/json

Response headers

date
Sat, 06 Mar 2021 18:01:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1827
x-xss-protection
0
expires
Sat, 06 Mar 2021 18:01:48 GMT
generate_204
www.youtube.com/ Frame FE55 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?iMf2gg
Requested by
Host: fonderfonds.at
URL: http://fonderfonds.at/index/cz/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 18:01:48 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
qoe
www.youtube.com/api/stats/ Frame FE55 		0
156 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=243&afmt=251&cpn=9RqHa536-QpFw7WQ&ei=jMNDYLiaFZ6k1gK-oSQ&el=embedded&docid=b5kQwW5hSkU&ns=yt&fexp=23940238%2C23940247%2C23969934%2C23983297%2C23992808%2C23996624%2C24005871%2C24006795%2C24007246%2C24007901%2C24010333&cl=360985524&seq=1&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210304.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.150:N&afs=0.149:251::i&vfs=0.150:243:243::r&view=0.150:640:360&bwe=0.150:130000&bat=0.150:1:1&vis=0.150:0&cmt=0.150:0.000&bh=0.150:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 18:01:48 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r3---sn-4g5e6nlk.googlevideo.com/ Frame FE55 		100 KB
101 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nlk.googlevideo.com/videoplayback?expire=1615075308&ei=jMNDYLiaFZ6k1gK-oSQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AH6hcsxMxoetKwYZ7AbMQZyQFfQtBQW1DCo4AjK3B9m6&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=u7&mm=31%2C26&mn=sn-4g5e6nlk%2Csn-5goeen7k&ms=au%2Conr&mv=m&mvi=3&pl=41&initcwndbps=532500&vprv=1&mime=video%2Fwebm&ns=NaTXUHwv0qm5o57Q8ttM6jEF&gir=yes&clen=8310135&dur=669.560&lmt=1589888828521459&mt=1615053398&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=sTMJ1qSqT-2xNA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgBDwDqNmne_dnpbpori8q0YmC6LkyCi2JPq1bBoaDDtQCIQCYHlSiR6S0lcSwzxCl-3I7ezwrtXDDMmPGHI8dDDtvoA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANM0eNEVhYBnbqq3uMGNHNlK-o-zRbi3ogw1GJQlOcXWAiATB2S2pPgKh48WQYrDj8QCTC6NggIIpRPZP-y3TZaKzA%3D%3D&alr=yes&cpn=9RqHa536-QpFw7WQ&cver=1.20210304.1.0&range=0-102660&rn=1&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:59::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
b76dcb420697833bb122c18476d7d0be6d0e4bc4e8e5e3e40f4cf92908d57def
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 18:01:48 GMT
X-Restrict-Formats-Hint
None
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
102661
Last-Modified
Tue, 19 May 2020 11:47:08 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/webm
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
X-Content-Type-Options
nosniff
Expires
Sat, 06 Mar 2021 18:01:48 GMT
videoplayback
r3---sn-4g5e6nlk.googlevideo.com/ Frame FE55 		65 KB
66 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nlk.googlevideo.com/videoplayback?expire=1615075308&ei=jMNDYLiaFZ6k1gK-oSQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AH6hcsxMxoetKwYZ7AbMQZyQFfQtBQW1DCo4AjK3B9m6&itag=251&source=youtube&requiressl=yes&mh=u7&mm=31%2C26&mn=sn-4g5e6nlk%2Csn-5goeen7k&ms=au%2Conr&mv=m&mvi=3&pl=41&initcwndbps=532500&vprv=1&mime=audio%2Fwebm&ns=NaTXUHwv0qm5o57Q8ttM6jEF&gir=yes&clen=10892740&dur=669.601&lmt=1589881747647798&mt=1615053398&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=sTMJ1qSqT-2xNA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIge99XH89CksIECEGQYyswCRpY0tmo0hRaHzqfT73HD_sCICoYKK-UfgR5qXNo7oCU3CylFWGLz66194iNwMMJggPH&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANM0eNEVhYBnbqq3uMGNHNlK-o-zRbi3ogw1GJQlOcXWAiATB2S2pPgKh48WQYrDj8QCTC6NggIIpRPZP-y3TZaKzA%3D%3D&alr=yes&cpn=9RqHa536-QpFw7WQ&cver=1.20210304.1.0&range=0-66937&rn=2&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:59::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
40edf2ebbbaf6c1e77d25d0d1260669397cbf6e1cf7bd7a38655783db7bf7f9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 18:01:48 GMT
X-Content-Type-Options
nosniff
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
66938
Last-Modified
Tue, 19 May 2020 09:49:07 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
audio/webm
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
Expires
Sat, 06 Mar 2021 18:01:48 GMT
remote.js
www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/ Frame FE55 		97 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60ec84dd57b4bb768d51e84907a80618457c0bf42e304390153a74b81218d9c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 01:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 23:49:38 GMT
server
sffe
age
144413
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32688
x-xss-protection
0
expires
Sat, 05 Mar 2022 01:54:55 GMT
endscreen.js
www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/ Frame FE55 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/endscreen.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9c27665e0436f40e8a150b9c2205a3836be636c02b294534e7b5b3740f895e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 01:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 23:49:38 GMT
server
sffe
age
144410
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
expires
Sat, 05 Mar 2022 01:54:58 GMT
next
www.youtube.com/youtubei/v1/ Frame FE55 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0b684a4912dda635c24378b68e19962b5e88501deb8601afe90305ce9e3585f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20210304.1.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id
CgsxVU1OQTN2RmVTayiLh4-CBg%3D%3D
Content-Type
application/json

Response headers

date
Sat, 06 Mar 2021 18:01:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1825
x-xss-protection
0
expires
Sat, 06 Mar 2021 18:01:48 GMT
videoplayback
r3---sn-4g5e6nlk.googlevideo.com/ Frame FE55 		70 KB
71 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nlk.googlevideo.com/videoplayback?expire=1615075308&ei=jMNDYLiaFZ6k1gK-oSQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AH6hcsxMxoetKwYZ7AbMQZyQFfQtBQW1DCo4AjK3B9m6&itag=251&source=youtube&requiressl=yes&mh=u7&mm=31%2C26&mn=sn-4g5e6nlk%2Csn-5goeen7k&ms=au%2Conr&mv=m&mvi=3&pl=41&initcwndbps=532500&vprv=1&mime=audio%2Fwebm&ns=NaTXUHwv0qm5o57Q8ttM6jEF&gir=yes&clen=10892740&dur=669.601&lmt=1589881747647798&mt=1615053398&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=sTMJ1qSqT-2xNA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIge99XH89CksIECEGQYyswCRpY0tmo0hRaHzqfT73HD_sCICoYKK-UfgR5qXNo7oCU3CylFWGLz66194iNwMMJggPH&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANM0eNEVhYBnbqq3uMGNHNlK-o-zRbi3ogw1GJQlOcXWAiATB2S2pPgKh48WQYrDj8QCTC6NggIIpRPZP-y3TZaKzA%3D%3D&alr=yes&cpn=9RqHa536-QpFw7WQ&cver=1.20210304.1.0&range=66938-139070&rn=3&rbuf=4092
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:59::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
55e988cd1a64c6bc67610ddcc9cb1397bc0c65fd7f2d4704ec4cc6d1b65a557c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 18:01:48 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72133
client-protocol
quic
last-modified
Tue, 19 May 2020 09:49:07 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sat, 06 Mar 2021 18:01:48 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame FE55 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 18:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Sat, 06 Mar 2021 18:01:48 GMT
videoplayback
r3---sn-4g5e6nlk.googlevideo.com/ Frame FE55 		148 KB
148 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nlk.googlevideo.com/videoplayback?expire=1615075308&ei=jMNDYLiaFZ6k1gK-oSQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AH6hcsxMxoetKwYZ7AbMQZyQFfQtBQW1DCo4AjK3B9m6&itag=251&source=youtube&requiressl=yes&mh=u7&mm=31%2C26&mn=sn-4g5e6nlk%2Csn-5goeen7k&ms=au%2Conr&mv=m&mvi=3&pl=41&initcwndbps=532500&vprv=1&mime=audio%2Fwebm&ns=NaTXUHwv0qm5o57Q8ttM6jEF&gir=yes&clen=10892740&dur=669.601&lmt=1589881747647798&mt=1615053398&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=sTMJ1qSqT-2xNA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIge99XH89CksIECEGQYyswCRpY0tmo0hRaHzqfT73HD_sCICoYKK-UfgR5qXNo7oCU3CylFWGLz66194iNwMMJggPH&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANM0eNEVhYBnbqq3uMGNHNlK-o-zRbi3ogw1GJQlOcXWAiATB2S2pPgKh48WQYrDj8QCTC6NggIIpRPZP-y3TZaKzA%3D%3D&alr=yes&cpn=9RqHa536-QpFw7WQ&cver=1.20210304.1.0&range=139071-290597&rn=4&rbuf=8596
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:59::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
90430103360258c9372c8309173c4022120fb9dbbf2d6b353646a9ba76a21428
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 18:01:48 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
151527
client-protocol
quic
last-modified
Tue, 19 May 2020 09:49:07 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sat, 06 Mar 2021 18:01:48 GMT
videoplayback
r3---sn-4g5e6nlk.googlevideo.com/ Frame FE55 		483 KB
483 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nlk.googlevideo.com/videoplayback?expire=1615075308&ei=jMNDYLiaFZ6k1gK-oSQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AH6hcsxMxoetKwYZ7AbMQZyQFfQtBQW1DCo4AjK3B9m6&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=u7&mm=31%2C26&mn=sn-4g5e6nlk%2Csn-5goeen7k&ms=au%2Conr&mv=m&mvi=3&pl=41&initcwndbps=532500&vprv=1&mime=video%2Fwebm&ns=NaTXUHwv0qm5o57Q8ttM6jEF&gir=yes&clen=8310135&dur=669.560&lmt=1589888828521459&mt=1615053398&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=sTMJ1qSqT-2xNA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgBDwDqNmne_dnpbpori8q0YmC6LkyCi2JPq1bBoaDDtQCIQCYHlSiR6S0lcSwzxCl-3I7ezwrtXDDMmPGHI8dDDtvoA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANM0eNEVhYBnbqq3uMGNHNlK-o-zRbi3ogw1GJQlOcXWAiATB2S2pPgKh48WQYrDj8QCTC6NggIIpRPZP-y3TZaKzA%3D%3D&alr=yes&cpn=9RqHa536-QpFw7WQ&cver=1.20210304.1.0&range=102661-596765&rn=5&rbuf=10038
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:59::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
d008818fa4c6e8ddaaa13c4128783545938e9e423711119c243785a74d3a7ab8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 18:01:48 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
494105
client-protocol
quic
last-modified
Tue, 19 May 2020 11:47:08 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Sat, 06 Mar 2021 18:01:48 GMT
playback
www.youtube.com/api/stats/ Frame FE55 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=9RqHa536-QpFw7WQ&docid=b5kQwW5hSkU&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fb5kQwW5hSkU%3Fcontrols%3D1%26disablekb%3D0%26loop%3D1%26modestbranding%3D1%26rel%3D0%26fs%3D0%26showinfo%3D0%26autoplay%3D1%26playlist%3Db5kQwW5hSkU%26mute%3D1%26enablejsapi%3D1%26origin%3Dhttp%253A%252F%252Ffonderfonds.at%26widgetid%3D1&cmt=0.046&ei=jMNDYLiaFZ6k1gK-oSQ&fmt=243&fs=0&rt=0.333&of=-_xhI4eL4MjOL53E0nwGhA&euri=http%3A%2F%2Ffonderfonds.at%2F&lact=493&cl=360985524&mos=1&vm=CAEQABgEKiBkbUhLZnNkTEg4b0h6MXBvX2F1Sm9USmdvZ2VsOXdGSDoyQU9HdF9PTEw0V1hOOHZtaUpzdVZvYW44b05hZG5PdDZJQ29wQ1ZpWFpFd2hoRXpJT3c&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210304.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=4&hl=en_US&cr=DE&len=669.601&fexp=23940238%2C23940247%2C23969934%2C23983297%2C23992808%2C23996624%2C24005871%2C24006795%2C24007246%2C24007901%2C24010333&rtn=11&list=TLGGWTG4yOaUC30wNjAzMjAyMQ&afmt=251&size=640%3A360&inview=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 18:01:48 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ptracking
www.youtube.com/ Frame FE55 		0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/ptracking?html5=1&video_id=b5kQwW5hSkU&cpn=9RqHa536-QpFw7WQ&ei=jMNDYLiaFZ6k1gK-oSQ&ptk=youtube_none&pltype=contentugc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 18:01:48 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi_204
www.youtube.com/ Frame FE55 		0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/csi_204?v=2&s=youtube&action=&yt_sts=dhs&st=108&csn=MC4zNDgwMDgyNDc4NDE4NTUzNg..&docid=b5kQwW5hSkU&ei=jMNDYLiaFZ6k1gK-oSQ&cpn=9RqHa536-QpFw7WQ&fmt=243&cmt=0.046&yt_pvis=1&yt_pt=html5&rt=pe.129,fs.184,ep_pr_s.187,ep_pr_r.187,qoes.321,vir.321,ep_p_l.325,virc.490,ol.350,pbr.483,gv.480,fvb.500,plev.572,vda.524,ada.526,vri.477,vdns.479,vreq.493,vrc.515,ari.479,adns.480,areq.493,avb.500,arc.512,pbs.610,aft.350,ps.656
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 18:01:48 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
delayplay
www.youtube.com/api/stats/ Frame FE55 		0
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/delayplay?ns=yt&el=embedded&cpn=9RqHa536-QpFw7WQ&docid=b5kQwW5hSkU&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fb5kQwW5hSkU%3Fcontrols%3D1%26disablekb%3D0%26loop%3D1%26modestbranding%3D1%26rel%3D0%26fs%3D0%26showinfo%3D0%26autoplay%3D1%26playlist%3Db5kQwW5hSkU%26mute%3D1%26enablejsapi%3D1%26origin%3Dhttp%253A%252F%252Ffonderfonds.at%26widgetid%3D1&cmt=4.189&ei=jMNDYLiaFZ6k1gK-oSQ&fmt=243&fs=0&rt=4.476&of=-_xhI4eL4MjOL53E0nwGhA&euri=http%3A%2F%2Ffonderfonds.at%2F&lact=4636&cl=360985524&mos=1&vm=CAEQABgEKiBkbUhLZnNkTEg4b0h6MXBvX2F1Sm9USmdvZ2VsOXdGSDoyQU9HdF9PTEw0V1hOOHZtaUpzdVZvYW44b05hZG5PdDZJQ29wQ1ZpWFpFd2hoRXpJT3c&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210304.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=4&hl=en_US&cr=DE&len=669.601&fexp=23940238%2C23940247%2C23969934%2C23983297%2C23992808%2C23996624%2C24005871%2C24006795%2C24007246%2C24007901%2C24010333&list=TLGGWTG4yOaUC30wNjAzMjAyMQ&afmt=251&size=640%3A360&inview=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 18:01:52 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
atr
www.youtube.com/api/stats/ Frame FE55 		0
46 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=9RqHa536-QpFw7WQ&docid=b5kQwW5hSkU&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fb5kQwW5hSkU%3Fcontrols%3D1%26disablekb%3D0%26loop%3D1%26modestbranding%3D1%26rel%3D0%26fs%3D0%26showinfo%3D0%26autoplay%3D1%26playlist%3Db5kQwW5hSkU%26mute%3D1%26enablejsapi%3D1%26origin%3Dhttp%253A%252F%252Ffonderfonds.at%26widgetid%3D1&cmt=4.587&ei=jMNDYLiaFZ6k1gK-oSQ&fmt=243&fs=0&rt=4.874&of=-_xhI4eL4MjOL53E0nwGhA&euri=http%3A%2F%2Ffonderfonds.at%2F&lact=5033&cl=360985524&mos=1&vm=CAEQABgEKiBkbUhLZnNkTEg4b0h6MXBvX2F1Sm9USmdvZ2VsOXdGSDoyQU9HdF9PTEw0V1hOOHZtaUpzdVZvYW44b05hZG5PdDZJQ29wQ1ZpWFpFd2hoRXpJT3c&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210304.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=4&hl=en_US&cr=DE&len=669.601&fexp=23940238%2C23940247%2C23969934%2C23983297%2C23992808%2C23996624%2C24005871%2C24006795%2C24007246%2C24007901%2C24010333&list=TLGGWTG4yOaUC30wNjAzMjAyMQ&afmt=251
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/b5kQwW5hSkU?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=b5kQwW5hSkU&mute=1&enablejsapi=1&origin=http%3A%2F%2Ffonderfonds.at&widgetid=1
X-YouTube-Client-Version
1.20210304.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-YouTube-Ad-Signals
dt=1615053708115&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C640%2C360&vis=1&wgl=true&ca_type=image&bid=ANyPxKrZdzOkWVlQAxEx-ZQoPOvKplIydN1sdq2OoJ1yrSWb6bgxb80TXjljnmWj0oLkwIJ38GdJ-jaMjkIWB_ZQT8Brto_vPg

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 18:01:53 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r3---sn-4g5e6nlk.googlevideo.com/ Frame FE55 		190 KB
191 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nlk.googlevideo.com/videoplayback?expire=1615075308&ei=jMNDYLiaFZ6k1gK-oSQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AH6hcsxMxoetKwYZ7AbMQZyQFfQtBQW1DCo4AjK3B9m6&itag=251&source=youtube&requiressl=yes&mh=u7&mm=31%2C26&mn=sn-4g5e6nlk%2Csn-5goeen7k&ms=au%2Conr&mv=m&mvi=3&pl=41&initcwndbps=532500&vprv=1&mime=audio%2Fwebm&ns=NaTXUHwv0qm5o57Q8ttM6jEF&gir=yes&clen=10892740&dur=669.601&lmt=1589881747647798&mt=1615053398&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=sTMJ1qSqT-2xNA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIge99XH89CksIECEGQYyswCRpY0tmo0hRaHzqfT73HD_sCICoYKK-UfgR5qXNo7oCU3CylFWGLz66194iNwMMJggPH&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANM0eNEVhYBnbqq3uMGNHNlK-o-zRbi3ogw1GJQlOcXWAiATB2S2pPgKh48WQYrDj8QCTC6NggIIpRPZP-y3TZaKzA%3D%3D&alr=yes&cpn=9RqHa536-QpFw7WQ&cver=1.20210304.1.0&range=290598-485500&rn=6&rbuf=13003
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:59::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
735c59413b64de0b2fc39010909ac15283e1d1e3e99838c9f5389aa591e911b1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 18:01:53 GMT
X-Content-Type-Options
nosniff
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
194903
Last-Modified
Tue, 19 May 2020 09:49:07 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
audio/webm
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21295
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
Expires
Sat, 06 Mar 2021 18:01:53 GMT
videogoodput
r2---sn-a5meknzl.googlevideo.com/ Frame FE55 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2---sn-a5meknzl.googlevideo.com/videogoodput?id=o-AHR32i4S_CVFu8rzDt9WoKDyMmANhVBjCOoQYqheL-2k&source=goodput&range=0-4999&expire=1615057308&ip=2a01:4f8:192:5414::2&ms=pm&mm=35&pl=48&nh=IgpwcjAxLmxheDAyKgkxMjcuMC4wLjE&sparams=id,source,range,expire,ip,ms,mm,pl,nh&signature=7D0EEA34BE4A577EF94BEE8EC252E26E997ACE83.499E868B86A295A3C2ABAD98F0C8CE7C67D3F87A&key=cms1&cpn=9RqHa536-QpFw7WQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:2::7 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
305d77a8752c5c0dce5665c3aa9da01688951d445730b2219c7c475d280613ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 18:01:53 GMT
X-Content-Type-Options
nosniff
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
5000
Pragma
no-cache
Last-Modified
Sat, 06 Mar 2021 18:01:53 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| yearDisclaimerNew function| $ function| jQuery object| device object| countries undefined| codeCounty function| insertPhoneCC function| searchCC number| timerInterval number| timer function| come number| time function| repeat function| accountsIncrease number| incrementAccounts number| counter function| onYouTubeIframeAPIReady function| onPlayerReady object| YT object| YTConfig function| onYTReady object| session object| affiliate_id object| domain string| current_url object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| player

5 Cookies

Domain/Path Name / Value
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 1UMNA3vFeSk
fonderfonds.at/ Name: hotdollar20_session
Value: eyJpdiI6ImRtR3ZzU3RHbVo0aDdXbWJQWDdVSWc9PSIsInZhbHVlIjoieWozbnNsREJTRjhjaUYvNENRbWZRSHRIWkdYdzM3c2E4eWV6anAyV1NuVmhidHJoQ1crdldUZmJMOHlmRFlDNFVFWkJSYTJlSHM2Q0Vqa2tDOWZYdk0zOVcvdmpsS3VVUHBOOW5NUWo3S2tEUWQrYTVaemxzK2Rqd3g1ekJjMmMiLCJtYWMiOiI1YmYwYTIxZGU1M2RiMzdmNDU4ODEzNzNhZmQyMGQ3ZTBmOWY3ZWVkMDg2YWE3ZGQxYWEyMzgwZTAxYWU0MDRlIn0%3D
.youtube.com/ Name: YSC
Value: x2y7lwp1jG4
fonderfonds.at/ Name: XSRF-TOKEN
Value: eyJpdiI6IlhyclVJNVR2bXZuVEpiOFdxZXV4bmc9PSIsInZhbHVlIjoiTStDbjRtRXBoVm03NkxwbXVzTFBhbWhkMFlnbG1zZGc4ZGRNbUJqSlJsOHRUMzBEd3hyZ2tEUFduaDUzYXlPaFc4OTFIZkQ1VXJvQmJ5RU5kdHJoamxOeHpMbmhKQXlxdFZCdEpNSk0rTHlNSWNDZDVpckZRZjV5ZVd3QllGMDYiLCJtYWMiOiJjNGEwNTk3YzlmYTg3MmQ4YmQ3ZTZhYWE1ODI0NDA3YTFmZjY1Yzk5MzZlZjQ3MWU1OWY5OGQ1Zjg0YmZhZmI5In0%3D
fonderfonds.at/ Name: visit
Value: eyJpdiI6Iit6Vno4a3d4aXJmbWhjOTRUMnIvMGc9PSIsInZhbHVlIjoiUlFNNkl4Y1dzbHFUL05mQzNwd09UcGh3Y1JLVGM3aXN3YW1BcGpkWnVoRWFtbWJVakYrS1d1bWFNTTdWcW5HZHVWS20ySTZ3UTByRndUV1lrSzQxREpmRlFxRzRpeGdmOG0xQzVMN3VtL2x0RkxVaUg2UnVjMzlKcHBYalNPN211dmFScUZ3REpSbWg2c21UaVU4TmJuekxuQUUxeEovQ2ZiZEVhSXZXekFocVU4Tk95R0t6TFIyeEJsbktUSGk4UHh1cWJwT1BYczVyWmp2RmEySklwNldSMW5oc3pCNGcvRk54M09nUkJMU2ZFUS9oQlBsVGJ6K0NxdUo4S0ZNeThaaUhJVW5DYlpJK0Z2Y0VxQk5NckhEWlFyaUFCUU1NZUdMbDRxTXpndit3Q2t5NGRjd1RBdTBob1c4aUNpR1Rub2tOdHVTWTVZblhlZE5PNU9maUQxQWYwOGF4eWM2WGdwZDlGQkIxZjVRUGZSb3B4UUVaRnIybTR3ZGgvZHBmOFc2YmZ5a0pPb2dGS09RSjdsRG1zS3BLUzc0RThPUTRrNFUvbFhtS0pyRG9uOWcvSERWVUJid0xyKzladVpEeHdDMmVmRDQwc1pBc2RycHlqRUpCV3c9PSIsIm1hYyI6IjNlYTBiMzhhNDE2OWJkYzVlNWNmOGJkYmY3Nzg4OWYwOGExNDBjNzg0MzU4NjZjMjdhNjY0MjNiMTMxNjdkYTYifQ%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
fonderfonds.at
fonts.gstatic.com
googleads.g.doubleclick.net
r2---sn-a5meknzl.googlevideo.com
r3---sn-4g5e6nlk.googlevideo.com
realtyretreiver.com
s.ytimg.com
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
2607:f8b0:4007:2::7
2a00:1450:4001:59::9
2a00:1450:4001:801::200e
2a00:1450:4001:809::2001
2a00:1450:4001:812::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::2006
67.199.248.10
92.114.88.236
95.181.172.133
0388216b3c94943503d61fcbf774581a92c27c323d050c4832c6cc1a8b50c25f
06b4f21c4e8d0a64ec3145169bc13f2da82ef3fda223881d4eed5ee2860b4e0b
0b684a4912dda635c24378b68e19962b5e88501deb8601afe90305ce9e3585f4
0f174b81aaa460f6bd5840e115588286091444b4a241aa70aab4ffb163d49bed
11f9f53d6e668313aabd981e32ac0650d803e248f62f07d4665294a9d772b545
1b6e7d60485d6302ebf157bbca8b790c988bc8ee09f8e34484c9acc35bd69cc8
22124179da4e79adceac7abe423fc21360af24dd44130701b324653bbd2b220d
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
2f967108f972570cc70587bb45277c96042a045923b3c7e07856e8676b1bf853
302363ec4b38d6c84acc7b7a7c806ca17aafa4d089262545ef1eff8a110a5c68
305d77a8752c5c0dce5665c3aa9da01688951d445730b2219c7c475d280613ce
31a2122d72133636252b85ec92f056c15518f3d16600c43875e1454f9fe37d2a
39728ed30773954d52fe546ebf9850c623c28d6650ba061ea7120aea2277d7f5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f571002edbd9f9ae70f1b86811e4f40d91e41c6e6b12bae9a7e8ddc27b16050
40edf2ebbbaf6c1e77d25d0d1260669397cbf6e1cf7bd7a38655783db7bf7f9e
44427cb2a51e54cca2cb648212f313ce64433ce7454e3df0c386c0156e98e36a
46f87edccd58edd2f7ffba4ea616912cc4a7d14a0d4378f1ea973614926adc80
5403d7af7a0adfb77adf677f3e3b5c38d3555a484d0bc60340c5cfa08fab6f64
55e988cd1a64c6bc67610ddcc9cb1397bc0c65fd7f2d4704ec4cc6d1b65a557c
575ade33ee74c627918d75a53d1a1d846d54c866ede92999cb27a9f29eeb9476
58825c638778d2dd77c526fa9d2c85107007565d890f46b285f51ab2ef6b5787
5df1a11f9a98aa7fdbbbbf73d6f12da660160427cdec63bdcec4a5bec15fca62
60ec84dd57b4bb768d51e84907a80618457c0bf42e304390153a74b81218d9c0
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6d2696d6ec59221e391551d98e4126dd1508a0088098889c3daed664458650d6
6dff14e12abf3f9adb52718e1f4e4972ca92e89c5c5e629d50ae9c5d7d12097e
7127faab2dcbc0faffa232b985efc0824f20de905ce6236d3b2fd91487261f29
72f5dc31121e315e5c2c9523f117d98c7cb6a3eef33b762695054fa8903165fe
735c59413b64de0b2fc39010909ac15283e1d1e3e99838c9f5389aa591e911b1
752e77a35ad532f2ee86c338a7ac5984826b31f332b8f8fe9cbe1feb333f4cb6
761847fa129a994e4d2e03812bf7117768ae331c633605c402ace4822f15be14
7ec7dab4829888dfc54301f9f680bbcf1908523d49f3f6549a101a1481103e52
86f67a9118325764fc8590b1be174a6247615f5643cae7118560d2824c67e1ab
90430103360258c9372c8309173c4022120fb9dbbf2d6b353646a9ba76a21428
9140cb9ad80ddb7e6d427eeda194c03a1ccdbd347e8f0dc52dffd9c22ba88e47
9d6b8750ade4c3b0b1f9dfa23246b21012542cd251c64045441d4791e17f15b1
a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a32e5568e4f9004cd16f6cf5c4e1b20240bf0732d19872ca94546e4867ae7664
aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860
aa4fe92e09f94671f24e453a8cf9527c0851f65b608c7f9fab304608353ae354
ab7809ad7b746d18a0f59960c5c0dcf95446de8753a29cd59db589304fe2806d
ae55d2043f04460459fa4e90d09d91cf457ee5105b50b918edfe98fe62089e3f
b76dcb420697833bb122c18476d7d0be6d0e4bc4e8e5e3e40f4cf92908d57def
b9de670fa01f21580f6c9e8e01c0a1a697cf2062b2d5321f76bd44d8af8b93dd
bbeda48c246539f4377aded36d766df4c2540cf8526b8ac969ada167376421e4
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
d008818fa4c6e8ddaaa13c4128783545938e9e423711119c243785a74d3a7ab8
d506a67aa9b0a2ef837f78a6a8eef68ed7c567bd4c441c98ec67932b690970cd
d6d1f0f7c29c75c0bf3f35fdb95ef16b1ca016bce397885dcb56c6c8c0b8367f
da5fef44142e203dc5d147181556ac359870d4c9bc92602c057a8c0dba73cd4c
dad318f3739d53ee9cb7f2a8b53a8f3a4476e7631000d082783f5f2b2f49680c
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c27665e0436f40e8a150b9c2205a3836be636c02b294534e7b5b3740f895e3
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4
ef49acb69473f036b75e49d70f586bacd988120beff2a5814f99fe8a77cc147a
f7a8aeacb5d1adba0f3eb014cf3117011f4ee9f5aaa36f939334473288906733
f8a64e49e9cd7f866c8c561365f0ede644156ab684b1e741ed0ce9993c472a97
ff84b4572a90f0171e0504356c503108a15bcd85a8f5bb2a7dae6919d9d14d06