portal.australianretirementtrust.com.au Open in urlscan Pro
20.70.226.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.dc2.pageuppeople.com/ss/c/U4FeNKIRdunJqUNYa2vwM291YrkTdv9gEs7Wf7xptGtqLiClogKlvkQKvKh5_0uJgG7EzkyXOblG8bT1Yduy3FKxZFV...
Effective URL:
https://portal.australianretirementtrust.com.au/virginaustralia01
Submission: On May 10 via manual (May 10th 2022, 1:53:22 pm UTC) from AU — Scanned from DE

Summary HTTP 69 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 69 HTTP transactions. The main IP is 20.70.226.3, located in Sydney, Australia and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is portal.australianretirementtrust.com.au.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 28th 2022. Valid for: a year.

This is the only time portal.australianretirementtrust.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:215... 2600:9000:2156:3a00:16:5c6c:36c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 10	20.70.226.3 20.70.226.3	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2620:1ec:49::45 2620:1ec:49::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2016	15169 (GOOGLE) (GOOGLE)
2	13.69.106.88 13.69.106.88	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
69	16

1 2600:9000:2156:3a00:16:5c6c:36c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

links.dc2.pageuppeople.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 20.70.226.3 (Sydney, Australia) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.australianretirementtrust.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
portal.australianretirementtrust.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2620:1ec:49::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cdn.australianretirementtrust.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.106.88 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	youtube.com www.youtube.com — Cisco Umbrella Rank: 88	1 MB
20	australianretirementtrust.com.au 1 redirects www.australianretirementtrust.com.au portal.australianretirementtrust.com.au cdn.australianretirementtrust.com.au	661 KB
8	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 336	44 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 static.doubleclick.net — Cisco Umbrella Rank: 419	2 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	65 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 1106	304 B
2	google.com www.google.com — Cisco Umbrella Rank: 20	27 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	172 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 102	30 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 191	3 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	20 KB
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 3373	22 KB
1	pageuppeople.com 1 redirects links.dc2.pageuppeople.com	300 B
69	13

	Domain	Requested by
20	www.youtube.com	portal.australianretirementtrust.com.au www.youtube.com www.googletagmanager.com
10	cdn.australianretirementtrust.com.au	portal.australianretirementtrust.com.au
9	portal.australianretirementtrust.com.au	portal.australianretirementtrust.com.au
8	jnn-pa.googleapis.com	www.youtube.com
4	www.gstatic.com	www.youtube.com www.gstatic.com
4	googleads.g.doubleclick.net	2 redirects www.youtube.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	www.google.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	www.googletagmanager.com	portal.australianretirementtrust.com.au www.googletagmanager.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google-analytics.com	www.googletagmanager.com
1	az416426.vo.msecnd.net	portal.australianretirementtrust.com.au
1	www.australianretirementtrust.com.au	1 redirects
1	links.dc2.pageuppeople.com	1 redirects
69	17

This site contains links to these domains. Also see Links.

Domain
www.australianretirementtrust.com.au
cdn.australianretirementtrust.com.au
member.secure.australianretirementtrust.com.au
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
portal.AustralianRetirementTrust.com.au DigiCert SHA2 Extended Validation Server CA	`2022-01-28` - `2023-01-27`	a year	crt.sh
cdn.AustralianRetirementTrust.com.au DigiCert TLS RSA SHA256 2020 CA1	`2022-02-16` - `2023-02-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 01	`2022-05-07` - `2023-05-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://portal.australianretirementtrust.com.au/virginaustralia01
Frame ID: C19C207BC0D65C047C7C83F6016DECB3
Requests: 26 HTTP requests in this frame

Frame: https://www.youtube.com/embed/E0XjzYo39FE?enablejsapi=1&origin=https%3A%2F%2Fportal.australianretirementtrust.com.au
Frame ID: 2DADBA9C35827A363883FA3E3CACF3FB
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Virgin Australia Employee Portal

Page URL History Show full URLs

https://links.dc2.pageuppeople.com/ss/c/U4FeNKIRdunJqUNYa2vwM291YrkTdv9gEs7Wf7xptGtqLiClogKlvkQKvKh5_0uJgG7Ezky... HTTP 302
https://www.australianretirementtrust.com.au/virginaustralia01 HTTP 301
https://portal.australianretirementtrust.com.au/virginaustralia01 Page URL

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

69
Requests

94 %
HTTPS

88 %
IPv6

13
Domains

17
Subdomains

16
IPs

4
Countries

2560 kB
Transfer

7561 kB
Size

9
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://www.australianretirementtrust.com.au/account/login-register?emp=579bff09037444d0b5ae4950b28a3a99
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.australianretirementtrust.com.au/about?emp=579bff09037444d0b5ae4950b28a3a99
Title: Find out more

Search URL Search Domain Scan URL

URL: https://www.australianretirementtrust.com.au/contact-us?emp=579bff09037444d0b5ae4950b28a3a99
Title: Contact us

Search URL Search Domain Scan URL

URL: https://www.australianretirementtrust.com.au/?emp=579bff09037444d0b5ae4950b28a3a99
Title: Australian Retirement Trust website

Search URL Search Domain Scan URL

URL: https://cdn.australianretirementtrust.com.au/library/media/employer-portals/documents/virgin/c59258_virgin_pds.pdf?rev=d979db8fe3fb43c0b7a17d57b0291110
Title: Super Savings – Corporate PDS [pdf, 2MB]

Search URL Search Domain Scan URL

URL: https://cdn.australianretirementtrust.com.au/library/media/employer-portals/documents/virgin/c59258_virgin_cig.pdf?rev=35bc15fcf63946268e743574c9768569
Title: Super Savings – Corporate Insurance guide [pdf, 734.2KB]

Search URL Search Domain Scan URL

URL: https://cdn.australianretirementtrust.com.au/library/media/pdfs/pds/super-savings-guide.pdf?rev=c6faa0a3d1c94c9082fc64a56ba05f53
Title: Super Savings guide [pdf, 6.5MB]

Search URL Search Domain Scan URL

URL: https://cdn.australianretirementtrust.com.au/library/media/pdfs/pds/super-savings-investment-guide.pdf?rev=cc4dfd28d30d41d9990b9cfe256b9e30
Title: Super Savings Investment guide [pdf, 6.5MB]

Search URL Search Domain Scan URL

URL: https://www.australianretirementtrust.com.au/tmd
Title: Target Market Determinations

Search URL Search Domain Scan URL

URL: https://cdn.australianretirementtrust.com.au/library/media/employer-portals/documents/virgin/virgin_maf.pdf?rev=e54c4995fed14bd39818a6af5b6321c0
Title: Membership application form [pdf, 322.7KB]

Search URL Search Domain Scan URL

URL: https://cdn.australianretirementtrust.com.au/library/media/employer-portals/documents/virgin/virgin_transfer.pdf?rev=852982eb4d1f4838b3ee1b01d5463811
Title: Transfer of insurance cover form [pdf, 372.8KB]

Search URL Search Domain Scan URL

URL: https://cdn.australianretirementtrust.com.au/library/media/employer-portals/documents/virgin/virgin_coic.pdf?rev=8bcdcd06c55b4c09a5db99a123b42acb
Title: Change of insurance cover form [pdf, 486.6KB]

Search URL Search Domain Scan URL

URL: https://cdn.australianretirementtrust.com.au/library/media/employer-portals/documents/virgin/virgin_phs.pdf?rev=5ae869aafd19454f99c911c41e753700
Title: Personal health summary [pdf, 416KB]

Search URL Search Domain Scan URL

URL: https://cdn.australianretirementtrust.com.au/library/media/pdfs/forms/binding-death-benefit-nomination-form.pdf?rev=0cab5aa93f1d444498da51294ee181f8
Title: Binding death benefit nomination [pdf, 373.6KB]

Search URL Search Domain Scan URL

URL: https://cdn.australianretirementtrust.com.au/library/media/employer-portals/documents/sflc-forms/ssc_consolidate-your-super.pdf?rev=26b8a52e084545f4a6d4b135458d241a
Title: Consolidate your super form [pdf, 268.3KB]

Search URL Search Domain Scan URL

URL: https://cdn.australianretirementtrust.com.au/library/media/employer-portals/documents/new-starter-flyers/c59258---virgin-australia---nsf---lr.pdf?rev=d8ee4befad0e491baef541e48f90ea1d
Title: New Starter Flyer - Virgin Australia [pdf, 368.3KB]

Search URL Search Domain Scan URL

URL: https://cdn.australianretirementtrust.com.au/library/media/employer-portals/documents/selecting-art-forms/virgin-australia_selecting-art.pdf?rev=cc28be6f7804413fac4b3797454ced64
Title: Virgin Australia - Selecting Australian Retirement Trust [pdf, 180.4KB]

Search URL Search Domain Scan URL

URL: https://cdn.australianretirementtrust.com.au/library/media/employer-portals/documents/virgin/virgin_insurance-calculator.xlsx?rev=8f9c9ddfe7ab4e6f9530d7b98aa95bc2
Title: Virgin Australia Insurance Calculator [xlsx, 2.9MB]

Search URL Search Domain Scan URL

URL: https://cdn.australianretirementtrust.com.au/library/media/employer-portals/documents/virgin/virgin_flight-crew_key-factsheet.pdf?rev=ea92862a71fe4321960b18433df78f3c
Title: Key Facts Sheet for Aircrew (Flight Crew) [pdf, 242.9KB]

Search URL Search Domain Scan URL

URL: https://cdn.australianretirementtrust.com.au/library/media/employer-portals/documents/virgin/virgin_other_key-factsheet.pdf?rev=70e4984cfbac46ff8d85e9b2a352d432
Title: Key Facts Sheet for others - Staff, Aircrew (Cabin Crew), Virgin Tech, Ground Operations & Casuals [pdf, 239.9KB]

Search URL Search Domain Scan URL

URL: https://member.secure.australianretirementtrust.com.au/
Title: Click here to login

Search URL Search Domain Scan URL

URL: https://www.australianretirementtrust.com.au/account/register
Title: Click here to Register

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/au/app/sunsuper/id1232128380

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.sunsuper.prod

Search URL Search Domain Scan URL

URL: https://www.australianretirementtrust.com.au/about/why-choose-us/mobile-app
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.australianretirementtrust.com.au/rewards
Title: Check out Rewards

Search URL Search Domain Scan URL

URL: https://www.australianretirementtrust.com.au/about/why-choose-us
Title: Find out more

Search URL Search Domain Scan URL

URL: https://www.australianretirementtrust.com.au/
Title: Australian Retirement Trust Website

Search URL Search Domain Scan URL

URL: https://www.australianretirementtrust.com.au/disclaimers-and-disclosures/disclaimer
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://www.australianretirementtrust.com.au/disclaimers-and-disclosures/privacy-policy
Title: Australian Retirement Trust Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.australianretirementtrust.com.au/disclaimers-and-disclosures/financial-services-guides
Title: Financial Services Guide

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.dc2.pageuppeople.com/ss/c/U4FeNKIRdunJqUNYa2vwM291YrkTdv9gEs7Wf7xptGtqLiClogKlvkQKvKh5_0uJgG7EzkyXOblG8bT1Yduy3FKxZFV_tOGUgJvdyXmaAY0/3lv/wK1nfpPgQQ-JlrpGx3w_EA/h5/0SGacz2f6w_F2u8lbVFu4UAhpDppfXqmOHIKRm_WEqs HTTP 302
https://www.australianretirementtrust.com.au/virginaustralia01 HTTP 301
https://portal.australianretirementtrust.com.au/virginaustralia01 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 54

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

69 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request virginaustralia01 Show response
portal.australianretirementtrust.com.au/
Redirect Chain

https://links.dc2.pageuppeople.com/ss/c/U4FeNKIRdunJqUNYa2vwM291YrkTdv9gEs7Wf7xptGtqLiClogKlvkQKvKh5_0uJgG7EzkyXOblG8bT1Yduy3FKxZFV_tOGUgJvdyXmaAY0/3lv/wK1nfpPgQQ-JlrpGx3w_EA/h5/0SGacz2f6w_F2u8lbVF...
https://www.australianretirementtrust.com.au/virginaustralia01
https://portal.australianretirementtrust.com.au/virginaustralia01

41 KB
10 KB

925ms
339ms

Document
text/html

20.70.226.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.australianretirementtrust.com.au/virginaustralia01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.70.226.3 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0ace5e96903e1472e329c1c541c5691710080b51b5ba5d6f1977f75f9c3c5b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-length: 9848
content-type: text/html; charset=utf-8
date: Tue, 10 May 2022 13:53:15 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: no-cache, no-store
content-length: 0
content-type: text/html
date: Tue, 10 May 2022 13:53:14 GMT
expires: -1
location: https://portal.australianretirementtrust.com.au/virginaustralia01
pragma: no-cache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 portal.min.css
portal.australianretirementtrust.com.au/Assets/styles/ 172 KB
39 KB 864ms
863ms Stylesheet
text/css 20.70.226.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.australianretirementtrust.com.au/Assets/styles/portal.min.css

Requested by

Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/virginaustralia01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.70.226.3 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c581a5e1046176956515e942d21d4eccdb7bac9aaab79f45a0724eeaad08d01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/virginaustralia01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 03 May 2022 01:14:30 GMT
etag: "09fb5238b5ed81:0"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public,max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 40019

GET
H2 200 logo-header.svg
cdn.australianretirementtrust.com.au/library/media/images/shared/logos/ 9 KB
3 KB 608ms
58ms Image
image/svg+xml 2620:1ec:49::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.australianretirementtrust.com.au/library/media/images/shared/logos/logo-header.svg?rev=f30628fcaa14465e954c05fcccfc403d

Requested by

Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/virginaustralia01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f3581c94cc20a1c249696850c69ac433ea2a81dac92f0e6cddfd9ea45db9965e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 14 Apr 2022 00:25:30 GMT
x-azure-ref-originshield: 0S256YgAAAACK5xScKENyR7NZLZeSildZQU1TMDRFREdFMTgyMgAxZjAyNWYzMS1kNjg0LTRhMWUtOTkxMS0zMDdjZDFmM2YxMDI=
etag: b256669e25624873b280bfef252a5ae1
x-frame-options: SAMEORIGIN
x-cache: TCP_REMOTE_HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
date: Tue, 10 May 2022 13:53:15 GMT
x-azure-ref: 0S256YgAAAACfxSiKjaEFRKXTovtEZsLaRlJBMjMxMDUwNDIwMDM1ADFmMDI1ZjMxLWQ2ODQtNGExZS05OTExLTMwN2NkMWYzZjEwMg==

GET
H2 200 virgin-logo.png
cdn.australianretirementtrust.com.au/library/media/employer-portals/logos/ 24 KB
24 KB 1919ms
1371ms Image
image/png 2620:1ec:49::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.australianretirementtrust.com.au/library/media/employer-portals/logos/virgin-logo.png?rev=0b13565a25b64035b274701b37e1078b

Requested by

Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/virginaustralia01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4618aaafc626132af62dd6f5ebaa2b85ec0efbc98bbbb9828a91b743b7319836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 29 Jul 2021 00:49:27 GMT
x-azure-ref-originshield: 0S256YgAAAACRuCMLIMDaRboZnD4FxqFeQU1TMDRFREdFMTgyMgAxZjAyNWYzMS1kNjg0LTRhMWUtOTkxMS0zMDdjZDFmM2YxMDI=
etag: 170ddf9add354a89a2ecfb2141b177c7
x-frame-options: SAMEORIGIN
x-cache: TCP_MISS
content-type: image/png
cache-control: public, max-age=31536000
date: Tue, 10 May 2022 13:53:16 GMT
x-azure-ref: 0S256YgAAAADbg/f/Kg5iSqKkK9ULpBZ8RlJBMjMxMDUwNDIwMDM1ADFmMDI1ZjMxLWQ2ODQtNGExZS05OTExLTMwN2NkMWYzZjEwMg==
content-length: 24299

GET
H2 200 add.svg
portal.australianretirementtrust.com.au/Assets/icons/ 568 B
830 B 283ms
281ms Image
image/svg+xml 20.70.226.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.australianretirementtrust.com.au/Assets/icons/add.svg

Requested by

Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/virginaustralia01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.70.226.3 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

66dd0ba9c7c493627d4b01755d724dce2083c338d609181af112d7a6c4524365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/virginaustralia01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:53:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 May 2022 01:14:30 GMT
etag: "09fb5238b5ed81:0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 568

GET
H2 200 remove.svg
portal.australianretirementtrust.com.au/Assets/icons/ 528 B
790 B 534ms
532ms Image
image/svg+xml 20.70.226.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.australianretirementtrust.com.au/Assets/icons/remove.svg

Requested by

Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/virginaustralia01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.70.226.3 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

22610155ce9a125b70ed3a689d7925941f0574a78acc3e263246351d9e26bbbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/virginaustralia01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:53:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 May 2022 01:14:30 GMT
etag: "09fb5238b5ed81:0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 528

GET
H2 200 app_store.png
cdn.australianretirementtrust.com.au/library/media/images/shared/icons/ 3 KB
3 KB 757ms
209ms Image
image/png 2620:1ec:49::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.australianretirementtrust.com.au/library/media/images/shared/icons/app_store.png?rev=bc78049fec314163a5491e82c232f102

Requested by

Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/virginaustralia01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

156044ff76a760eb4aa8d727e3bac7e6abc33a560cf9dfac74fcbf1c688071e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 00:37:43 GMT
x-azure-ref-originshield: 0S256YgAAAABTGaCLYXUvTL1ozR1LjD8MQU1TMDRFREdFMTgwNwAxZjAyNWYzMS1kNjg0LTRhMWUtOTkxMS0zMDdjZDFmM2YxMDI=
etag: ed893e4b0ff1461594dc2a633baf0945
x-frame-options: SAMEORIGIN
x-cache: TCP_REMOTE_HIT
content-type: image/png
cache-control: public, max-age=31536000
date: Tue, 10 May 2022 13:53:15 GMT
x-azure-ref: 0S256YgAAAAAbjD7n1JIyQaKlDgJ7QyMbRlJBMjMxMDUwNDIwMDM1ADFmMDI1ZjMxLWQ2ODQtNGExZS05OTExLTMwN2NkMWYzZjEwMg==
content-length: 2974

GET
H2 200 google_play.png
cdn.australianretirementtrust.com.au/library/media/images/shared/icons/ 4 KB
4 KB 608ms
61ms Image
image/png 2620:1ec:49::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.australianretirementtrust.com.au/library/media/images/shared/icons/google_play.png?rev=9f901fbda4d54950a63284dd74c4624c

Requested by

Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/virginaustralia01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3b67743bc83d2099a76cfe80a1a4edbe3dd65194da71ce030e4d030e9beb8b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 04:08:47 GMT
x-azure-ref-originshield: 0S256YgAAAABhAh9jmHEYTbQCz+sn0vfvQU1TMDRFREdFMTkwOAAxZjAyNWYzMS1kNjg0LTRhMWUtOTkxMS0zMDdjZDFmM2YxMDI=
etag: b491415be9b246ea904423080037726b
x-frame-options: SAMEORIGIN
x-cache: TCP_REMOTE_HIT
content-type: image/png
cache-control: public, max-age=31536000
date: Tue, 10 May 2022 13:53:15 GMT
x-azure-ref: 0S256YgAAAADUe2sVV/zhSKnbtkjuKYeHRlJBMjMxMDUwNDIwMDM1ADFmMDI1ZjMxLWQ2ODQtNGExZS05OTExLTMwN2NkMWYzZjEwMg==
content-length: 3728

GET
H2 200 banner_stapling_600x600.png
cdn.australianretirementtrust.com.au/library/media/employer-portals/design-assets/art_brand-imagery/ 28 KB
28 KB 1897ms
1350ms Image
image/png 2620:1ec:49::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.australianretirementtrust.com.au/library/media/employer-portals/design-assets/art_brand-imagery/banner_stapling_600x600.png?h=600&iar=0&w=600&rev=e2425c66fe9146eea401e2ab82003792&hash=F477F0C9D8BA3113FBCF1CF166C0EDB8

Requested by

Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/virginaustralia01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e42b5c4157a022222c7429eb236bc4ddacfc2c4c2338b5d5eb3d1cabc50ee1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-azure-ref-originshield: 0S256YgAAAAAmFpYDmMnqS7AeTR0qJfHjQU1TMDRFREdFMTgxMwAxZjAyNWYzMS1kNjg0LTRhMWUtOTkxMS0zMDdjZDFmM2YxMDI=
date: Tue, 10 May 2022 13:53:16 GMT
x-frame-options: SAMEORIGIN
x-cache: PRIVATE_NOSTORE
content-type: image/png
cache-control: private
x-azure-ref: 0S256YgAAAABTxu04wWPlRLYWpDpCgtCPRlJBMjMxMDUwNDIwMDM1ADFmMDI1ZjMxLWQ2ODQtNGExZS05OTExLTMwN2NkMWYzZjEwMg==
content-disposition: attachment; filename="Banner_Stapling_600x600.png"
x-robots-tag: noindex, nofollow

GET
H2 200 portal.min.js Show response
portal.australianretirementtrust.com.au/Assets/js/ 155 KB
66 KB 608ms
606ms Script
application/x-javascript 20.70.226.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.australianretirementtrust.com.au/Assets/js/portal.min.js

Requested by

Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/virginaustralia01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.70.226.3 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1b425fa6cb06c3d59a8269bdbe961cb9f0f121c9dbdad6eebb9ecbc02353a353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/virginaustralia01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 03 May 2022 01:14:30 GMT
etag: "09fb5238b5ed81:0"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public,max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 379 KB
104 KB 71ms
46ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PXGLQRG

Requested by

Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/virginaustralia01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bdbf15df7d7968ab3394207a311de75686476d80d430bd64583b168ea2c4dbe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:53:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105984
x-xss-protection: 0
last-modified: Tue, 10 May 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 May 2022 13:53:15 GMT

GET
H2 200 sprite.svg
portal.australianretirementtrust.com.au/Assets/resources/images/icons/ 125 KB
39 KB 281ms
281ms Other
image/svg+xml 20.70.226.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.australianretirementtrust.com.au/Assets/resources/images/icons/sprite.svg

Requested by

Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/virginaustralia01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.70.226.3 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

86b3948dbd69c14a926646321f15c76891b45b72d45d5f5c6a911e36e36fd2e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/virginaustralia01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 03 May 2022 01:14:30 GMT
etag: "09fb5238b5ed81:0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 39391

GET
H2 200 E0XjzYo39FE Show response
www.youtube.com/embed/ Frame 2DAD 61 KB
26 KB 94ms
71ms Document
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/E0XjzYo39FE

Requested by

Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/virginaustralia01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f0fae90919f1021b81a8486db8f36bf6f2263fd70b1499c596f8d2d6a28f8b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portal.australianretirementtrust.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Tue, 10 May 2022 13:53:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 37ms
8ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/virginaustralia01
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 10 May 2022 13:53:15 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 832
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/8FA5)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8d711116-201e-0042-5b73-6451f5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Tue, 10 May 2022 14:23:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CG7LRQMSFN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXGLQRG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb2f08e1452b5f75c7077b694ff19f14745316a0824bd01006149ecbf5c5357c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:53:15 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69021
x-xss-protection: 0
expires: Tue, 10 May 2022 13:53:15 GMT

GET
H2 200 employer-microsites-chosen-option_blue.jpg
cdn.australianretirementtrust.com.au/library/media/employer-portals/design-assets/art_brand-imagery/ 138 KB
138 KB 2249ms
1844ms Image
image/jpeg 2620:1ec:49::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.australianretirementtrust.com.au/library/media/employer-portals/design-assets/art_brand-imagery/employer-microsites-chosen-option_blue.jpg?rev=f3037e95183e43999307660709a40195

Requested by

Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/virginaustralia01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8a26c2c09cc5fa32b6cedcb73d06ce3d799323f3e7b50f0ed331aa6444ede7f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 26 Feb 2022 04:20:15 GMT
x-azure-ref-originshield: 0S256YgAAAABMs2VQdTQlR7UZTMdmVUiYQU1TMDRFREdFMTgwOAAxZjAyNWYzMS1kNjg0LTRhMWUtOTkxMS0zMDdjZDFmM2YxMDI=
etag: b6b4f57c940e45a68898feb4f4086a27
x-frame-options: SAMEORIGIN
x-cache: TCP_MISS
content-type: image/jpeg
cache-control: public, max-age=31536000
date: Tue, 10 May 2022 13:53:17 GMT
x-azure-ref: 0S256YgAAAABAwpuQL8NCRZQ+DHb9yTytRlJBMjMxMDUwNDIwMDM1ADFmMDI1ZjMxLWQ2ODQtNGExZS05OTExLTMwN2NkMWYzZjEwMg==
content-length: 140933

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXGLQRG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1105
date: Tue, 10 May 2022 13:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 10 May 2022 15:34:50 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/53aba266/ Frame 2DAD 335 KB
46 KB 9ms
7ms Stylesheet
text/css 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/53aba266/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E0XjzYo39FE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba2b65836b472334c8abe1133ccdd57f61ccc6ae8c64dfad891735b080475611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E0XjzYo39FE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 14:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47149
x-xss-protection: 0
last-modified: Mon, 09 May 2022 00:15:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 14:56:21 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/53aba266/www-embed-player.vflset/ Frame 2DAD 278 KB
86 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/53aba266/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E0XjzYo39FE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a73a3aa1673bb8d546ab0d2d6c078d0e8da5bf9b8c26f7b78d6a6364688d7d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E0XjzYo39FE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 14:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87544
x-xss-protection: 0
last-modified: Mon, 09 May 2022 00:15:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 14:56:21 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/ Frame 2DAD 2 MB
527 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E0XjzYo39FE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f06f7e9b522dcf94576e103b754151e4f55fd21bfc284d10a50ab7562ef5eb66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E0XjzYo39FE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 14:56:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 539386
x-xss-protection: 0
last-modified: Mon, 09 May 2022 00:15:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 14:56:36 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/53aba266/fetch-polyfill.vflset/ Frame 2DAD 9 KB
3 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/53aba266/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E0XjzYo39FE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E0XjzYo39FE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 14:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 09 May 2022 00:15:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 14:56:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2DAD 15 KB
16 KB 49ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E0XjzYo39FE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 593194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 03 May 2023 17:06:41 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 2DAD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

33ms
17ms

XHR
application/json

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E0XjzYo39FE

Protocol

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac908af27bff6e75bbf58a166ce510862dd2f36f1efcbe9f5d954fbdef68477b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 10 May 2022 13:53:15 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 2DAD 29 B
588 B 36ms
7ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/53aba266/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:44:42 GMT
x-content-type-options: nosniff
age: 513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 May 2022 13:59:42 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 53ms
15ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 10 May 2022 13:53:15 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2DAD 45 KB
22 KB 37ms
21ms XHR
application/json+protobuf 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bbd5f5be4610af5e215b1e5522d86229739183d20df8767e58bbb6a450113dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 10 May 2022 13:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 22342
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/ Frame 2DAD 119 KB
37 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

179f5e88179952fdc29519d9988794b56493ceba3ba062a9ff9f93ed82f9c264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E0XjzYo39FE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 14:58:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37776
x-xss-protection: 0
last-modified: Mon, 09 May 2022 00:15:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 14:58:34 GMT

GET
H2 200 pnS8W8CLkwK18al8dwuWUw6UNwvOiNhGGw5Co3IGe3M.js Show response
www.google.com/js/th/ Frame 2DAD 35 KB
14 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/pnS8W8CLkwK18al8dwuWUw6UNwvOiNhGGw5Co3IGe3M.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a674bc5bc08b9302b5f1a97c770b96530e94370bce88d8461b0e42a372067b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 05:04:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 550108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13672
x-xss-protection: 0
last-modified: Mon, 02 May 2022 14:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 May 2023 05:04:47 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/ Frame 2DAD 27 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23de822b07dd197caedd3021b803c918961ef059558269de46268559453a5738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E0XjzYo39FE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 14:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82594
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8104
x-xss-protection: 0
last-modified: Mon, 09 May 2022 00:15:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 14:56:41 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 2DAD 4 KB
3 KB 44ms
19ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 May 2022 13:53:15 GMT

GET
DATA 200
OK truncated
/ Frame 2DAD 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 CfwFQ8BWGAPZEZYyKYAlEQ4c0YWOuSzx8-ikFoh8nBNt2hzyjWwixzeGwtAfAboC_ISXYAzGxq8=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 2DAD 2 KB
3 KB 458ms
428ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/CfwFQ8BWGAPZEZYyKYAlEQ4c0YWOuSzx8-ikFoh8nBNt2hzyjWwixzeGwtAfAboC_ISXYAzGxq8=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E0XjzYo39FE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

76eb441647f33d146a4f286f38a19f1365ca33dbd2a9809f8816102abcf12c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:53:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2217
x-xss-protection: 0
expires: Wed, 11 May 2022 13:53:16 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/E0XjzYo39FE/ Frame 2DAD 30 KB
30 KB 77ms
46ms Image
image/jpeg 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/E0XjzYo39FE/hqdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E0XjzYo39FE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2077f0d717a83655d80257da1e922b16f47fd29b2981e9682c48958b336c886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:53:15 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30248
x-xss-protection: 0
server: sffe
etag: "1646603408"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 May 2022 15:53:15 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 2DAD 0
9 B 8ms
7ms Image
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?_DJsHA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/E0XjzYo39FE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E0XjzYo39FE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:53:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/101/ Frame 2DAD 52 KB
15 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/101/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f69d70bf8ce1e473f3659ee6c746035ae11ebbe9383c1857783e300458667e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 16:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15395
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 19:36:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 10 May 2022 16:33:32 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2DAD 98 B
142 B 19ms
19ms XHR
application/json+protobuf 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2f9b1ad3771345d65bdd807fd077cb6db3a72d8f063359eed5a07d0ebae8898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 10 May 2022 13:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 10 May 2022 13:53:15 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 merriweather-700.woff2
portal.australianretirementtrust.com.au/Assets/resources/fonts/ 18 KB
19 KB 274ms
272ms Font
font/woff2 20.70.226.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.australianretirementtrust.com.au/Assets/resources/fonts/merriweather-700.woff2

Requested by

Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/Assets/styles/portal.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.70.226.3 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://portal.australianretirementtrust.com.au/Assets/styles/portal.min.css
Origin: https://portal.australianretirementtrust.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:53:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 May 2022 01:14:30 GMT
etag: "09fb5238b5ed81:0"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18924

GET
H2 200 noto-sans-regular.woff2
portal.australianretirementtrust.com.au/Assets/resources/fonts/ 16 KB
16 KB 265ms
263ms Font
font/woff2 20.70.226.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.australianretirementtrust.com.au/Assets/resources/fonts/noto-sans-regular.woff2

Requested by

Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/Assets/styles/portal.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.70.226.3 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://portal.australianretirementtrust.com.au/Assets/styles/portal.min.css
Origin: https://portal.australianretirementtrust.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:53:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 May 2022 01:14:30 GMT
etag: "09fb5238b5ed81:0"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 16056

GET
H2 200 noto-sans-700.woff2
portal.australianretirementtrust.com.au/Assets/resources/fonts/ 16 KB
16 KB 301ms
300ms Font
font/woff2 20.70.226.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.australianretirementtrust.com.au/Assets/resources/fonts/noto-sans-700.woff2

Requested by

Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/Assets/styles/portal.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.70.226.3 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://portal.australianretirementtrust.com.au/Assets/styles/portal.min.css
Origin: https://portal.australianretirementtrust.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:53:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 May 2022 01:14:30 GMT
etag: "09fb5238b5ed81:0"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 16180

GET
H2 200 card_manage-super-online.png
cdn.australianretirementtrust.com.au/library/media/employer-portals/design-assets/art_brand-imagery/ 10 KB
10 KB 1077ms
1076ms Image
image/png 2620:1ec:49::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.australianretirementtrust.com.au/library/media/employer-portals/design-assets/art_brand-imagery/card_manage-super-online.png?rev=3c4b50927ac44095a0359ac3141e7b35

Requested by

Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/virginaustralia01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cc28057eaa643bf8b0bf8bab5a5f8839801b44819138905be74268cd018a6bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-azure-ref-originshield: 0TG56YgAAAAB9VjwX8hqcSb8VlmaLnLarQU1TMDRFREdFMTgxNQAxZjAyNWYzMS1kNjg0LTRhMWUtOTkxMS0zMDdjZDFmM2YxMDI=
date: Tue, 10 May 2022 13:53:17 GMT
x-frame-options: SAMEORIGIN
x-cache: PRIVATE_NOSTORE
content-type: image/png
cache-control: private
x-azure-ref: 0TG56YgAAAADc/8ZJF8YBRKrfnLGKkGIPRlJBMjMxMDUwNDIwMDM1ADFmMDI1ZjMxLWQ2ODQtNGExZS05OTExLTMwN2NkMWYzZjEwMg==
content-disposition: attachment; filename="Card_manage-super-online.png"
x-robots-tag: noindex, nofollow

GET
H2 200 card_art-app.png
cdn.australianretirementtrust.com.au/library/media/employer-portals/design-assets/art_brand-imagery/ 87 KB
87 KB 1567ms
1566ms Image
image/png 2620:1ec:49::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.australianretirementtrust.com.au/library/media/employer-portals/design-assets/art_brand-imagery/card_art-app.png?rev=1a6e68c5b5104a8e8b4261d1d7063aae

Requested by

Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/virginaustralia01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

625470a950742ed49d9926a42808026112f4448041217482146f28d9e294349b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-azure-ref-originshield: 0TG56YgAAAAC46rPXKPyFS5srhw2uo5ghQU1TMDRFREdFMTkwOQAxZjAyNWYzMS1kNjg0LTRhMWUtOTkxMS0zMDdjZDFmM2YxMDI=
date: Tue, 10 May 2022 13:53:17 GMT
x-frame-options: SAMEORIGIN
x-cache: PRIVATE_NOSTORE
content-type: image/png
cache-control: private
x-azure-ref: 0TG56YgAAAABCMZFvsj+MSKGSXh0oYaUbRlJBMjMxMDUwNDIwMDM1ADFmMDI1ZjMxLWQ2ODQtNGExZS05OTExLTMwN2NkMWYzZjEwMg==
content-disposition: attachment; filename="Card_ART-app.png"
x-robots-tag: noindex, nofollow

GET
H2 200 card_rewards.png
cdn.australianretirementtrust.com.au/library/media/employer-portals/design-assets/art_brand-imagery/ 7 KB
7 KB 1073ms
1073ms Image
image/png 2620:1ec:49::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.australianretirementtrust.com.au/library/media/employer-portals/design-assets/art_brand-imagery/card_rewards.png?rev=55ad082753994ab592bf6837eb74ee38

Requested by

Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/virginaustralia01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0b77258c9260e30c0b7f40fcd9abe390e50a4ec779dc3cf070c57b717944d715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-azure-ref-originshield: 0TG56YgAAAAA6aP6YjYF2Qolzm2L582YpQU1TMDRFREdFMTgwOQAxZjAyNWYzMS1kNjg0LTRhMWUtOTkxMS0zMDdjZDFmM2YxMDI=
date: Tue, 10 May 2022 13:53:17 GMT
x-frame-options: SAMEORIGIN
x-cache: PRIVATE_NOSTORE
content-type: image/png
cache-control: private
x-azure-ref: 0TG56YgAAAAAO4b5QbcaTSKGww/X4RDZGRlJBMjMxMDUwNDIwMDM1ADFmMDI1ZjMxLWQ2ODQtNGExZS05OTExLTMwN2NkMWYzZjEwMg==
content-disposition: attachment; filename="Card_Rewards.png"
x-robots-tag: noindex, nofollow

GET
H2 200 staff-neysa-cs.jpg
cdn.australianretirementtrust.com.au/library/media/images/web/staff-square/ 150 KB
150 KB 71ms
70ms Image
image/jpeg 2620:1ec:49::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.australianretirementtrust.com.au/library/media/images/web/staff-square/staff-neysa-cs.jpg?rev=f625f29be41d4412b860d1da734dfe29

Requested by

Host: portal.australianretirementtrust.com.au
URL: https://portal.australianretirementtrust.com.au/virginaustralia01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7f3b0dfb8170a70796241edebf3eaf6cf0a4bbd72288744f9f38802180ef15ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 01 Oct 2021 05:45:54 GMT
x-azure-ref-originshield: 0TG56YgAAAACkMZZ33XzWTbxJoVoVHvTOQU1TMDRFREdFMTkxMgAxZjAyNWYzMS1kNjg0LTRhMWUtOTkxMS0zMDdjZDFmM2YxMDI=
etag: a63cf1486548410d96b389897c8aee86
x-frame-options: SAMEORIGIN
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=31536000
date: Tue, 10 May 2022 13:53:16 GMT
x-azure-ref: 0TG56YgAAAACqlG6e5Gy/R4FQiPJXF2hmRlJBMjMxMDUwNDIwMDM1ADFmMDI1ZjMxLWQ2ODQtNGExZS05OTExLTMwN2NkMWYzZjEwMg==
content-length: 153126

GET
H3 200 E0XjzYo39FE Show response
www.youtube.com/embed/ Frame 2DAD 62 KB
26 KB 64ms
63ms Document
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/E0XjzYo39FE?enablejsapi=1&origin=https%3A%2F%2Fportal.australianretirementtrust.com.au

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXGLQRG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e29dffd35514e39ecf5063ddca34b112d27d4c943ac90f4b59bc0d45423e803e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portal.australianretirementtrust.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Tue, 10 May 2022 13:53:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 iframe_api Show response
www.youtube.com/ 980 B
514 B 33ms
32ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXGLQRG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f4c62ad756893055b9393007a6b9ac696fa1a3b37e87f86229f52b109534e4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:53:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 10 May 2022 13:53:16 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 2DAD 28 B
54 B 26ms
26ms XHR
application/json 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/53aba266/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/E0XjzYo39FE
X-YouTube-Client-Version: 1.20220508.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtyM29mNDNrdVk2SSjL3OmTBg%3D%3D
X-YouTube-Ad-Signals: dt=1652190794603&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 10 May 2022 13:53:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 10 May 2022 13:53:16 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/53aba266/www-widgetapi.vflset/ 154 KB
50 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/53aba266/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8bbc76c3d03e206af2bb5bc11236555f0c3177fc677c66077bd651072853d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.australianretirementtrust.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:37:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 929
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51153
x-xss-protection: 0
last-modified: Mon, 09 May 2022 00:15:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 10 May 2023 13:37:47 GMT

POST atr
www.youtube.com/api/stats/ Frame 2DAD 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame 2DAD 0
0

GET
H3 200 www-player.css
www.youtube.com/s/player/53aba266/ Frame 2DAD 335 KB
46 KB 9ms
7ms Stylesheet
text/css 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/53aba266/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E0XjzYo39FE?enablejsapi=1&origin=https%3A%2F%2Fportal.australianretirementtrust.com.au

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba2b65836b472334c8abe1133ccdd57f61ccc6ae8c64dfad891735b080475611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E0XjzYo39FE?enablejsapi=1&origin=https%3A%2F%2Fportal.australianretirementtrust.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 14:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47149
x-xss-protection: 0
last-modified: Mon, 09 May 2022 00:15:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 14:56:21 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/53aba266/www-embed-player.vflset/ Frame 2DAD 278 KB
86 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/53aba266/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E0XjzYo39FE?enablejsapi=1&origin=https%3A%2F%2Fportal.australianretirementtrust.com.au

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a73a3aa1673bb8d546ab0d2d6c078d0e8da5bf9b8c26f7b78d6a6364688d7d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E0XjzYo39FE?enablejsapi=1&origin=https%3A%2F%2Fportal.australianretirementtrust.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 14:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87544
x-xss-protection: 0
last-modified: Mon, 09 May 2022 00:15:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 14:56:21 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/ Frame 2DAD 2 MB
527 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E0XjzYo39FE?enablejsapi=1&origin=https%3A%2F%2Fportal.australianretirementtrust.com.au

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f06f7e9b522dcf94576e103b754151e4f55fd21bfc284d10a50ab7562ef5eb66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E0XjzYo39FE?enablejsapi=1&origin=https%3A%2F%2Fportal.australianretirementtrust.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 14:56:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 539386
x-xss-protection: 0
last-modified: Mon, 09 May 2022 00:15:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 14:56:36 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/53aba266/fetch-polyfill.vflset/ Frame 2DAD 9 KB
3 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/53aba266/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E0XjzYo39FE?enablejsapi=1&origin=https%3A%2F%2Fportal.australianretirementtrust.com.au

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E0XjzYo39FE?enablejsapi=1&origin=https%3A%2F%2Fportal.australianretirementtrust.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 14:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 09 May 2022 00:15:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 14:56:21 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2DAD 15 KB
15 KB 37ms
11ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E0XjzYo39FE?enablejsapi=1&origin=https%3A%2F%2Fportal.australianretirementtrust.com.au

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 593195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 03 May 2023 17:06:41 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 2DAD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

15ms
15ms

XHR
application/json

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E0XjzYo39FE?enablejsapi=1&origin=https%3A%2F%2Fportal.australianretirementtrust.com.au

Protocol

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

223d8300ea03151000c700ed40ff52b8e911d5bc88f5328a87f25c60531bb7df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 10 May 2022 13:53:16 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 2DAD 29 B
54 B 23ms
7ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/53aba266/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:44:42 GMT
x-content-type-options: nosniff
age: 514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 May 2022 13:59:42 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 10 May 2022 13:53:16 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2DAD 45 KB
22 KB 22ms
22ms XHR
application/json+protobuf 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

18eb099895d2cf6bf72ca5c8f00f0c983d4c8883176c19d381f7644dcb365573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 10 May 2022 13:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 22355
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/ Frame 2DAD 119 KB
37 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

179f5e88179952fdc29519d9988794b56493ceba3ba062a9ff9f93ed82f9c264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E0XjzYo39FE?enablejsapi=1&origin=https%3A%2F%2Fportal.australianretirementtrust.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 14:58:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82482
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37776
x-xss-protection: 0
last-modified: Mon, 09 May 2022 00:15:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 14:58:34 GMT

GET
H3 200 pnS8W8CLkwK18al8dwuWUw6UNwvOiNhGGw5Co3IGe3M.js Show response
www.google.com/js/th/ Frame 2DAD 35 KB
13 KB 32ms
12ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/pnS8W8CLkwK18al8dwuWUw6UNwvOiNhGGw5Co3IGe3M.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a674bc5bc08b9302b5f1a97c770b96530e94370bce88d8461b0e42a372067b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 05:04:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 550109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13672
x-xss-protection: 0
last-modified: Mon, 02 May 2022 14:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 May 2023 05:04:47 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/ Frame 2DAD 27 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23de822b07dd197caedd3021b803c918961ef059558269de46268559453a5738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E0XjzYo39FE?enablejsapi=1&origin=https%3A%2F%2Fportal.australianretirementtrust.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 14:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82595
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8104
x-xss-protection: 0
last-modified: Mon, 09 May 2022 00:15:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 14:56:41 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 2DAD 4 KB
2 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 May 2022 13:53:16 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 2DAD 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?hdqwyg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/E0XjzYo39FE?enablejsapi=1&origin=https%3A%2F%2Fportal.australianretirementtrust.com.au
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E0XjzYo39FE?enablejsapi=1&origin=https%3A%2F%2Fportal.australianretirementtrust.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:53:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/101/ Frame 2DAD 52 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/101/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f69d70bf8ce1e473f3659ee6c746035ae11ebbe9383c1857783e300458667e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 16:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15395
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 19:36:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 10 May 2022 16:33:32 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2DAD 98 B
142 B 17ms
17ms XHR
application/json+protobuf 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/53aba266/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

adbb5f9c98a32f501b202d674d75748bcb35a15b78bb7da625b5468a7dce1944

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 10 May 2022 13:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 10 May 2022 13:53:16 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
304 B 1096ms
1095ms XHR
application/json 13.69.106.88
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fae4b0e2f75c332aca7301eb2dd5b6b60614f64e0562a49e48640f742b6347f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.australianretirementtrust.com.au/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 84CFE74E-AE08-4C8F-B50D-56479684E0A2
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Tue, 10 May 2022 13:53:18 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 125ms
26ms Preflight 13.69.106.88
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://portal.australianretirementtrust.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Tue, 10 May 2022 13:53:17 GMT
x-content-type-options: nosniff

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 2DAD 28 B
55 B 25ms
25ms XHR
application/json 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/53aba266/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/E0XjzYo39FE?enablejsapi=1&origin=https%3A%2F%2Fportal.australianretirementtrust.com.au
X-YouTube-Client-Version: 1.20220508.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtyM29mNDNrdVk2SSjM3OmTBg%3D%3D
X-YouTube-Ad-Signals: dt=1652190795705&flash=0&frm=2&u_tz&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 10 May 2022 13:53:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 10 May 2022 13:53:18 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=bJHG2VXONl26BFYi&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fportal.australianretirementtrust.com.au%2F&lact=846&cl=447340363&mos=0&volume=100&cbr=Chrome&cbrver=101.0.4951.41&c=WEB_EMBEDDED_PLAYER&cver=1.20220508.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=3185&fexp=23748146%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24027702%2C24080738%2C24082662%2C24116740%2C24135310%2C24169501%2C24199709%2C24211647&muted=0&docid=E0XjzYo39FE

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.australianretirementtrust.com.au/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: gfirwtk3kkwvvgld3uwtf2v2
www.australianretirementtrust.com.au/	1970-01-23 18:32:30	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: 75d48ecfd0d84feba75e5a71ed0b55f2\|False
portal.australianretirementtrust.com.au/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 55mgvxmdq1jynu3jhjtludjl
portal.australianretirementtrust.com.au/	1970-01-23 18:32:30	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: 2bfbf51fa5e24673af10ba0bb5a18935\|False
portal.australianretirementtrust.com.au/	1970-01-20 11:42:06	Name: ai_user Value: QrDCb\|2022-05-10T13:53:14.440Z
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Bwh0I574SQU
.youtube.com/	1970-01-20 07:15:42	Name: VISITOR_INFO1_LIVE Value: r3of43kuY6I
.australianretirementtrust.com.au/	1970-01-20 05:06:06	Name: _gcl_au Value: 1.1.1963275085.1652190795
portal.australianretirementtrust.com.au/	1970-01-20 02:56:32	Name: ai_session Value: 6Xofy\|1652190797043.7\|1652190797043.7

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
cdn.australianretirementtrust.com.au
dc.services.visualstudio.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
links.dc2.pageuppeople.com
portal.australianretirementtrust.com.au
static.doubleclick.net
www.australianretirementtrust.com.au
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
www.youtube.com
13.69.106.88
20.70.226.3
2600:9000:2156:3a00:16:5c6c:36c0:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2620:1ec:49::45
2a00:1450:4001:801::200e
2a00:1450:4001:803::2008
2a00:1450:4001:803::2016
2a00:1450:4001:810::2006
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
0ace5e96903e1472e329c1c541c5691710080b51b5ba5d6f1977f75f9c3c5b72
0b77258c9260e30c0b7f40fcd9abe390e50a4ec779dc3cf070c57b717944d715
156044ff76a760eb4aa8d727e3bac7e6abc33a560cf9dfac74fcbf1c688071e4
179f5e88179952fdc29519d9988794b56493ceba3ba062a9ff9f93ed82f9c264
18eb099895d2cf6bf72ca5c8f00f0c983d4c8883176c19d381f7644dcb365573
1b425fa6cb06c3d59a8269bdbe961cb9f0f121c9dbdad6eebb9ecbc02353a353
223d8300ea03151000c700ed40ff52b8e911d5bc88f5328a87f25c60531bb7df
22610155ce9a125b70ed3a689d7925941f0574a78acc3e263246351d9e26bbbd
23de822b07dd197caedd3021b803c918961ef059558269de46268559453a5738
3b67743bc83d2099a76cfe80a1a4edbe3dd65194da71ce030e4d030e9beb8b72
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4618aaafc626132af62dd6f5ebaa2b85ec0efbc98bbbb9828a91b743b7319836
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5a73a3aa1673bb8d546ab0d2d6c078d0e8da5bf9b8c26f7b78d6a6364688d7d9
625470a950742ed49d9926a42808026112f4448041217482146f28d9e294349b
66dd0ba9c7c493627d4b01755d724dce2083c338d609181af112d7a6c4524365
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6f69d70bf8ce1e473f3659ee6c746035ae11ebbe9383c1857783e300458667e0
76eb441647f33d146a4f286f38a19f1365ca33dbd2a9809f8816102abcf12c9b
7f3b0dfb8170a70796241edebf3eaf6cf0a4bbd72288744f9f38802180ef15ce
86b3948dbd69c14a926646321f15c76891b45b72d45d5f5c6a911e36e36fd2e1
8a26c2c09cc5fa32b6cedcb73d06ce3d799323f3e7b50f0ed331aa6444ede7f4
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
9f0fae90919f1021b81a8486db8f36bf6f2263fd70b1499c596f8d2d6a28f8b4
9f4c62ad756893055b9393007a6b9ac696fa1a3b37e87f86229f52b109534e4d
a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2077f0d717a83655d80257da1e922b16f47fd29b2981e9682c48958b336c886
a674bc5bc08b9302b5f1a97c770b96530e94370bce88d8461b0e42a372067b73
ac908af27bff6e75bbf58a166ce510862dd2f36f1efcbe9f5d954fbdef68477b
adbb5f9c98a32f501b202d674d75748bcb35a15b78bb7da625b5468a7dce1944
ba2b65836b472334c8abe1133ccdd57f61ccc6ae8c64dfad891735b080475611
bbd5f5be4610af5e215b1e5522d86229739183d20df8767e58bbb6a450113dd4
bdbf15df7d7968ab3394207a311de75686476d80d430bd64583b168ea2c4dbe5
c2f9b1ad3771345d65bdd807fd077cb6db3a72d8f063359eed5a07d0ebae8898
c581a5e1046176956515e942d21d4eccdb7bac9aaab79f45a0724eeaad08d01b
cc28057eaa643bf8b0bf8bab5a5f8839801b44819138905be74268cd018a6bea
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e29dffd35514e39ecf5063ddca34b112d27d4c943ac90f4b59bc0d45423e803e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42b5c4157a022222c7429eb236bc4ddacfc2c4c2338b5d5eb3d1cabc50ee1c6
e8bbc76c3d03e206af2bb5bc11236555f0c3177fc677c66077bd651072853d26
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f06f7e9b522dcf94576e103b754151e4f55fd21bfc284d10a50ab7562ef5eb66
f3581c94cc20a1c249696850c69ac433ea2a81dac92f0e6cddfd9ea45db9965e
fae4b0e2f75c332aca7301eb2dd5b6b60614f64e0562a49e48640f742b6347f2
fb2f08e1452b5f75c7077b694ff19f14745316a0824bd01006149ecbf5c5357c

portal.australianretirementtrust.com.au Open in urlscan Pro 20.70.226.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

94 %HTTPS

88 %IPv6

13 Domains

17 Subdomains

16 IPs

4 Countries

2560 kBTransfer

7561 kBSize

9 Cookies

31 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

portal.australianretirementtrust.com.au Open in urlscan Pro
20.70.226.3 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

94 %
HTTPS

88 %
IPv6

13
Domains

17
Subdomains

16
IPs

4
Countries

2560 kB
Transfer

7561 kB
Size

9
Cookies

69 HTTP transactions
1 data transactions