www.vat19.com Open in urlscan Pro
2606:4700:10::ac43:72d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vat19.com/
Effective URL:
https://www.vat19.com/
Submission: On February 24 via manual (February 24th 2023, 7:22:41 pm UTC) from US — Scanned from DE

Summary HTTP 178 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 22 domains to perform 178 HTTP transactions. The main IP is 2606:4700:10::ac43:72d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.vat19.com. The Cisco Umbrella rank of the primary domain is 475530.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2022. Valid for: a year.

This is the only time www.vat19.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:21e3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40	2606:4700:10:... 2606:4700:10::ac43:72d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	143.204.89.5 143.204.89.5	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80e::200a	15169 (GOOGLE) (GOOGLE)
1 12	2a00:1450:400... 2a00:1450:400d:808::2004	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:400d:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2016	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::200d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::12 2a02:2638::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
178	36

1 2606:4700:10::6816:21e3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

vat19.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2606:4700:10::ac43:72d (United States)

ASN13335 (CLOUDFLARENET, US)

www.vat19.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.vat19.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.89.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-5.fra50.r.cloudfront.net

hello.zonos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80d::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:808::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:803::2001 (Ireland)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2016 (Ireland)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::200d (Ireland)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2001 (Ireland)

ASN15169 (GOOGLE, US)

aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::200e (Ireland)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cas.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	vat19.com 1 redirects vat19.com — Cisco Umbrella Rank: 249782 www.vat19.com — Cisco Umbrella Rank: 475530 images.vat19.com — Cisco Umbrella Rank: 317089	1 MB
29	google.com 1 redirects apis.google.com — Cisco Umbrella Rank: 111 www.google.com — Cisco Umbrella Rank: 2 accounts.google.com — Cisco Umbrella Rank: 76 adservice.google.com — Cisco Umbrella Rank: 73 play.google.com — Cisco Umbrella Rank: 29	438 KB
22	googlesyndication.com aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 140 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	280 KB
22	youtube.com www.youtube.com — Cisco Umbrella Rank: 87 img.youtube.com — Cisco Umbrella Rank: 3323	1 MB
13	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 static.doubleclick.net — Cisco Umbrella Rank: 262 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184	157 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com ssl.gstatic.com	56 KB
7	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 306 jnn-pa.googleapis.com — Cisco Umbrella Rank: 239	129 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 391	110 KB
5	zonos.com hello.zonos.com — Cisco Umbrella Rank: 23629	45 KB
4	criteo.com 1 redirects cas.criteo.com — Cisco Umbrella Rank: 16258 gum.criteo.com — Cisco Umbrella Rank: 378 mug.criteo.com — Cisco Umbrella Rank: 2719	9 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8947 www.google.de — Cisco Umbrella Rank: 6149	1 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 357	12 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	157 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 105	216 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	26 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	75 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	94 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 625	40 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 109	23 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 228	3 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 927	6 KB
178	22

	Domain	Requested by
29	images.vat19.com	www.vat19.com
16	www.youtube.com	www.vat19.com www.youtube.com apis.google.com
12	www.google.com	1 redirects www.youtube.com apis.google.com www.vat19.com www.google.com tpc.googlesyndication.com
12	apis.google.com	www.vat19.com apis.google.com www.youtube.com accounts.google.com www.google.com
11	www.vat19.com	www.vat19.com ajax.googleapis.com static.cloudflareinsights.com
10	pagead2.googlesyndication.com	www.vat19.com pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
10	tpc.googlesyndication.com	www.vat19.com aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
6	img.youtube.com	www.vat19.com
6	ssl.gstatic.com	accounts.google.com www.vat19.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.vat19.com aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com
6	googleads.g.doubleclick.net	1 redirects www.youtube.com www.googletagmanager.com www.vat19.com pagead2.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	hello.zonos.com	www.vat19.com hello.zonos.com
4	jnn-pa.googleapis.com	www.youtube.com
3	www.gstatic.com	www.youtube.com www.gstatic.com www.google.com
3	bat.bing.com	www.vat19.com bat.bing.com
3	connect.facebook.net	www.vat19.com connect.facebook.net
3	ajax.googleapis.com	www.vat19.com
2	gum.criteo.com	1 redirects static.criteo.net
2	aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	accounts.google.com	apis.google.com www.vat19.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	www.youtube.com
2	www.facebook.com	www.vat19.com
2	cdn.jsdelivr.net	www.vat19.com
2	www.googletagservices.com	www.vat19.com aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com
2	www.googletagmanager.com	www.vat19.com www.googletagmanager.com
1	mug.criteo.com	aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com
1	cas.criteo.com	static.criteo.net
1	static.criteo.net	aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com
1	play.google.com	www.google.com
1	www.google.de	www.vat19.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	static.cloudflareinsights.com	www.vat19.com
1	vat19.com	1 redirects
178	39

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.tiktok.com
www.facebook.com
www.instagram.com
www.twitter.com
rebrand.ly
zonos.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-10` - `2023-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-04`	2 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
zonos.com Amazon RSA 2048 M02	`2023-02-17` - `2023-09-06`	7 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://www.vat19.com/
Frame ID: EDC91A7D9F86A292F3F76AA918C7FFCD
Requests: 93 HTTP requests in this frame

Frame: https://www.youtube.com/embed/4aVobFW5ajg?wmode=transparent&rel=0&iv_load_policy=3&iv_load_policy=1&showinfo=0
Frame ID: F561E9098B7568571D77FA3D257295E3
Requests: 21 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channel=vat19com&layout=default&count=default&hl=en_US&origin=https%3A%2F%2Fwww.vat19.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__
Frame ID: 0DAE8A70EF5DA3B217EF422CA9AD676A
Requests: 5 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.vat19.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__
Frame ID: DA53A8C63D508C88A7D8F4B6D521A1ED
Requests: 5 HTTP requests in this frame

Frame: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D68F59C51A794E3A40B4363CCD03ECE6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=1582361&position=BOTTOM_RIGHT&hl=en_US&origin=https%3A%2F%2Fwww.vat19.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__
Frame ID: 1C4D91F6C8E618839C22DC913A5D8BE8
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDRbNGFusqlXX4a5vwi9ouQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__
Frame ID: D141EA838D8895E6FA352537EF4B5A1D
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302031721000/amp4ads-v0.mjs
Frame ID: 7D04BEC4E0F68E7DC93BD9A352C16C93
Requests: 11 HTTP requests in this frame

Frame: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E6AF8851C4F3C03603C92023A07FE367
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.vat19.com
Frame ID: 4A0A409D6EA2FE0A5DC823025BF93CF1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 570EB436062187CA383E9F37A60EE4BF
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html
Frame ID: 6BDF29F2B328632E5E86C74B6DD55524
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636038504806449&output=html&h=600&slotname=9724382613&adk=1589514413&adf=3407270560&pi=t.ma~as.9724382613&w=160&lmt=1677266557&format=160x600&url=https%3A%2F%2Faad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677266557387&bpp=3&bdt=208&idt=272&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=6785929175289&frm=24&ife=3&pv=2&ga_vid=416856657.1677266558&ga_sid=1677266558&ga_hid=1490071901&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=3315248091&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759876%2C44759927%2C44777877&oid=2&pvsid=4034446117423295&tmod=1592399581&uas=0&nvt=1&top=https%3A%2F%2Fwww.vat19.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l196npqp2ywn&fsb=1&dtd=293
Frame ID: BE36A01C80005BF461752F0FCFDB3217
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EC619138F31493C15470864B226521FB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D0342BCB4FF807C76DA3871101AA06A9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D9B2A49ED3F75DF09F48732464E1688D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 353486A53A666EAD9C837C8DCB8F10E2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vat19.com: Unique Gifts and Unusual Gift IdeasDon't Eat My Football!It's Two Stress Balls in One$1000 if You Can Break This Toy in 1 Minute • Break It To Make It #48How Long Is a Tesla in Butts?25 lb Candle, Freeze-Dried Skittles And More!$1000 if You Can Break This Toy in 1 Minute • Break It To Make It #47YouTube logo linked to Vat19's YouTube channelTikTok logo linked to Vat19's TikTok pageFacebook logo linked to Vat19's Facebook pageInstagram logo linked to Vat19's Instagram pageTwitter logo linked to Vat19's Twitter's pageClose

Page URL History Show full URLs

http://vat19.com/ HTTP 301
https://www.vat19.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//(?:cas\.criteo\.com|(?:[^/]\.)?criteo\.net)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

178
Requests

98 %
HTTPS

94 %
IPv6

22
Domains

39
Subdomains

36
IPs

4
Countries

3892 kB
Transfer

10035 kB
Size

25
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/embed/d-bqJ7z6IRw?autoplay=1&autohide=1&border=0&egm=0&showinfo=0

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/erDon-UIU18?autoplay=1&autohide=1&border=0&egm=0&showinfo=0

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/Rm_pytLEh4U?autoplay=1&autohide=1&border=0&egm=0&showinfo=0

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/hgoyC5tgmDo?autoplay=1&autohide=1&border=0&egm=0&showinfo=0

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/ZQZC-6Ji1T4?autoplay=1&autohide=1&border=0&egm=0&showinfo=0

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/WAMJf0ZLe-c?autoplay=1&autohide=1&border=0&egm=0&showinfo=0

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/vat19com/featured
Title: YouTube logo linked to Vat19's YouTube channel

Search URL Search Domain Scan URL

URL: http://www.tiktok.com/@vat19
Title: TikTok logo linked to Vat19's TikTok page

Search URL Search Domain Scan URL

URL: http://www.facebook.com/vat19
Title: Facebook logo linked to Vat19's Facebook page

Search URL Search Domain Scan URL

URL: http://www.instagram.com/vat19
Title: Instagram logo linked to Vat19's Instagram page

Search URL Search Domain Scan URL

URL: http://www.twitter.com/vat19
Title: Twitter logo linked to Vat19's Twitter's page

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/vat19com
Title: YouTube Channel

Search URL Search Domain Scan URL

URL: https://rebrand.ly/youtuad50
Title: The Vat19 Movie!

Search URL Search Domain Scan URL

URL: https://zonos.com/zonos-hello-free-duty-tax-calculator

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vat19.com/ HTTP 301
https://www.vat19.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 148

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 155

https://gum.criteo.com/sid/json?origin=publishertag&domain=aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com&sn=ChromeSyncframe&so=0&topUrl=www.vat19.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=IBakvXxwSmY3L1R2QU1IYXZJM2t6c0t2dVhHcXNlQ2dqWklJbFFLdUNNZWVMcjA0VTlEYXJMZU12ZnZlb3N6bzQwcFJhdW80ZzFzMWFlbGdoZmJ4azFQaldCUUY5ZFpvak5KQ3JQNHdPQ2dlV1dYTkRyWXVQaFpsajlDZWJOVm1PQ2gzQWxZbml5alA4WVhKUmhhLy8zSjkzNUFEcmJ4eXE5RzJSb2Z6Vy8zYno0TnFOYllMaVJoQkdyVUNYTHN1elRZYmlSRW1XQjc2eGx5T1lVOGtkUlhGck1JTjEyVzlBa0V0cXlhTlltYU1FYVNhUUdRMVhaVXBBajh1T0xFLzBWZUx2aVF5MTRmclo4bDcrbTFqODY5N1J3TWhWNWMvRTc5K3pCejZZQmJheUNFclIwSFFyaDdnRGRqZEJlR21VSkE4RDVLWDdxUEEzUy8vU0MzSkdYN2RiM3UycklzZkRIN3FOaTEwTGZ3RVBXYjg9fA&cppv=2

178 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.vat19.com/
Redirect Chain

http://vat19.com/
https://www.vat19.com/

52 KB
12 KB

547ms
484ms

Document
text/html

2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3d5cba8209169cea999303b7760d06cadd2430daf2dd50af0bf2e1577ce2894

Security Headers

Name	Value
X-Content-Type-Options	Nosniff
X-Frame-Options	Deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 79ea9218e94f382f-FRA
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 24 Feb 2023 19:22:34 GMT
server: cloudflare
vary: User-Agent
x-aspnet-version: 4.0.30319
x-content-type-options: Nosniff
x-frame-options: Deny

Redirect headers

CF-RAY: 79ea92185afe2c23-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 24 Feb 2023 19:22:33 GMT
Expires: Fri, 24 Feb 2023 20:22:33 GMT
Location: https://www.vat19.com/
Server: cloudflare
Server-Timing: cf-q-config;dur=4.9999998736894e-06
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
44 KB 85ms
33ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-232234-1

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

99712eb223ed1bab636e4e3cfbe7ebcac87dac469fd4c81be75cb9540c706803

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44556
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Feb 2023 19:22:34 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 171ms
78ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?onload=renderBadge

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40dc05cf20e88ad238d3f1a78365b468333a461da4f6a634b0f6801058c79700

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 Feb 2023 19:22:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20954
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "4a08b59f71d6ccd8"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Feb 2023 19:22:34 GMT

GET
H2 200 desktop.css
www.vat19.com/includes/css/ 131 KB
39 KB 495ms
494ms Stylesheet
text/css 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vat19.com/includes/css/desktop.css?ver=44978.90677998843

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4f028f5015cc4314f3e159fef5fe97797f8981448783edf211a8384424b4107

Security Headers

Name	Value
X-Content-Type-Options	Nosniff
X-Frame-Options	Deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
content-encoding: gzip
x-content-type-options: Nosniff
cf-cache-status: BYPASS
last-modified: Fri, 30 Sep 2022 22:45:38 GMT
server: cloudflare
etag: "0d5325c1ed5d81:0"
vary: Accept-Encoding,User-Agent
x-frame-options: Deny
content-type: text/css
accept-ranges: bytes
cf-ray: 79ea921bfe0b382f-FRA
content-length: 39156

GET
H2 200 glyphicons-halflings-regular.woff
www.vat19.com/resources/assets/css/fonts/ 23 KB
23 KB 489ms
488ms Font
font/x-woff 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vat19.com/resources/assets/css/fonts/glyphicons-halflings-regular.woff

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Security Headers

Name	Value
X-Content-Type-Options	Nosniff
X-Frame-Options	Deny

Request headers

Referer: https://www.vat19.com/
Origin: https://www.vat19.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
content-encoding: gzip
x-content-type-options: Nosniff
cf-cache-status: BYPASS
last-modified: Thu, 11 Apr 2019 01:44:37 GMT
server: cloudflare
etag: W/"fe84f11e8f0d41:0"
vary: User-Agent, Accept-Encoding
x-frame-options: Deny
content-type: font/x-woff
cf-ray: 79ea921bfe0f382f-FRA

GET
H2 200 jquery-ui.min.css
ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/themes/smoothness/ 26 KB
6 KB 139ms
34ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/themes/smoothness/jquery-ui.min.css

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bf036c5cf44011f5d8e6838f864f5d66b787d59f74e1fcb5f68afe777252555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 13:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5285
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 13:05:21 GMT

GET
H2 200 home.css
www.vat19.com/resources/assets/css/desktop/ 5 KB
2 KB 405ms
404ms Stylesheet
text/css 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vat19.com/resources/assets/css/desktop/home.css?ver=44978.90677998843

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b89810df7319b3b148f9be9a85228c2492e13b5308d6bd2ab8684fc692bc9b4

Security Headers

Name	Value
X-Content-Type-Options	Nosniff
X-Frame-Options	Deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
content-encoding: gzip
x-content-type-options: Nosniff
cf-cache-status: BYPASS
last-modified: Sat, 30 Jul 2022 23:05:27 GMT
server: cloudflare
etag: W/"bd926ddb68a4d81:0"
vary: User-Agent, Accept-Encoding
x-frame-options: Deny
content-type: text/css
cf-ray: 79ea921bfe10382f-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 76 KB
26 KB 173ms
67ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

253de8d10a22fa3d8e5654af4a30687356e9caa3c07e32e1ff3caf6453cbc4d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26590
x-xss-protection: 0
server: sffe
etag: "1493 / 189 of 1000 / last-modified: 1677240869"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Feb 2023 19:22:34 GMT

GET
H2 200 vat19-logo-tag.png
images.vat19.com/branding/ 13 KB
14 KB 60ms
40ms Image
image/png 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/branding/vat19-logo-tag.png
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45fe27e4e87ba11f6d9cc9ec52d3fc60218581748ef1a41d0c9a7eca2321f7ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 2029269
x-cache: Hit from cloudfront
content-length: 13713
last-modified: Wed, 24 Sep 2014 18:56:54 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:jamiemsalvatori/gid:20/mode:33188/mtime:1411509474/atime:1411514251/md5:9a71c0494b7e24fdca5d3ca1658be953/ctime:1411509474
etag: "9a71c0494b7e24fdca5d3ca1658be953"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea921f5b54382f-FRA
x-amz-cf-id: G0JDb5XLsTNU7C9qa-C56RAh09PB4Pr1ZxcgUCMcAJDEQ59Jvfb0iw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 73ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 24 Feb 2023 19:22:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: vAWc3LbLurVLZ75Jiz9u/nIeqoDFdyWGlrAJMdp85zzCRln4Es1HPVyUegr5M9nYK8rKLwO+SxaJjYdsL8GclQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 151ms
52ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 24 Feb 2023 19:22:33 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A5910FD14D2C4DAFA73D0ED272655E7D Ref B: DUS30EDGE0914 Ref C: 2023-02-24T19:22:34Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 mystery-box-homepage-2021.jpg
images.vat19.com/mysterious-box-of-mystery/ 92 KB
93 KB 78ms
59ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/mysterious-box-of-mystery/mystery-box-homepage-2021.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b54b70df930a322bd835ee2136eb757ae0f9b057f6c952375bc5ce7d8c018f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 2016705
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
content-length: 94517
cf-bgj: h2pri
last-modified: Fri, 23 Jul 2021 16:46:51 GMT
x-amz-meta-s3cmd-attrs: atime:1627058809/ctime:1627058795/gid:20/gname:staff/md5:595bfeca4d9930b283e0978c38f8fed1/mode:33152/mtime:1626096926/uid:502/uname:jamiesalvatori
server: cloudflare
etag: "595bfeca4d9930b283e0978c38f8fed1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea921f5b57382f-FRA
x-amz-cf-id: gktDaRShDWHA2PHYIuYLmU0GN2ZdEU2zoTxrzlU9N12ABfG8gFpbrw==

GET
H2 200 mini-magnatab-avocado-frame.jpg
images.vat19.com/covers/large/ 22 KB
23 KB 63ms
45ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/mini-magnatab-avocado-frame.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d4153f4d36acab8688210f5fcc4dbfeafb6fc4f69d21f259f935ab48c15d2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 b0dd57699b1d3b601416c357f037a79a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 356940
x-amz-cf-pop: CDG3-C1
x-cache: Hit from cloudfront
content-length: 22722
cf-bgj: h2pri
last-modified: Mon, 20 Feb 2023 15:28:32 GMT
x-amz-meta-s3cmd-attrs: atime:1676906910/ctime:1676906910/gid:20/gname:staff/md5:8a3dae16d0398e3e87b705d69c4c411b/mode:33188/mtime:1676906910/uid:502/uname:jamiesalvatori
server: cloudflare
etag: "8a3dae16d0398e3e87b705d69c4c411b"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea921f5b5c382f-FRA
x-amz-cf-id: dIlha5g_d5-WgeggS85F8eADgFO_br9dfo2Dt-t-OEtfJEEsyXPDLg==

GET
H2 200 shrinking-letter-keychain-kit-frame.jpg
images.vat19.com/covers/large/ 20 KB
21 KB 55ms
36ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/shrinking-letter-keychain-kit-frame.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82549f1c1531e26526992fa069e2b711559c141099160f8b1322117fa2b22708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 f1b5ae62d9afc4ed1ebb4ac99a508444.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 432469
x-amz-cf-pop: LHR50-C1
x-cache: Hit from cloudfront
content-length: 20886
cf-bgj: h2pri
last-modified: Sun, 19 Feb 2023 17:48:04 GMT
x-amz-meta-s3cmd-attrs: atime:1676828878/ctime:1676828880/gid:0/gname:wheel/md5:63f0c043307853bd29f12f60f7a21832/mode:33188/mtime:1676828880/uid:501/uname:jamiesalvatori
server: cloudflare
etag: "63f0c043307853bd29f12f60f7a21832"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea921f5b5f382f-FRA
x-amz-cf-id: oIxAWMdIDQ_SGpOV_AGbFnuUT5OOCpmvac0Ofxa8EztADNR8AQLtmQ==

GET
H2 200 crystal-bead-stress-ball.jpg
images.vat19.com/covers/large/ 27 KB
27 KB 51ms
51ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/crystal-bead-stress-ball.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e5c4bd3fc4aeade5464e55a29a3cbc57618c058b0086198640f51f447641b25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 612680
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
content-length: 27262
cf-bgj: h2pri
last-modified: Sun, 28 Aug 2022 20:16:31 GMT
x-amz-meta-s3cmd-attrs: atime:1661717789/ctime:1661717788/gid:0/gname:wheel/md5:50452c845ef3f25ab55392e590485b0f/mode:33188/mtime:1661717788/uid:501/uname:jamiesalvatori
server: cloudflare
etag: "50452c845ef3f25ab55392e590485b0f"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea921f5b66382f-FRA
x-amz-cf-id: oi_Nvv-RfYFs0HTP_jbAXGzkUwV1zketa2gN7Sknig_JIgt1GpFkSg==

GET
H2 200 pearl-water-stress-ball-2.jpg
images.vat19.com/covers/large/ 20 KB
20 KB 37ms
36ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/pearl-water-stress-ball-2.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82015b434da430dbad5b95bec26009464522abc38a8de9a208b4e3eab01341ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1989330
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
content-length: 20320
cf-bgj: h2pri
last-modified: Sat, 30 Jul 2022 17:53:47 GMT
x-amz-meta-s3cmd-attrs: atime:1659203625/ctime:1659203623/gid:0/gname:wheel/md5:31f5f3181aa3f8d9c7a00c9685e384dc/mode:33188/mtime:1659203623/uid:501/uname:jamiesalvatori
server: cloudflare
etag: "31f5f3181aa3f8d9c7a00c9685e384dc"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea921f6b67382f-FRA
x-amz-cf-id: 9qoqLJ1QnofhaGCKnUzCRs28UkjJmJ0PZ6bq_ThB1PgWj0V9nUut9Q==

GET
H2 200 squishy-morph-stress-ball-frame.jpg
images.vat19.com/covers/large/ 20 KB
20 KB 59ms
58ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/squishy-morph-stress-ball-frame.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4930e35a5561d5b923c047f4beeb181c9fb2178e72c3fc11e81918f0e6f6242

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 44047
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
content-length: 20469
cf-bgj: h2pri
last-modified: Sat, 08 Oct 2022 17:13:05 GMT
x-amz-meta-s3cmd-attrs: atime:1665249183/ctime:1665249182/gid:0/gname:wheel/md5:f9838616728bcf5d8a832b492734bfa7/mode:33188/mtime:1665249182/uid:501/uname:jamiesalvatori
server: cloudflare
etag: "f9838616728bcf5d8a832b492734bfa7"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea921f5b64382f-FRA
x-amz-cf-id: Ofe8CszsLp4sV5PFBiOL0IjQm9-DwgsYV2lWyDzHW2bDLVVaflOs6g==

GET
H2 200 cosmic-putty.jpg
images.vat19.com/covers/large/ 42 KB
43 KB 35ms
35ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/cosmic-putty.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8da4f668555f343b77db25255344c3acd1bbe2f468f2014aeb7a846de7823b4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 2021642
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
content-length: 43463
cf-bgj: h2pri
last-modified: Fri, 29 Sep 2017 23:19:38 GMT
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:jamiemsalvatori/gid:20/mode:33188/mtime:1506727169/atime:1506727172/md5:1ed41bf74d1d58e8bf5f1ddc75b197e0/ctime:1506727169
server: cloudflare
etag: "1ed41bf74d1d58e8bf5f1ddc75b197e0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea921f9bc7382f-FRA
x-amz-cf-id: wZa7FdCqHOqu_PpmF6wJQHJiPZmNIp6hGGUYhtotSvtOr5BnEzhQHQ==

GET
H2 200 glow-in-the-dark-stressball-frame.jpg
images.vat19.com/covers/large/ 19 KB
20 KB 36ms
35ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/glow-in-the-dark-stressball-frame.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12e374f0364c47ae7bc5a2b753cd7e572460c2d47421187fd384f0b8d784642c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 8609604d3fb8e0a5c875f1c74d985668.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 610165
x-amz-cf-pop: TXL50-P4
x-cache: Hit from cloudfront
content-length: 19841
cf-bgj: h2pri
last-modified: Sat, 08 Oct 2022 17:51:53 GMT
x-amz-meta-s3cmd-attrs: atime:1665251510/ctime:1665251510/gid:0/gname:wheel/md5:e0a461f6bf7cbc87606e434c33579106/mode:33188/mtime:1665251510/uid:501/uname:jamiesalvatori
server: cloudflare
etag: "e0a461f6bf7cbc87606e434c33579106"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea921fabcc382f-FRA
x-amz-cf-id: 44LTrZj-XLaKuyHPUjls71En4DtCFZ4d8q05yPI7O-PbAzx2izdX3A==

GET
H2 200 glow-in-the-dark-crystal-growing-kit-frame.jpg
images.vat19.com/covers/large/ 28 KB
29 KB 35ms
35ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/glow-in-the-dark-crystal-growing-kit-frame.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37ddc324101adaf6a21cf94aeb484cdebf0b142002e061150dc1a635c41f8b93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 37275
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
content-length: 28875
cf-bgj: h2pri
last-modified: Thu, 26 Jan 2023 15:21:56 GMT
x-amz-meta-s3cmd-attrs: atime:1674746514/ctime:1674746513/gid:20/gname:staff/md5:107716719cfbd28e70b0156e9a07afa3/mode:33188/mtime:1674746513/uid:502/uname:jamiesalvatori
server: cloudflare
etag: "107716719cfbd28e70b0156e9a07afa3"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea921fbbeb382f-FRA
x-amz-cf-id: MIs49BE2WvgfxWcHfO4LL_Lvbuat78W6VernPeIexhM96j-Hy8veNQ==

GET
H2 200 glowbee-sand-picture.jpg
images.vat19.com/covers/large/ 30 KB
30 KB 71ms
71ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/glowbee-sand-picture.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fa5e3775ba1d0c5efa07b048c9f8e4eeb05663caf8880589057f1a1c2c00669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
content-encoding: UTF-8
via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
content-length: 30762
last-modified: Fri, 06 Nov 2015 02:59:51 GMT
server: cloudflare
etag: "d065d824090bfa0627c8eee02ad6ff5f"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79ea921fcc14382f-FRA
x-amz-cf-id: WIKBiNAF5S0kAZxs_xNnXh7slV3WPw3bY_ILmz6gpl5lx1HT1wFp2g==

GET
H2 200 gloplay-wall-stickers.jpg
images.vat19.com/covers/large/ 22 KB
22 KB 68ms
67ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/gloplay-wall-stickers.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 491229df56983019aa4479275e754a68597c0625064ce2a854faa82b83b41ed3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 018d49139552bac4221d8e525a1600be.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: MXP63-P1
x-cache: Hit from cloudfront
content-length: 22156
last-modified: Mon, 08 Mar 2021 14:39:33 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1615214369/ctime:1615214367/gid:20/gname:staff/md5:beb1c3b6a3ddbb43f7e9f8d19eac784e/mode:33188/mtime:1615214367/uid:502/uname:jamiesalvatori
etag: "beb1c3b6a3ddbb43f7e9f8d19eac784e"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea921fcc19382f-FRA
x-amz-cf-id: TrJB1E5S93cdOc7ETg45YTKrT4c5dzVBvtK98TN6dUBuBht1Lz6xTA==

GET
H2 200 astronaut-ice-cream-sandwiches-2.jpg
images.vat19.com/covers/large/ 35 KB
36 KB 35ms
35ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/astronaut-ice-cream-sandwiches-2.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 364176aeeb43243f4b0d06c638d422830da36e8377c2eddaf3f908adbeb9d2cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 2009831
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
content-length: 36035
cf-bgj: h2pri
last-modified: Sat, 12 Sep 2020 23:48:19 GMT
x-amz-meta-s3cmd-attrs: atime:1599954490/ctime:1599954489/gid:0/gname:wheel/md5:8cafe765426f696b0ac8cc99acf2c1da/mode:33188/mtime:1599954489/uid:501/uname:jamiesalvatori
server: cloudflare
etag: "8cafe765426f696b0ac8cc99acf2c1da"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea921fdc2c382f-FRA
x-amz-cf-id: URc2Qo82KyTJLYMZO6R13MxP55SwwDlgjHIAC32qOKR6ca5T0kbN3A==

GET
H2 200 stratolauncher-iv-water-rocket.jpg
images.vat19.com/covers/large/ 15 KB
15 KB 37ms
37ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/stratolauncher-iv-water-rocket.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 250951b078f00dfd794aff77675a5892869ef3ed622ca54a000d02e2239aa1c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
content-encoding: US-ASCII
via: 1.1 f4582372b9151740be645b6db921848e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: CDG50-P2
age: 20455
x-cache: Hit from cloudfront
content-length: 15496
last-modified: Sat, 17 Nov 2018 23:15:19 GMT
server: cloudflare
etag: "0a2ae6c270735fe7405405438ea1961e"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea921fdc2d382f-FRA
x-amz-cf-id: jp8l6WV-6N7scaipqpmY_lAzoyOMOxQmu5SJzP_bKmTNKE6kCRGzkQ==

GET
H2 200 solar-system-marbles-4.jpg
images.vat19.com/covers/large/ 23 KB
24 KB 36ms
35ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/solar-system-marbles-4.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af187738e312ac30876d5d5e7d3382500830e7976a004c51906be52cc4444b55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 54539657e1cb0d581a1136c9b6cc01a6.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 13056
x-amz-cf-pop: MXP63-P1
x-cache: Hit from cloudfront
content-length: 23860
cf-bgj: h2pri
last-modified: Thu, 08 Nov 2018 16:40:11 GMT
x-amz-meta-s3cmd-attrs: atime:1541695200/ctime:1541695199/gid:20/gname:staff/md5:ac8062c37145bd19df8a1ae9f220e061/mode:33188/mtime:1541695199/uid:502/uname:jamiesalvatori
server: cloudflare
etag: "ac8062c37145bd19df8a1ae9f220e061"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea921fdc2f382f-FRA
x-amz-cf-id: DPrEJ-zo_k1BC6Y60HGerMCmXy5PdgCzNVU8ktoLUtrXZlFXY9luZw==

GET
H2 200 spacepen.jpg
images.vat19.com/covers/large/ 15 KB
15 KB 32ms
31ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/spacepen.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83f988a683f963b3834a15fcfcb2f81fb961f6b7a97f36771214646523c0e391

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 188924
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
content-length: 14954
cf-bgj: h2pri
last-modified: Tue, 13 Sep 2011 16:20:57 GMT
server: cloudflare
etag: "cd4de954a763ac5fce85f65ab246415b"
vary: Accept-Encoding
content-type: image/jpeg
x-amz-meta-s3fox-filesize: 14954
cache-control: max-age=2052000
x-amz-meta-s3fox-modifiedtime: 1248371548000
accept-ranges: bytes
cf-ray: 79ea921fec48382f-FRA
x-amz-cf-id: YNzCJYW4X1mWwVN86lXQf5GNcYs7fYC8d0aqieIYdpDbtEbcmD3imQ==

GET
H2 200 rheoscopic-fluid-planets.jpg
images.vat19.com/covers/large/ 17 KB
17 KB 35ms
34ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/rheoscopic-fluid-planets.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e3339dc26cb6017da79707cb1f0562519a1c9456bdb98e8f1a4c07fb0ff15ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 6fb85c65a827911dce5bf08c03c34d18.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 29383
x-amz-cf-pop: ORD53-C2
x-cache: Hit from cloudfront
content-length: 17411
cf-bgj: h2pri
last-modified: Sun, 26 Apr 2020 23:49:40 GMT
x-amz-meta-s3cmd-attrs: atime:1587944972/ctime:1587944971/gid:0/gname:wheel/md5:16fc9c1391e3616b7ea36a2f3b94093d/mode:33188/mtime:1587944971/uid:501/uname:jamiesalvatori
server: cloudflare
etag: "16fc9c1391e3616b7ea36a2f3b94093d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea92201c82382f-FRA
x-amz-cf-id: VDBEwPtFprI6TI02aAm8i3yHmpd3DT2d1eUsuJJSyHAG_T4TbNSfcQ==

GET
H2 200 enchanting-unicorn-putty.jpg
images.vat19.com/covers/large/ 26 KB
27 KB 70ms
69ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/enchanting-unicorn-putty.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd524658d5829d592625cbab076b5bbce52bc5087f5ea59d4e4f4e3360cb197f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 de82131bd5578df1118deee986556720.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: MXP63-P1
x-cache: Hit from cloudfront
content-length: 27117
last-modified: Thu, 15 Nov 2018 22:43:41 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1542321808/ctime:1542321806/gid:20/gname:staff/md5:76c157bf23317dea2905706ba438ed56/mode:33188/mtime:1542321806/uid:502/uname:jamiesalvatori
etag: "76c157bf23317dea2905706ba438ed56"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea92201c83382f-FRA
x-amz-cf-id: fYhcrDOnthmo3RogbGHMBQ7o288re3ctIys7LaeMYgF7TuGHsxqWug==

GET
H2 200 bag-of-unicorn-farts-2.jpg
images.vat19.com/covers/large/ 24 KB
24 KB 29ms
29ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/bag-of-unicorn-farts-2.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad8dbbfc9a0b71e4f607b20082e2babd65ee1a7ec70c401bb5e225cb0404791a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 983
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
content-length: 24403
cf-bgj: h2pri
last-modified: Mon, 03 Dec 2018 22:38:31 GMT
x-amz-meta-s3cmd-attrs: atime:1543876704/ctime:1543876703/gid:20/gname:staff/md5:4d9b1233b323836b9b1a81551c16711a/mode:33188/mtime:1543876703/uid:502/uname:jamiesalvatori
server: cloudflare
etag: "4d9b1233b323836b9b1a81551c16711a"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea92201c85382f-FRA
x-amz-cf-id: IH_7ZHprQ3FTzy4rZD_-dpkoAiV52jdNpwU5dxU45Qqskh2Xzmfxcg==

GET
H2 200 sticky-the-unicorn-poo.jpg
images.vat19.com/covers/large/ 15 KB
15 KB 43ms
43ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/sticky-the-unicorn-poo.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00b42b00adf06c1d3a2a21f9311a7463599963bbdbf9c334db019be2ed9dc663

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
content-encoding: US-ASCII
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
content-length: 14970
last-modified: Sun, 22 Apr 2018 21:36:50 GMT
server: cloudflare
etag: "6b25c1a45ca3b51eefd7f78b0d02e23c"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea92202c98382f-FRA
x-amz-cf-id: 5spC7XRbsNgFxzbl6E0t2LdAm0CdtV3IYOOtT90dLaJqa9oY1euN7g==

GET
H2 200 creepy-animal-head-masks.jpg
images.vat19.com/covers/large/ 27 KB
28 KB 59ms
59ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/creepy-animal-head-masks.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 934f1f9740a46d63dcd9be8b38b61f2a7e29cac18d9792b9c599b95976ab6c01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
content-length: 27875
last-modified: Mon, 27 Mar 2017 22:13:45 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:jamiemsalvatori/gid:20/mode:33188/mtime:1490652798/atime:1490652803/md5:0de2bf3032a0b208973e2634b6087f50/ctime:1490652798
etag: "0de2bf3032a0b208973e2634b6087f50"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea92203cbb382f-FRA
x-amz-cf-id: VL42Y3sO9X58rUbn8385yGTnDZ9aTpWyH9Mg2izblNuCjDUY2aI8SQ==

GET
H2 200 7-year-pen-6.jpg
images.vat19.com/covers/large/ 13 KB
13 KB 79ms
78ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/7-year-pen-6.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98eef2d18ecdd2c6b0630717a857e4ef6ec084646fdd433074bdb3a83c32e094

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 de82131bd5578df1118deee986556720.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: MXP63-P1
x-cache: Hit from cloudfront
content-length: 13089
last-modified: Thu, 18 Jun 2020 03:43:03 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1592451781/ctime:1592451779/gid:0/gname:wheel/md5:c19b293ac1448cef73dfeb1e989ca4f8/mode:33188/mtime:1592451779/uid:501/uname:jamiesalvatori
etag: "c19b293ac1448cef73dfeb1e989ca4f8"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea92203cbc382f-FRA
x-amz-cf-id: SpPBqu8yJtgd-w7fwWlv58ffaVOlEj8TcWR9tE5kNIp4kHkD63Ufpg==

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 107ms
106ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34733e6f59010024c036b2a25e711808ef85bfcca8e1afd607ba34bfa762bfb6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 Feb 2023 19:22:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "d180a2ced31e8f24"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Feb 2023 19:22:34 GMT

GET
H2 200 payment-options-2021.jpg
images.vat19.com/branding/ 7 KB
7 KB 32ms
32ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/branding/payment-options-2021.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d7e2783e7a3c4f80ab5079dd75ad63fe3289cc6bf49c55a5c20fbb177e8d3b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 3736
x-cache: Miss from cloudfront
content-length: 6667
cf-bgj: h2pri
last-modified: Fri, 01 Jan 2021 14:48:42 GMT
server: cloudflare
etag: "c7747cefa3ca89b6424a7660ebbad35d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79ea92204ccf382f-FRA
x-amz-cf-id: OtLLbD2pQRBqWRIZh9qMMa-ZYBEoMwLjB7-qBNX_9YXVs5DD8neztA==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
32 KB 34ms
34ms Script
text/javascript 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Feb 2024 08:58:50 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/ 223 KB
60 KB 53ms
46ms Script
text/javascript 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/jquery-ui.min.js

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 16:38:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61441
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 16:38:43 GMT

GET
H2 200 runtime.js Show response
www.vat19.com/includes/js/ 6 KB
2 KB 397ms
390ms Script
application/javascript 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vat19.com/includes/js/runtime.js?var=44978.90677998843

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3144a9e82a3cf97b3a279b7a6435fb7fd14b44fda86f730cbcb48b8a39662ac

Security Headers

Name	Value
X-Content-Type-Options	Nosniff
X-Frame-Options	Deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:35 GMT
content-encoding: gzip
x-content-type-options: Nosniff
cf-cache-status: BYPASS
last-modified: Mon, 30 Sep 2019 04:16:07 GMT
server: cloudflare
etag: "805dcc84577d51:0"
vary: Accept-Encoding,User-Agent
x-frame-options: Deny
content-type: application/javascript
accept-ranges: bytes
cf-ray: 79ea921f3b28382f-FRA
content-length: 1678

GET
H2 200 vendor.js Show response
www.vat19.com/includes/js/ 2 KB
1 KB 413ms
407ms Script
application/javascript 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vat19.com/includes/js/vendor.js?var=44978.90677998843

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2646648be0b548a20b39bf19ba3112b51f1ca40556e1b27b4b6507e60602ea09

Security Headers

Name	Value
X-Content-Type-Options	Nosniff
X-Frame-Options	Deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:35 GMT
content-encoding: gzip
x-content-type-options: Nosniff
cf-cache-status: BYPASS
last-modified: Mon, 30 Sep 2019 04:16:07 GMT
server: cloudflare
etag: W/"93b46dc84577d51:0"
vary: User-Agent, Accept-Encoding
x-frame-options: Deny
content-type: application/javascript
cf-ray: 79ea921f3b2a382f-FRA

GET
H2 200 desktop.js Show response
www.vat19.com/includes/js/ 370 KB
123 KB 483ms
477ms Script
application/javascript 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vat19.com/includes/js/desktop.js?var=44978.90677998843

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c52599ae1613db52d4f121177f7f0709d08b9e240e99c4f086faffaecf65152

Security Headers

Name	Value
X-Content-Type-Options	Nosniff
X-Frame-Options	Deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:35 GMT
content-encoding: gzip
x-content-type-options: Nosniff
cf-cache-status: BYPASS
last-modified: Thu, 15 Dec 2022 02:51:52 GMT
server: cloudflare
etag: "0942b2f3010d91:0"
vary: Accept-Encoding,User-Agent
x-frame-options: Deny
content-type: application/javascript
accept-ranges: bytes
cf-ray: 79ea921f4b2d382f-FRA
content-length: 125716

GET
H2 200 hello.js Show response
hello.zonos.com/ 97 KB
34 KB 115ms
27ms Script
application/javascript 143.204.89.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.zonos.com/hello.js?siteKey=1XD8502DGYE4G
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-5.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08ea27ee448d850cd2768639d0a151948f7c55f631281f1b1d331fb1fbad3c17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:21:00 GMT
content-encoding: gzip
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified: Tue, 24 Jan 2023 17:00:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 94
etag: W/"a6d255caf4fc2f38405da21bc6ea9cdf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: bNqALdntrRDRvZvNqK9k-oMBWyoDKnwpskcW1sLQ37YF17ZPklfhAg==

GET
H2 200 cookieconsent.min.js Show response
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 20 KB
7 KB 82ms
30ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 38931
x-jsd-version: 3.1.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230120-FRA, cache-yyz4568-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJzW9fA6RakLeuf%2B9LCI6X0pt2FEJ9J%2Fr5%2Fhu0X7w1YDSSHqq0YT2Bb%2F%2FPOl5SfoebrVnBLRYDhmdCtI5kQ%2BKGobEN6bITkLSospraCvAdE%2FaeqcSpC08j9WtBGfUiN%2BuaEZNb20%2FD2UHItMD%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 79ea921f8dc768fd-FRA

GET
H2 200 sweetalert2@11 Show response
cdn.jsdelivr.net/npm/ 63 KB
19 KB 86ms
34ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e56620decf4dc46291d8ca44053cb440c4f71af831977c8a8db5b897409f5146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 38924
x-jsd-version: 11.7.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230029-FRA, cache-yyz4581-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"fb54-FAD6JrbMcupes37Lt3ic/RHQPZk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlJR%2FSWVwPJ7dURPfKHbwnlV8MJtgLRNStGdKs1HnHLMVKPETPd0gUrR0bfV45299eCZOpTkGiVTlWc5FMQEBtkXuoGUiuvCge5bGd2fJ7c%2Fw6u7tNToU9UqbOMr4nV%2FCq4h%2Fb2WADDJsnJybW4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 79ea921f8dca68fd-FRA

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 96ms
52ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://www.vat19.com/
Origin: https://www.vat19.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 79ea921fa940360f-FRA

GET
H2 200 glyphicons-halflings-regular.woff
www.vat19.com/includes/fonts/ 23 KB
23 KB 474ms
473ms Font
font/x-woff 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vat19.com/includes/fonts/glyphicons-halflings-regular.woff

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/includes/css/desktop.css?ver=44978.90677998843

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Security Headers

Name	Value
X-Content-Type-Options	Nosniff
X-Frame-Options	Deny

Request headers

Referer: https://www.vat19.com/includes/css/desktop.css?ver=44978.90677998843
Origin: https://www.vat19.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:35 GMT
content-encoding: gzip
x-content-type-options: Nosniff
cf-cache-status: BYPASS
last-modified: Sat, 02 Mar 2019 23:00:25 GMT
server: cloudflare
etag: W/"1a97feb84bd1d41:0"
vary: User-Agent, Accept-Encoding
x-frame-options: Deny
content-type: font/x-woff
cf-ray: 79ea921f4b30382f-FRA

GET
H2 200 social-media-links-2021-b.gif
images.vat19.com/css/ 5 KB
6 KB 32ms
31ms Image
image/gif 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/css/social-media-links-2021-b.gif
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/includes/css/desktop.css?ver=44978.90677998843
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b8be8c25719394710df817ab48974da459912c0dc98bc177285d584751ac3e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:34 GMT
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA2-C1
age: 2041709
x-cache: Hit from cloudfront
content-length: 5357
last-modified: Sat, 30 Jan 2021 00:15:05 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1611965694/ctime:1611965693/gid:20/gname:staff/md5:67f4555755029e469a27173f3e6c2016/mode:33188/mtime:1611965693/uid:502/uname:jamiesalvatori
etag: "67f4555755029e469a27173f3e6c2016"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea92204ce4382f-FRA
x-amz-cf-id: RpsiwHPgu2hNZHmIY3eKlCwbyON0QiTlPNW8ssPpkEBynmEw-Pv4gA==

GET
H2 200 4aVobFW5ajg Show response
www.youtube.com/embed/ Frame F561 67 KB
29 KB 200ms
93ms Document
text/html 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/4aVobFW5ajg?wmode=transparent&rel=0&iv_load_policy=3&iv_load_policy=1&showinfo=0

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48d963a0cd68d0143539569b8bebc84c08e3a3757443c2ed82916b547a6f10b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vat19.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 19:22:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 23ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.97

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 24 Feb 2023 19:22:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 7b9XiBGV1z4g0Syl3D4F8K0lOWcVmGCmtPNPMUot/6eCzx24Wy/5jw9of/yBA+DanJ0Y4t0qaC6SifphHQmH8A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1740066219549239 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 30ms
30ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1740066219549239?v=2.9.97&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

74ee7882b3f206d7787742fd8ce02032e128318386505143cb1088fb3c1df7be

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 24 Feb 2023 19:22:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110314
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: +a/a3BkUH7Oy+oCSKCwvo9w8ymk3W61UxsEtwTjcngF78JK9d5ZQl4OCp1q/LbQGXJIcyhBIX17P6IgAiiT4sA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 5222252.js Show response
bat.bing.com/p/action/ 0
118 B 124ms
124ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5222252.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 24 Feb 2023 19:22:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 631BA2D724F54341A59D0BEF75359E3E Ref B: DUS30EDGE0914 Ref C: 2023-02-24T19:22:34Z
x-cache: CONFIG_NOCACHE

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 87ms
21ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1740066219549239&ev=PageView&dl=https%3A%2F%2Fwww.vat19.com%2F&rl=&if=false&ts=1677266554961&sw=1600&sh=1200&ud[country]=79adb2a2fce5c6ba215fe5f27f532d4e7edbac4b6a5e09e1ef3a08084a904621&v=2.9.97&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1677266554959.609258461&it=1677266554880&coo=false&rqm=GET

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 24 Feb 2023 19:22:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/9419f2ea/ Frame F561 396 KB
51 KB 41ms
40ms Stylesheet
text/css 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9419f2ea/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4aVobFW5ajg?wmode=transparent&rel=0&iv_load_policy=3&iv_load_policy=1&showinfo=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e5a350e35882205d6ffa3c8c493a2746268c8297fcd867349c95d88b93b2f15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4aVobFW5ajg?wmode=transparent&rel=0&iv_load_policy=3&iv_load_policy=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40928
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52120
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 01:53:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 24 Feb 2024 08:00:27 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F561 15 KB
15 KB 136ms
45ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4aVobFW5ajg?wmode=transparent&rel=0&iv_load_policy=3&iv_load_policy=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 20:22:37 GMT
x-content-type-options: nosniff
age: 82798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 20:22:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F561 15 KB
16 KB 127ms
36ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4aVobFW5ajg?wmode=transparent&rel=0&iv_load_policy=3&iv_load_policy=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:57:56 GMT
x-content-type-options: nosniff
age: 123879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 08:57:56 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/9419f2ea/www-embed-player.vflset/ Frame F561 346 KB
108 KB 58ms
57ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9419f2ea/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4aVobFW5ajg?wmode=transparent&rel=0&iv_load_policy=3&iv_load_policy=1&showinfo=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dc05612abb942f1c013091f152ff58185c1eb77cae883f3c58d19e01efc9d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4aVobFW5ajg?wmode=transparent&rel=0&iv_load_policy=3&iv_load_policy=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40928
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110661
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 01:53:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 24 Feb 2024 08:00:27 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/ Frame F561 2 MB
602 KB 72ms
71ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4aVobFW5ajg?wmode=transparent&rel=0&iv_load_policy=3&iv_load_policy=1&showinfo=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c597dd42d415ed20721af88a0b1960c390d5fc6e6c6d65c957c5b17525a115f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4aVobFW5ajg?wmode=transparent&rel=0&iv_load_policy=3&iv_load_policy=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:03:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 616341
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 01:53:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 24 Feb 2024 08:03:37 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/9419f2ea/fetch-polyfill.vflset/ Frame F561 9 KB
3 KB 70ms
69ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9419f2ea/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4aVobFW5ajg?wmode=transparent&rel=0&iv_load_policy=3&iv_load_policy=1&showinfo=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4aVobFW5ajg?wmode=transparent&rel=0&iv_load_policy=3&iv_load_policy=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40928
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 01:53:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 24 Feb 2024 08:00:27 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame F561
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

55ms
54ms

XHR
application/json

2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4aVobFW5ajg?wmode=transparent&rel=0&iv_load_policy=3&iv_load_policy=1&showinfo=0

Protocol

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c71a4cbf4809e53598128cfb3d3ce6d0573644cefd29601ae738bf81a31106d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 24 Feb 2023 19:22:35 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F561 29 B
495 B 72ms
21ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:07:46 GMT
x-content-type-options: nosniff
age: 889
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Feb 2023 19:22:46 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 160ms
57ms Preflight
text/html 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 24 Feb 2023 19:22:35 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F561 66 KB
30 KB 64ms
64ms XHR
application/json+protobuf 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96f661cd0c4595e96b40bfdba8c58e5356161fc81f3ddaafd0ad0a290089599b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 24 Feb 2023 19:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30854
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/ Frame F561 116 KB
36 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0258f92749598b55dc7dae43bb611ce3c5b3f490d62a5c96247dd94bcc9bbe7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4aVobFW5ajg?wmode=transparent&rel=0&iv_load_policy=3&iv_load_policy=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40416
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36521
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 01:53:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 24 Feb 2024 08:08:59 GMT

GET
H2 200 mxY7LFv-oYqXTQV_TLzc42ucxNLoJrxhGNcZhTJusLc.js Show response
www.google.com/js/th/ Frame F561 36 KB
14 KB 125ms
34ms Script
text/javascript 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/mxY7LFv-oYqXTQV_TLzc42ucxNLoJrxhGNcZhTJusLc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b163b2c5bfea18a974d057f4cbcdce36b9cc4d2e826bc6118d71985326eb0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14113
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 07:01:06 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/ Frame F561 27 KB
8 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f973da93d95af2cc415e022c5481cd7e257ad7abb6c39fb49c35256e51509c49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4aVobFW5ajg?wmode=transparent&rel=0&iv_load_policy=3&iv_load_policy=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:08:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8518
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 01:53:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 24 Feb 2024 08:08:31 GMT

GET
DATA 200
OK truncated
/ Frame F561 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AL5GRJULho34K2DYsg7CBUx5eTcqqKnwi0Fx0Z6Gv8-gcvI=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame F561 3 KB
3 KB 128ms
35ms Image
image/jpeg 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AL5GRJULho34K2DYsg7CBUx5eTcqqKnwi0Fx0Z6Gv8-gcvI=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4aVobFW5ajg?wmode=transparent&rel=0&iv_load_policy=3&iv_load_policy=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6a3b1a44275d0098a4bc98a47563b2ad60ece71d7ca54e865c5e3e994f89088b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 16:38:09 GMT
x-content-type-options: nosniff
age: 9866
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3278
x-xss-protection: 0
server: fife
etag: "v5179"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 15 Feb 2023 20:17:54 GMT

GET
H2 200 sd2.jpg
i.ytimg.com/vi/4aVobFW5ajg/ Frame F561 22 KB
23 KB 144ms
34ms Image
image/jpeg 2a00:1450:400d:806::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/4aVobFW5ajg/sd2.jpg?sqp=-oaymwEoCIAFEOAD8quKqQMcGADwAQH4AbYIgAKAD4oCDAgAEAEYciBNKDowDw==&rs=AOn4CLChncwGz3khk5itM97lMDWbF0bLkQ

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4aVobFW5ajg?wmode=transparent&rel=0&iv_load_policy=3&iv_load_policy=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c1bbdd561e58e1a3e6d87a4758118326122beede06a5ef29e02a2723bc360c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:17:39 GMT
x-content-type-options: nosniff
age: 296
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22993
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 19:22:39 GMT

GET
H2 200 blissfully-oversized-gummy-goodness.jpg
images.vat19.com/home/ 77 KB
78 KB 32ms
31ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/home/blissfully-oversized-gummy-goodness.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fa5255c37af9f0ec1b73ec214a1f0a3eb4829742206547d679806aa3a406def

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:35 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 2016706
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
content-length: 79289
cf-bgj: h2pri
last-modified: Sat, 08 Jan 2022 19:29:40 GMT
x-amz-meta-s3cmd-attrs: atime:1641670170/ctime:1641670168/gid:20/gname:staff/md5:6cc1578ccc78b36dad50fb78682e065d/mode:33188/mtime:1641670168/uid:501/uname:jamiesalvatori
server: cloudflare
etag: "6cc1578ccc78b36dad50fb78682e065d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea9223396b382f-FRA
x-amz-cf-id: Ga8CQG213rqeDbwKyjfJSFakYqEB7QwMwQZZitxZHZS2uYLVm9tQZw==

GET
H2 200 firebiner.jpg
images.vat19.com/firebiner/ 115 KB
116 KB 46ms
46ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/firebiner/firebiner.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb3f622fea1b75f1303033700831cd5f18c09f140aa7f433b3e0134e5f3c816b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:35 GMT
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
content-length: 117919
last-modified: Wed, 14 Mar 2018 17:57:18 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:jamiemsalvatori/gid:20/mode:33279/mtime:1510682071/atime:1521050235/md5:5b5fd86299e6eb7912e7e32655d02b26/ctime:1521050177
etag: "5b5fd86299e6eb7912e7e32655d02b26"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea9223396c382f-FRA
x-amz-cf-id: s-94Tc1kfBSg99N7pGQglsB0mTpQFg8u7Fmw5jAaZUMJwthkOwjjPw==

GET
H2 200 hypnocube-living-room.jpg
images.vat19.com/hypnocube/ 65 KB
66 KB 43ms
42ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/hypnocube/hypnocube-living-room.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f7ae381f50797648e967ba0d3aceb953568047301c3dee220bbf159ad17a30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:35 GMT
content-encoding: UTF-8
via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
content-length: 67067
last-modified: Wed, 29 May 2013 18:00:24 GMT
server: cloudflare
etag: "b06f65d2c74d94fe23d4756121fb82b9"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79ea9223396e382f-FRA
x-amz-cf-id: uAztUs11cD3rujQlOSyNqBj5TppT5j5zrP_QlAVGcXceCTqURJgB2Q==

GET
H2 200 blobfish-squishy-views.jpg
images.vat19.com/blobfish-squishy/ 60 KB
60 KB 37ms
37ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/blobfish-squishy/blobfish-squishy-views.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5fc69f31976f1eb986cd9b2f12efa39c9abf44b06661a882cb0e0a86479a669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:35 GMT
via: 1.1 920d2a45d275def633b7efde005c8be8.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 258898
x-amz-cf-pop: BUD50-C1
x-cache: Hit from cloudfront
content-length: 61036
cf-bgj: h2pri
last-modified: Thu, 25 Jun 2020 03:26:55 GMT
x-amz-meta-s3cmd-attrs: atime:1593055612/ctime:1593055595/gid:20/gname:staff/md5:46e32facf37366449faaca1ee88b1377/mode:33188/mtime:1593055556/uid:501/uname:jamiesalvatori
server: cloudflare
etag: "46e32facf37366449faaca1ee88b1377"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ea9223396f382f-FRA
x-amz-cf-id: 8iT2bFTK_Hz5ct58iHBcqNw_nrTdQvrCfVeQBIHKCRtKEowBl1RQaw==

GET
H2 200 country Show response
hello.zonos.com/api/ 2 KB
1 KB 86ms
41ms XHR
application/json 143.204.89.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.zonos.com/api/country?siteKey=1XD8502DGYE4G
Requested by: Host: hello.zonos.com
URL: https://hello.zonos.com/hello.js?siteKey=1XD8502DGYE4G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-5.fra50.r.cloudfront.net
Software: /
Resource Hash: 9feb139431f6e6d58942763789bb8d4fe8e920e04a4a92d57b0340675c81b8a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:02:54 GMT
content-encoding: gzip
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 1181
x-amzn-requestid: 326aceb4-e5be-437a-816b-2684eb737882
x-amzn-trace-id: Root=1-63f909de-7a9e3b653f6be7d3749c756b;Sampled=0
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1200
x-amz-apigw-id: A256xEX_oAMFg-w=
x-amz-cf-id: LWLviUptuvGsBA7YmZ_BeCL9p4Bb6zVVkBEuQLk5UZB-6T9bzNYjhA==

GET
H2 200 pubads_impl_2023022102.js Show response
securepubads.g.doubleclick.net/gpt/ 383 KB
130 KB 172ms
37ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072601

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

657ce65f87e54b2a6c1bc0db7a92f6c8a5dfa40906a7da8b7a897741ff32d3bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 23:02:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246033
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132325
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:18:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 21 Feb 2024 23:02:02 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 88 B
610 B 203ms
69ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.vat19.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d933b79028e78a46e98952d3ef1abd84f016f415a4b461a32fb4b37bf60cec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
x-xss-protection: 0
expires: Fri, 24 Feb 2023 19:22:35 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 productsForAutoSuggest Show response
www.vat19.com/index.cfm/ajax/ 53 KB
20 KB 188ms
188ms XHR
application/json 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vat19.com/index.cfm/ajax/productsForAutoSuggest

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52a97101bee7f70dcf21c6b8d56fe87a2f03533bc84370cd3650135b51d9a4b

Security Headers

Name	Value
X-Content-Type-Options	Nosniff
X-Frame-Options	Deny

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.vat19.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:35 GMT
content-encoding: gzip
x-content-type-options: Nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
vary: User-Agent
x-frame-options: Deny
content-type: application/json;charset=utf-8
cache-control: private
cf-ray: 79ea92238a11382f-FRA

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/ 126 KB
44 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5e67f4e0345fd4a7db60777a6f1e64f667ad845eea750fb4951532e08413712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 22:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44881
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 22:29:33 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/ 125 KB
43 KB 37ms
37ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=renderBadge

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e30a5c2888f47ae3adae2b759599060878da807af1318dc7539457be0123ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 16:57:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43803
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 16:57:35 GMT

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame 0DAE 2 KB
866 B 80ms
80ms Document
text/html 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channel=vat19com&layout=default&count=default&hl=en_US&origin=https%3A%2F%2Fwww.vat19.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=renderBadge

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90e15748a923d8c4b3b894d772a7130b161c3058ffb743490da008ee21fd31db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vat19.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Fri, 24 Feb 2023 19:22:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-232234-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 Feb 2023 18:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4065
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 24 Feb 2023 20:14:50 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 130 KB
50 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1072689069&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-232234-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a15dbb65196d747a84b6bb14f5ff56e7d629a3e0b9d36c56b6e89d9adec61b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51424
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Feb 2023 19:22:35 GMT

GET
H2 204 0
bat.bing.com/action/ 0
286 B 52ms
51ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5222252&Ver=2&mid=e07777c4-1d0d-4a52-a20c-080206b2876b&sid=97d33590b47811edbfd05fa2a7111b5f&vid=97d35b30b47811ed8d12f58bc04c331a&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Vat19.com%3A%20Unique%20Gifts%20and%20Unusual%20Gift%20Ideas&p=https%3A%2F%2Fwww.vat19.com%2F&r=&lt=1851&evt=pageLoad&sv=1&rn=340394

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 24 Feb 2023 19:22:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F211BF26F61448EF8C2E377800D11B52 Ref B: DUS30EDGE0914 Ref C: 2023-02-24T19:22:35Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F561 4 KB
2 KB 87ms
37ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 19:22:35 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 26ms
21ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1740066219549239&ev=Microdata&dl=https%3A%2F%2Fwww.vat19.com%2F&rl=&if=false&ts=1677266555475&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Vat19.com%3A%20Unique%20Gifts%20and%20Unusual%20Gift%20Ideas%22%2C%22meta%3Adescription%22%3A%22Vat19.com%20is%20your%20source%20for%20curiously%20awesome%20gifts%2C%20unique%20gifts%2C%20and%20unusual%20gift%20ideas.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22https%3A%2F%2Fwww.vat19.com%22%2C%22logo%22%3A%22https%3A%2F%2Fs3.amazonaws.com%2Fimages1.vat19.com%2Fbranding%2Fvat19-mobile-logo-2x.png%22%2C%22contactPoint%22%3A%5B%7B%22%40type%22%3A%22ContactPoint%22%2C%22telephone%22%3A%22%2B1-800-476-1991%22%2C%22contactType%22%3A%22customer%20service%22%7D%5D%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.youtube.com%2Fvat19%22%2C%22https%3A%2F%2Fwww.facebook.com%2Fvat19%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fvat19%22%2C%22https%3A%2F%2Fwww.twitter.com%2Fvat19%22%5D%7D%5D&sw=1600&sh=1200&ud[country]=79adb2a2fce5c6ba215fe5f27f532d4e7edbac4b6a5e09e1ef3a08084a904621&v=2.9.97&r=stable&ec=1&o=30&fbp=fb.1.1677266554959.609258461&it=1677266554880&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 24 Feb 2023 19:22:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame F561 0
10 B 37ms
37ms Image
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?ujY8ow
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/4aVobFW5ajg?wmode=transparent&rel=0&iv_load_policy=3&iv_load_policy=1&showinfo=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4aVobFW5ajg?wmode=transparent&rel=0&iv_load_policy=3&iv_load_policy=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 translation Show response
hello.zonos.com/api/ 23 KB
5 KB 30ms
29ms XHR
application/json 143.204.89.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.zonos.com/api/translation?c=DE&siteKey=1XD8502DGYE4G
Requested by: Host: hello.zonos.com
URL: https://hello.zonos.com/hello.js?siteKey=1XD8502DGYE4G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-5.fra50.r.cloudfront.net
Software: /
Resource Hash: 33d4df16f023836b9886aa049f8684a7ef0d4dd8210d2ab930b4567ffb93462b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:02:54 GMT
content-encoding: gzip
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 1181
x-amzn-requestid: 3d48993a-f1b4-4dec-81f2-684d9aeaca33
x-amzn-trace-id: Root=1-63f909de-3a7d28c55255c90574dba400;Sampled=0
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1200
x-amz-apigw-id: A2561FQeIAMF9Kw=
x-amz-cf-id: -AIObYl1aNOSDyY0fXpzXkFpKxG0JmHyt0keW_8MZH57dra42oky9Q==

GET
H2 200 DE.png
hello.zonos.com/images/flags/ 3 KB
4 KB 27ms
25ms Image
image/png 143.204.89.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hello.zonos.com/images/flags/DE.png
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-5.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 039c1003dfbea8c384ba2b341364c79644c0de83376c779696f4c8c963a45016

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:19:44 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified: Mon, 28 Oct 2019 15:31:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 57772
etag: "c4661ba58a2e9a500135f7144c4c606e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
content-length: 3271
x-amz-cf-id: XfedWNi6lHbcmm2HhMg1gYQiwHHrGxRNMeVYRs9zhAEVpGvg6R7q8Q==

GET
H3 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 0DAE 38 KB
6 KB 36ms
36ms Stylesheet
text/css 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=vat19com&layout=default&count=default&hl=en_US&origin=https%3A%2F%2Fwww.vat19.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channel=vat19com&layout=default&count=default&hl=en_US&origin=https%3A%2F%2Fwww.vat19.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6066
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 24 Feb 2024 14:33:59 GMT

GET
H3 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 0DAE 252 KB
72 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channel=vat19com&layout=default&count=default&hl=en_US&origin=https%3A%2F%2Fwww.vat19.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 01:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236625
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73785
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 22 Feb 2024 01:38:50 GMT

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame DA53 566 B
810 B 160ms
57ms Document
text/html 2a00:1450:400d:807::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.vat19.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f7f59d10d9ec877fbba24923179713b2f65fd10b1a1b360aa56deda9bfa48b4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-uAG9sWME-lCKEHQ8vl19Cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vat19.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-uAG9sWME-lCKEHQ8vl19Cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Fri, 24 Feb 2023 19:22:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F561 90 B
134 B 56ms
56ms XHR
application/json+protobuf 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f5591f60232f98dfd9e77e072ab21ed52e0ae020912b3a60d506cb3cb438268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 24 Feb 2023 19:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 55ms
54ms Preflight
text/html 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 24 Feb 2023 19:22:35 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 report Show response
hello.zonos.com/api/translation/ 0
367 B 393ms
393ms XHR
application/json 143.204.89.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.zonos.com/api/translation/report?c=DE&siteKey=1XD8502DGYE4G
Requested by: Host: hello.zonos.com
URL: https://hello.zonos.com/hello.js?siteKey=1XD8502DGYE4G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-5.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vat19.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 Feb 2023 19:22:36 GMT
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-trace-id: Root=1-63f90e7b-1e23b7880505930d3d565637;Sampled=0
x-amzn-requestid: 81e02ff8-2201-4b14-81d4-aadd603dcf3d
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
x-amz-apigw-id: A28zaGYvoAMFijA=
content-length: 0
x-amz-cf-id: yJDpavfrGZ2Ldw3CKY5wJqFqMpQ4MXTbUzvnFs0pteqei0nNQ_kJfg==

GET
H3 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=ratingbadge/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/ 583 B
408 B 35ms
35ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=ratingbadge/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_2?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0187466117b84d23b6e0a1a057c5b840774eb2a968f9703f98f02d7ff1b33e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 20:42:43 GMT

GET
H3 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 0DAE 156 B
184 B 35ms
34ms Image
image/png 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 13:00:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 109322
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 156
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Feb 2024 13:00:33 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 28ms
27ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=46323430&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vat19.com%2F&ul=en-us&de=UTF-8&dt=Vat19.com%3A%20Unique%20Gifts%20and%20Unusual%20Gift%20Ideas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1253711198&gjid=777168844&cid=486326688.1677266556&tid=UA-232234-1&_gid=1829234642.1677266556&_r=1&gtm=457e32m0&z=296991362

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vat19.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:22:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vat19.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072689069/ 2 KB
945 B 99ms
99ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072689069/?random=1677266555734&cv=11&fst=1677266555734&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.vat19.com%2F&tiba=Vat19.com%3A%20Unique%20Gifts%20and%20Unusual%20Gift%20Ideas&auid=1299288707.1677266556&uamb=0&uaw=0&data=event%3Dpage_view%3Becomm_pagetype%3Dhome%3Becomm_prodid%3D&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1072689069&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee385079fcd3516a24a59ee9c883716a5ccc37512a212f73733edf76feb4e87d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:22:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 920
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/110/ Frame F561 50 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/110/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 13:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14851
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 16:13:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 25 Feb 2023 13:29:45 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/ Frame 0DAE 132 KB
44 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42f517b3a4cebf14bbe5a56955ccc06f82104d7d6e7430a5a4c8f104e12026a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 17:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45325
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 17:03:24 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 165ms
32ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.vat19.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 94ms
30ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.vat19.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
20 KB 780ms
780ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3905315572211278&correlator=4295001573727890&eid=31072601%2C44752585&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fifs&iu_parts=184899792%2Cvat19bottomleaderboard%2Cvat19categorybar&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C160x600&ifi=1&adks=3853484998%2C1326068277&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1677266555793&lmt=1677266555&dlt=1677266554228&idt=1540&adxs=436%2C328&adys=2517%2C1330&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.vat19.com%2F&frm=20&vis=1&psz=1600x1478%7C224x1591&msz=728x-1%7C160x-1&fws=0%2C4&ohw=0%2C1024&ga_vid=486326688.1677266556&ga_sid=1677266556&ga_hid=46323430&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9c0720e7a317ea918bde5e696663977fc762930935d4c4fb42b8f5c2ef6382e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20104
x-xss-protection: 0
google-lineitem-id: -1,216231752
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,101442231392
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vat19.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D68F 6 KB
3 KB 230ms
70ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vat19.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 19:22:35 GMT
expires: Sat, 24 Feb 2024 19:22:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 cspreport
accounts.google.com/o/ Frame DA53 0
249 B 63ms
62ms Other
text/html 2a00:1450:400d:807::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-ioFGbYb423StQWDJa7tlug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.vat19.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:22:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-ioFGbYb423StQWDJa7tlug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1832714284-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame DA53 10 KB
5 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.vat19.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:41:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 358892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4294
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 21:11:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 15:41:03 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame DA53 17 KB
7 KB 2472ms
2471ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d0bf7277e409d17e299ed4df57ebfae207ab38314961dcb1dac2e41868b3cb6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 Feb 2023 19:22:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6899
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "b92117da8a268e67"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Feb 2023 19:22:38 GMT

GET
H2 200 badge Show response
www.google.com/shopping/customerreviews/ Frame 1C4D 23 KB
10 KB 214ms
213ms Document
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=1582361&position=BOTTOM_RIGHT&hl=en_US&origin=https%3A%2F%2Fwww.vat19.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81860b5447efec08692f8e23a0975aeaa25dc5b4359e26adfda7dea6060a873d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pLFht8-z8QtjC1iggR2z4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vat19.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=900
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-pLFht8-z8QtjC1iggR2z4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="VerifiedReviewsBadgeUi"
cross-origin-resource-policy: same-site
date: Fri, 24 Feb 2023 19:22:35 GMT
expires: Fri, 24 Feb 2023 19:22:35 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"VerifiedReviewsBadgeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/VerifiedReviewsBadgeUi/external"}]}
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/1072689069/ 42 B
340 B 64ms
63ms Image
image/gif 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1072689069/?random=1677266555734&cv=11&fst=1677265200000&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.vat19.com%2F&tiba=Vat19.com%3A%20Unique%20Gifts%20and%20Unusual%20Gift%20Ideas&data=event%3Dpage_view%3Becomm_pagetype%3Dhome%3Becomm_prodid%3D&fmt=3&is_vtc=1&random=3344954896&rmt_tld=0&ipr=y

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:22:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1072689069/ 42 B
455 B 168ms
61ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1072689069/?random=1677266555734&cv=11&fst=1677265200000&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.vat19.com%2F&tiba=Vat19.com%3A%20Unique%20Gifts%20and%20Unusual%20Gift%20Ideas&data=event%3Dpage_view%3Becomm_pagetype%3Dhome%3Becomm_prodid%3D&fmt=3&is_vtc=1&random=3344954896&rmt_tld=1&ipr=y

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:22:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cb=gapi.loaded_3 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=gapi_iframes_style_bubble/exm=auth,ratingbadge,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/ 27 KB
9 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=gapi_iframes_style_bubble/exm=auth,ratingbadge,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_3?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8c71d3c4f22b12f1804fc64b1b192ebdb70f6c8e840832efd0df4a0ff05445e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 14:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9191
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 14:11:01 GMT

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame D141 604 B
298 B 73ms
72ms Document
text/html 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDRbNGFusqlXX4a5vwi9ouQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e710984a4ddf83d6b0cd59feccaab8a3d2b10997bf7f12d1a506f49783d501ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vat19.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Fri, 24 Feb 2023 19:22:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
331 B 22ms
22ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 15:21:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 14478
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 24 Feb 2024 15:21:17 GMT

GET
H2 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
130 B 23ms
23ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:53:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 289761
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 21 Feb 2024 10:53:14 GMT

GET
H2 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
416 B 21ms
20ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:41:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 74463
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 23 Feb 2024 22:41:32 GMT

GET
H2 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
206 B 22ms
21ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 09:08:44 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 209631
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 22 Feb 2024 09:08:44 GMT

GET
H2 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
206 B 21ms
21ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 00:49:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 66765
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 24 Feb 2024 00:49:50 GMT

GET
H3 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame D141 9 KB
2 KB 37ms
36ms Stylesheet
text/css 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDRbNGFusqlXX4a5vwi9ouQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDRbNGFusqlXX4a5vwi9ouQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 00:23:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68363
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2447
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 24 Feb 2024 00:23:13 GMT

GET
H3 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame D141 149 KB
44 KB 38ms
37ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDRbNGFusqlXX4a5vwi9ouQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 20:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44975
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Feb 2024 20:22:37 GMT

GET
H2 200 0.jpg
img.youtube.com/vi/d-bqJ7z6IRw/ 12 KB
12 KB 216ms
75ms Image
image/jpeg 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/d-bqJ7z6IRw/0.jpg

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0773bf98b447c3a003af53a0eda3579abccace2a0f07bf1f48aea993eae677c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:18:38 GMT
x-content-type-options: nosniff
age: 238
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12245
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 21:18:38 GMT

GET
H2 200 0.jpg
img.youtube.com/vi/erDon-UIU18/ 14 KB
14 KB 206ms
65ms Image
image/jpeg 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/erDon-UIU18/0.jpg

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed849217faae9ea6ff567313ecb7766f09bfb54cd1b0f8fe72816e25bdfc771b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:18:38 GMT
x-content-type-options: nosniff
age: 238
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14073
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 21:18:38 GMT

GET
H2 200 0.jpg
img.youtube.com/vi/Rm_pytLEh4U/ 24 KB
24 KB 175ms
34ms Image
image/jpeg 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Rm_pytLEh4U/0.jpg

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

830690170367c88ad805418d0c6660685b9fbd00e1528ed6fca8fef70e1bdcd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:18:38 GMT
x-content-type-options: nosniff
age: 238
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24647
x-xss-protection: 0
server: sffe
etag: "1673719318"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 21:18:38 GMT

GET
H2 200 0.jpg
img.youtube.com/vi/hgoyC5tgmDo/ 10 KB
10 KB 240ms
100ms Image
image/jpeg 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/hgoyC5tgmDo/0.jpg

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b54e46c22e1d321a4b819d62cb206462a7f0721a2b060bc5029f74a911ce1434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:18:39 GMT
x-content-type-options: nosniff
age: 237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9733
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 21:18:39 GMT

GET
H2 200 0.jpg
img.youtube.com/vi/ZQZC-6Ji1T4/ 10 KB
10 KB 244ms
104ms Image
image/jpeg 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/ZQZC-6Ji1T4/0.jpg

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

543627c6d7b261af870c84d6ec11eba66551541abd02e7cfdf2b3d431a24db58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:18:39 GMT
x-content-type-options: nosniff
age: 237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10307
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 21:18:39 GMT

GET
H2 200 0.jpg
img.youtube.com/vi/WAMJf0ZLe-c/ 23 KB
23 KB 224ms
84ms Image
image/jpeg 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/WAMJf0ZLe-c/0.jpg

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eca818d74c683c4fdccdffe80b6e066e2dcadbce410f733e7483c8b359db689

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:18:39 GMT
x-content-type-options: nosniff
age: 237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23238
x-xss-protection: 0
server: sffe
etag: "1672599376"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 21:18:39 GMT

POST
H3 204 cspreport
www.google.com/_/VerifiedReviewsBadgeUi/ Frame 1C4D 0
26 B 180ms
179ms Other
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/VerifiedReviewsBadgeUi/cspreport

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport, script-src 'report-sample' 'nonce-LqLUXPHcLfKtZFigC1lt3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=1582361&position=BOTTOM_RIGHT&hl=en_US&origin=https%3A%2F%2Fwww.vat19.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 24 Feb 2023 19:22:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport, script-src 'report-sample' 'nonce-LqLUXPHcLfKtZFigC1lt3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="VerifiedReviewsBadgeUi"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"VerifiedReviewsBadgeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/VerifiedReviewsBadgeUi/external"}]}
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=_b,_tp,_r Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.-xhO-bmBTF0.es5.O/am=cAYAAg/d=1/excm=_b,_r,_tp,badgeview/ed=1/dg=0/wt=2/rs=AC... Frame 1C4D 157 KB
55 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.-xhO-bmBTF0.es5.O/am=cAYAAg/d=1/excm=_b,_r,_tp,badgeview/ed=1/dg=0/wt=2/rs=AC8lLkSMErLY9ptt6RCsCuSgCIwmtIhRVg/m=_b,_tp,_r

Requested by

Host: www.google.com
URL: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=1582361&position=BOTTOM_RIGHT&hl=en_US&origin=https%3A%2F%2Fwww.vat19.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbcb355a265f81f5158072022ff479054b5f5878640be8ce592eca257895dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56300
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 05:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 13:40:04 GMT

GET
H3 200 no_rating.png
www.gstatic.com/verifiedreviews/en/ Frame 1C4D 2 KB
2 KB 22ms
22ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/verifiedreviews/en/no_rating.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc9647e7b0e6417f6ab44679e7c95f922371946e04bc477ec21424dd0f761e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:06:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 198980
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1551
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 22 Feb 2024 12:06:16 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/ Frame D141 132 KB
44 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42f517b3a4cebf14bbe5a56955ccc06f82104d7d6e7430a5a4c8f104e12026a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 17:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45325
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 17:03:24 GMT

GET
H3 200 m=byfTOb,lsjVmc,xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,LEikZe,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,vhDjqd Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.-xhO-bmBTF0.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.vQ8... Frame 1C4D 95 KB
33 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.-xhO-bmBTF0.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.vQ856wW3KHQ.L.B1.O/am=cAYAAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,badgeview/ed=1/wt=2/rs=AC8lLkTQVNuXOe9cgpnQJyHjMO1lVUaFXA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,LEikZe,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,vhDjqd

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.-xhO-bmBTF0.es5.O/am=cAYAAg/d=1/excm=_b,_r,_tp,badgeview/ed=1/dg=0/wt=2/rs=AC8lLkSMErLY9ptt6RCsCuSgCIwmtIhRVg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb33d5612d12d536455056e790899ec34b632f6b5ed64cb5394b49c675a2a7b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 13:40:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33793
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 05:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 13:40:05 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.-xhO-bmBTF0.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.vQ8... Frame 1C4D 29 KB
12 KB 37ms
37ms Script
text/javascript 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.-xhO-bmBTF0.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.vQ856wW3KHQ.L.B1.O/am=cAYAAg/d=1/exm=IZT63,LEikZe,MpJwZc,NwH0H,PrPYRd,UUJqVe,_b,_r,_tp,byfTOb,gychg,hc6Ubd,lsjVmc,n73qwf,vfuNJf,vhDjqd,ws9Tlc,xUdipf/excm=_b,_r,_tp,badgeview/ed=1/wt=2/rs=AC8lLkTQVNuXOe9cgpnQJyHjMO1lVUaFXA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.-xhO-bmBTF0.es5.O/am=cAYAAg/d=1/excm=_b,_r,_tp,badgeview/ed=1/dg=0/wt=2/rs=AC8lLkSMErLY9ptt6RCsCuSgCIwmtIhRVg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c27e2ad21872110f0804fb91c609c4deb209fbe13960c1803227956b2e8d2eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 13:40:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12028
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 05:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 13:40:05 GMT

GET
H3 200 m=lwddkf,EFQ78c Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.-xhO-bmBTF0.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.vQ8... Frame 1C4D 5 KB
2 KB 40ms
39ms Script
text/javascript 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.-xhO-bmBTF0.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.vQ856wW3KHQ.L.B1.O/am=cAYAAg/d=1/exm=FCpbqb,IZT63,LEikZe,MpJwZc,NwH0H,PrPYRd,UUJqVe,WhJNk,Wt6vjf,_b,_r,_tp,byfTOb,gychg,hc6Ubd,hhhU8,lsjVmc,n73qwf,vfuNJf,vhDjqd,ws9Tlc,xUdipf/excm=_b,_r,_tp,badgeview/ed=1/wt=2/rs=AC8lLkTQVNuXOe9cgpnQJyHjMO1lVUaFXA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=lwddkf,EFQ78c

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.-xhO-bmBTF0.es5.O/am=cAYAAg/d=1/excm=_b,_r,_tp,badgeview/ed=1/dg=0/wt=2/rs=AC8lLkSMErLY9ptt6RCsCuSgCIwmtIhRVg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dcb5646b20e5ae472fe2beb7f444b1e34f425ebf2e6da79cbcc986211485ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 13:40:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2231
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 05:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 13:40:05 GMT

GET
H3 200 api.js Show response
apis.google.com/js/ Frame 1C4D 17 KB
7 KB 137ms
136ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.-xhO-bmBTF0.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.vQ856wW3KHQ.L.B1.O/am=cAYAAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,badgeview/ed=1/wt=2/rs=AC8lLkTQVNuXOe9cgpnQJyHjMO1lVUaFXA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,LEikZe,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,vhDjqd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea12dfa0a21ef0aff014277a2a2f37e1cdb77aa0d12418d163d32a24236228f1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 Feb 2023 19:22:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6890
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "54342ea4be5fb089"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Feb 2023 19:22:36 GMT

GET
H3 200 m=RqjULd Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.-xhO-bmBTF0.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.vQ8... Frame 1C4D 13 KB
5 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.-xhO-bmBTF0.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.vQ856wW3KHQ.L.B1.O/am=cAYAAg/d=1/exm=EFQ78c,FCpbqb,IZT63,LEikZe,MpJwZc,NwH0H,PrPYRd,UUJqVe,WhJNk,Wt6vjf,_b,_r,_tp,byfTOb,gychg,hc6Ubd,hhhU8,lsjVmc,lwddkf,n73qwf,vfuNJf,vhDjqd,ws9Tlc,xUdipf/excm=_b,_r,_tp,badgeview/ed=1/wt=2/rs=AC8lLkTQVNuXOe9cgpnQJyHjMO1lVUaFXA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=RqjULd

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.-xhO-bmBTF0.es5.O/am=cAYAAg/d=1/excm=_b,_r,_tp,badgeview/ed=1/dg=0/wt=2/rs=AC8lLkSMErLY9ptt6RCsCuSgCIwmtIhRVg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53deecd693c08e2bf4567f56666543348577a9067e7b564c87621ec5b08dad09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 13:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4883
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 05:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 13:40:06 GMT

POST
H2 200 log Show response
play.google.com/ Frame 1C4D 131 B
578 B 158ms
68ms XHR
text/plain 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.-xhO-bmBTF0.es5.O/am=cAYAAg/d=1/excm=_b,_r,_tp,badgeview/ed=1/dg=0/wt=2/rs=AC8lLkSMErLY9ptt6RCsCuSgCIwmtIhRVg/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 24 Feb 2023 19:22:36 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 Feb 2023 19:22:36 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/ Frame 1C4D 132 KB
44 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42f517b3a4cebf14bbe5a56955ccc06f82104d7d6e7430a5a4c8f104e12026a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 01:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45325
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 01:06:46 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302031721000/ Frame 7D04 222 KB
61 KB 174ms
35ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de886a084ff33bba971a067938a541d20340782ca5a77f0e8879f6571f42fb4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Feb 2023 06:22:32 GMT
age: 219604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61811
x-xss-protection: 0
server: sffe
etag: "c31ac511828178f4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Feb 2024 06:22:32 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 7D04 15 KB
5 KB 230ms
92ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6f8d3f9f2e56fd5910129867513cc25550919e2cc50f8ecafd9d100fb2e44cc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Feb 2023 06:22:32 GMT
age: 219604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5233
x-xss-protection: 0
server: sffe
etag: "031ab09f7d5e6c1f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Feb 2024 06:22:32 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 7D04 94 KB
28 KB 235ms
97ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4275796e9f1cfa6219c319180a5adcbf3da9c0f753c719fe4c48d43addff507

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Feb 2023 06:22:32 GMT
age: 219604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28880
x-xss-protection: 0
server: sffe
etag: "1d865d9ba0a59851"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Feb 2024 06:22:32 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 7D04 5 KB
2 KB 247ms
109ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33cf544ad9b2702ef8cc549ae1fbec26a2afb0ad835c0e3e863b367e18f338dc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Feb 2023 06:22:32 GMT
age: 219604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1916
x-xss-protection: 0
server: sffe
etag: "2b4961eb83980a40"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Feb 2024 06:22:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 7D04 40 KB
13 KB 248ms
110ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bba1bb5847e0990d0d2983df61e98417272fc1aa014b09c4f8dda08e7b103ac

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Feb 2023 06:22:32 GMT
age: 219604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12955
x-xss-protection: 0
server: sffe
etag: "06b4b5a97f01e05a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Feb 2024 06:22:32 GMT

GET
DATA 200
OK truncated
/ Frame 7D04 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c36bc6a16d24f5d5dacf177d18a6810c9820c5e0d3140f9559e464f94c6b05e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E6AF 6 KB
3 KB 37ms
35ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vat19.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 19:22:35 GMT
expires: Sat, 24 Feb 2024 19:22:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 8549521112366003610
tpc.googlesyndication.com/daca_images/simgad/ Frame 7D04 23 KB
23 KB 53ms
38ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8549521112366003610

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

528d9f12eb386b6439db5013fcfabb73cafabd9b0a62c3fe694f6c0cf453999d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 21:52:21 GMT
x-content-type-options: nosniff
age: 250215
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23428
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 09:57:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Feb 2024 21:52:21 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7D04 2 KB
3 KB 49ms
35ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:22:32 GMT
x-content-type-options: nosniff
server: cafe
age: 46804
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 25 Feb 2023 06:22:32 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7D04 295 B
371 B 52ms
38ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:22:32 GMT
x-content-type-options: nosniff
server: cafe
age: 46804
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 25 Feb 2023 06:22:32 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7D04 0
0 82ms
81ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CE0WZew75Y76rNLOZrATdrJXID6bg0d9steeiysQPp_jTvo4vEAEg8NXmH2CVuoCCmAegAaTdmosDyAEC4AIAqAMByAMIqgT3AU_QS2Nt5eLQmWvR9u3mhGtGn5xpVGf7Ch_5GGiVcGZdOwY8hZ4K3XsH1K8Ny6Hp7L8AU5QOLkoWjjBcSy-TvwZCQvzF2TT56IJMR014VJvSMtXqDcRUilCkTHp-x3c9Cvp9z8zBaQXGcLlZm5VF4BdAnXHFnPsmedPqg-zVOp-dUFITxqc0NOYotDX7X5Nryztki1gkJiljEYadsDIIO5nlM3ypMMvoQSD7FFBqAIOxIFl2PJDX0g3MmQVU173meBXVzyUtuFY-o51d5viX1B0YB_tH8gURf6JZcrC474EhqdVwk_dGFVpwdievFFogMwnWhq7YYlnABKH93KjuA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfEouV0qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQotsJ0ggRCIDhgBAQARgdMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItNzYzNjAzODUwNDgwNjQ0ORjY6xs&sigh=gcjqNtwhgIg&uach_m=[UACH]&cid=CAQSSwDUE5ym6Exlmf4dqUjzNdaR6CZnDe8KhHqpZaoxbb1_8cgOK5WoUN6suWrJtAzOccTlC8VOJ8AqS9IkhoOL5dnveQYYYkCM8bkNuhgB
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E6AF 24 KB
7 KB 37ms
34ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com
URL: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 05:10:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 24 Feb 2024 05:10:04 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame E6AF 121 KB
40 KB 278ms
81ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com
URL: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-1e357"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Feb 2023 19:22:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E6AF 158 KB
49 KB 109ms
106ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com
URL: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 19:22:36 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E6AF 0
0 71ms
70ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwk6fSJwFivJlwc1lUhKc5CvWVxknbWHliln5bUY1h_p8NUP6mSvqHKt_Kz3Gw1X-MGwnYNTjnQy_bWw1JTYVhXuvkXvxrMtVjh4XRS6ItrWlLLcQ1HUpRLGbqmj7SzX-Rure5Rei8x2vPICMtsvmYa9Blyge2QIbxbBs6jJ127Yg2tEkauZtg5knN5fX75vMcQVPjfN74dZceSIuVOq_uVerhH9JFcWx9mw3e2s5aIQRcPOU1iWaUKOwrmCOUorRk84jOFr717aGh5JikCooa68ibTBm_qdeh0SXNxbu7Mszd-FkKmvuRb1Y7-TIrUDo_7D7ZE8eM-Xa__l2u966y&sai=AMfl-YTOGsKN0vYo2wlKEiplKItTo7Z-T_XdlkPVqZ2Cuk5Wcw1_TXsqUJNRjSko-KQ5gW_HWiPk2tc0CG73i4TPxjejWMHOZ771LaxJO2sNirIqFr0FHWjpdRX5a9wAadmWhjd0dZ05VryE7pQuwrE&sig=Cg0ArKJSzDM6mjTtN9mMEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com
URL: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 7D04
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

78ms
77ms

Image
text/html

2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H3
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

date: Fri, 24 Feb 2023 19:22:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ajs.php Show response
cas.criteo.com/delivery/ Frame E6AF 2 KB
2 KB 178ms
40ms XHR
text/javascript 2a02:2638::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://cas.criteo.com/delivery/ajs.php?ptv=135&containerid=crt-392728&zoneid=392728&cb=36016289217&nodis=1&charset=UTF-8&dc=2&loc=https%3A%2F%2Fwww.vat19.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e2d2ad9b0779e88d0813ab83952362cfec9b727a772b707df6684b130ae9dad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:36 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
p3p: CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 5350301
pragma: no-cache
server: Kestrel
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
access-control-max-age: 1000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4A0A 15 KB
6 KB 249ms
36ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.vat19.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 19:22:36 GMT
server: Kestrel
server-processing-duration-in-ticks: 843454
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame E6AF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc3720b3ea0f52f2eb3a0627d88db74482a270aa026a559f51a0045c6ee093d8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 570E 145 KB
49 KB 136ms
87ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60ce545b2462e761f827dcfc610888fb43b6c89cbbe592e1665b6269a37e374c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49362
x-xss-protection: 0
server: cafe
etag: 9501966943308532660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Feb 2023 19:22:37 GMT

GET
H2 200 testimonialJSON Show response
www.vat19.com/index.cfm/ajax/ 408 B
664 B 178ms
177ms XHR
application/json 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vat19.com/index.cfm/ajax/testimonialJSON?cache=true

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61bfe20b319b96025f940b1807b38e35587fc002e9cfd0f179e6d7ff9bdc3c3a

Security Headers

Name	Value
X-Content-Type-Options	Nosniff
X-Frame-Options	Deny

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.vat19.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
vary: User-Agent
x-frame-options: Deny
content-type: application/json;charset=utf-8
cache-control: private
cf-ray: 79ea922e7bbb382f-FRA

GET
H2 200 ajax-loader.gif
images.vat19.com/generic/ 3 KB
3 KB 33ms
33ms Image
image/gif 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/generic/ajax-loader.gif
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:37 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 2041705
x-cache: Hit from cloudfront
content-length: 3208
last-modified: Tue, 13 Sep 2011 16:29:36 GMT
server: cloudflare
etag: "a51c5608d01acf32df728f299767f82b"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=2052000
accept-ranges: bytes
cf-ray: 79ea922e7bbf382f-FRA
x-amz-cf-id: p8Z536ZFU0hQpWlMOT9dlHt2Ai0CVWHpEmhOAzdg6uUCxRAO8ZY7AA==

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4A0A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com&sn=ChromeSyncframe&so=0&topUrl=www.vat19.com&lsw=1&topicsavail=0&fledgeav...
https://mug.criteo.com/sid?cpp=IBakvXxwSmY3L1R2QU1IYXZJM2t6c0t2dVhHcXNlQ2dqWklJbFFLdUNNZWVMcjA0VTlEYXJMZU12ZnZlb3N6bzQwcFJhdW80ZzFzMWFlbGdoZmJ4azFQaldCUUY5ZFpvak5KQ3JQNHdPQ2dlV1dYTkRyWXVQaFpsajlDZW...

425 B
650 B

320ms
28ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=IBakvXxwSmY3L1R2QU1IYXZJM2t6c0t2dVhHcXNlQ2dqWklJbFFLdUNNZWVMcjA0VTlEYXJMZU12ZnZlb3N6bzQwcFJhdW80ZzFzMWFlbGdoZmJ4azFQaldCUUY5ZFpvak5KQ3JQNHdPQ2dlV1dYTkRyWXVQaFpsajlDZWJOVm1PQ2gzQWxZbml5alA4WVhKUmhhLy8zSjkzNUFEcmJ4eXE5RzJSb2Z6Vy8zYno0TnFOYllMaVJoQkdyVUNYTHN1elRZYmlSRW1XQjc2eGx5T1lVOGtkUlhGck1JTjEyVzlBa0V0cXlhTlltYU1FYVNhUUdRMVhaVXBBajh1T0xFLzBWZUx2aVF5MTRmclo4bDcrbTFqODY5N1J3TWhWNWMvRTc5K3pCejZZQmJheUNFclIwSFFyaDdnRGRqZEJlR21VSkE4RDVLWDdxUEEzUy8vU0MzSkdYN2RiM3UycklzZkRIN3FOaTEwTGZ3RVBXYjg9fA&cppv=2

Requested by

Host: aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com
URL: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

945d9ad6e9447b3dbfcb27bcb3435eea9ed4e6cb6ce79678bf47aff02172ccd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:22:36 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2495671
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:22:36 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=IBakvXxwSmY3L1R2QU1IYXZJM2t6c0t2dVhHcXNlQ2dqWklJbFFLdUNNZWVMcjA0VTlEYXJMZU12ZnZlb3N6bzQwcFJhdW80ZzFzMWFlbGdoZmJ4azFQaldCUUY5ZFpvak5KQ3JQNHdPQ2dlV1dYTkRyWXVQaFpsajlDZWJOVm1PQ2gzQWxZbml5alA4WVhKUmhhLy8zSjkzNUFEcmJ4eXE5RzJSb2Z6Vy8zYno0TnFOYllMaVJoQkdyVUNYTHN1elRZYmlSRW1XQjc2eGx5T1lVOGtkUlhGck1JTjEyVzlBa0V0cXlhTlltYU1FYVNhUUdRMVhaVXBBajh1T0xFLzBWZUx2aVF5MTRmclo4bDcrbTFqODY5N1J3TWhWNWMvRTc5K3pCejZZQmJheUNFclIwSFFyaDdnRGRqZEJlR21VSkE4RDVLWDdxUEEzUy8vU0MzSkdYN2RiM3UycklzZkRIN3FOaTEwTGZ3RVBXYjg9fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 765609
content-length: 0
expires: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ Frame 570E 366 KB
120 KB 140ms
139ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7636038504806449&plah=aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144ec9ea1fa1620c5c498df0f78e36cac2dcb285e0ec794cb493cda84ba9f125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122957
x-xss-protection: 0
server: cafe
etag: 14668344246095582788
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 24 Feb 2023 19:22:37 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/ Frame 6BDF 10 KB
4 KB 35ms
35ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28431
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 11:28:46 GMT
etag: 10353107486223812946
expires: Fri, 10 Mar 2023 11:28:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 570E 107 B
165 B 35ms
34ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7636038504806449&plah=aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 570E 107 B
165 B 31ms
31ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BE36 603 B
66 B 84ms
83ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636038504806449&output=html&h=600&slotname=9724382613&adk=1589514413&adf=3407270560&pi=t.ma~as.9724382613&w=160&lmt=1677266557&format=160x600&url=https%3A%2F%2Faad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677266557387&bpp=3&bdt=208&idt=272&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=6785929175289&frm=24&ife=3&pv=2&ga_vid=416856657.1677266558&ga_sid=1677266558&ga_hid=1490071901&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=3315248091&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759876%2C44759927%2C44777877&oid=2&pvsid=4034446117423295&tmod=1592399581&uas=0&nvt=1&top=https%3A%2F%2Fwww.vat19.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l196npqp2ywn&fsb=1&dtd=293

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 19:22:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 570E 14 KB
11 KB 112ms
68ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230222&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d993597db1d7c2badf1badb494b5148fc8d311ff208b08750111ed393ce8824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10988
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame E6AF 0
0 72ms
71ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7K0HvvJhKRG1MGVMbigc4t8SBoukzyO9aUPg0Vq6TQFj14HrLsOJ1c0VmmpKcr1PvjoI4H0Tl6kwcS92-B2Gxp_5xTwVp_TJBITt58nUobRg92Si0N5Wj0niAaL6kf1HDD2mbYUfAuskfVIoDAc7rrz6Uq2ZPvv0Jqp7TiEitstNGy375i-61zB0xK_ehdk-KwFCcDycHH4ciwnTjbbIoenZRHNjROXSA-m3Cpip4t8kJ1GpyVErFuqQdWYgjH99TixoUV8UCJw2xtTYThVifriGDFXdOYy86TGAJnTTupRZyxLrjE9zXKsGrMhggYvT6_HZR6A&sai=AMfl-YS540130O1p_W7Kdw1r45fsVeE6tR0vF2Nx5lVNA0jHTCSTJFglVvv8Ky8xRHNpeDdw5PAkcwOvkiSecYw-WURbd-57byMYjDfxGHgi_bbMysML9ifv4HDx4kyYilkEile_8S1U7icdvbHO5mI&sig=Cg0ArKJSzKh468Vmt-6REAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 24 Feb 2023 19:22:37 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 570E 17 KB
6 KB 82ms
81ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 19:22:37 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F561 28 B
56 B 68ms
68ms XHR
application/json 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
X-Goog-Request-Time: 1677266557859
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/4aVobFW5ajg?wmode=transparent&rel=0&iv_load_policy=3&iv_load_policy=1&showinfo=0
X-YouTube-Client-Version: 1.20230221.01.01
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgsyRGlZbTVoRVRQQSj6nOSfBg%3D%3D
X-YouTube-Ad-Signals: dt=1677266555177&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C600%2C338&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 24 Feb 2023 19:22:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 24 Feb 2023 19:22:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EC61 13 KB
5 KB 35ms
34ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 28430
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 11:28:47 GMT
expires: Sat, 24 Feb 2024 11:28:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D034 783 B
533 B 60ms
59ms Document
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4e99f541f6c3e4fa1f7eea5b7d38e6082d21978c696315ff377e59fd515c540b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lCzMi2-VufoiDChAlJKfdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-lCzMi2-VufoiDChAlJKfdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 19:22:37 GMT
expires: Fri, 24 Feb 2023 19:22:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame EC61 36 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:02:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 18:02:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D034 0
0 138ms
137ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230222&jk=4034446117423295&rc=
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EC61 0
10 B 65ms
64ms Image
text/plain 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?LgcQQA
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/ Frame DA53 57 KB
20 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dfbe5278d2bbc1aacaec98d45b6232fc6880a5fc593240e95c880615e230103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 16:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20513
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 16:50:12 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 74ms
73ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023022102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072601

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce6c91bf0b99af963ee59083caf6dd67453dca8bc1d50bd0ab85e642aef21cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11216
x-xss-protection: 0

POST
H2 204 rum Show response
www.vat19.com/cdn-cgi/ 0
177 B 41ms
40ms XHR
text/plain 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vat19.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.vat19.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Fri, 24 Feb 2023 19:22:38 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.vat19.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 79ea9235bf25382f-FRA

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 122ms
122ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072601

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 19:22:38 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D9B2 13 KB
5 KB 38ms
35ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vat19.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 28431
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 11:28:47 GMT
expires: Sat, 24 Feb 2024 11:28:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3534 783 B
536 B 61ms
60ms Document
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

787190744b5bc98a3ea54d5fb004f43638285e20333b9b7fe90a31d39db8f85b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LkopSex0X6KT8h9XUah5UQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vat19.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-LkopSex0X6KT8h9XUah5UQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 19:22:38 GMT
expires: Fri, 24 Feb 2023 19:22:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 570E 0
0 61ms
60ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230222&jk=4034446117423295&bg=!FBelF0PNAAZYlHKzeJQ7ADkAdvg8Wt4gsDhvJazQse3rjzikofTRbF-dWyeU9UB8WJo2OgeCysgVXUVH2A-642PRVPlADQSH0jcCAAAAW1IAAAADaAEHmQNGwF36ppdafquhcmGYFViJe2LMKqn86rHprCEUmLdl4Py2jAyai6-jrD57iWn_eFKVZ53oeGb0R7u4jE8Asccbj5TgS6uFCX-K2yZj-j0qiHci119i-etIpG5ghHrg5NUncmr9ZsR1-Ft7h6SKHIaQyHupfsPREZ6e9yH5fTlDXdqYpb_2l1ahvi6XQh8mRoGL95WtrxZQF6alXjaw56mTJQuMQzHFgv09nrnk0qQrjuSbEplsqOgv5ox1X4iEKz4F0St5LsGE4FSNR0F43H7596k9yj-c01NcpBx70ckq0Y9QRFPRVORE2y8z_BEDj4kgGqDkPYLEC9nUjktefySyhZ0U6cFPdRcGxZwkURHzyKTlG4HS_4qZsSvwAbpHhBnK4FDCj3b2df4qtkvfxvyUY82qfwk0H6NvfrjhmXFXHgYTAOiAUeC3tRAJ6pmDyNPZmucgCDpxHHxgHgWaUX75mZ2zpkc4aisQAcY8Kvvxvkt04BPeNZlmeWbb6w4SqLoGAC0jtKvDvHZjLShNuqtHKKsn1k4iUCB2O0V17CfYkU4O6YcjVUq9Fr7jIs4oEyRO2VlB0yvRLIkJZ1aVjEzd540WM0O7O86CeVrAMac8ibG9BSnrwwsR8krfZ5OeddUaSWc8gUdQzzxxyPBsSMj8F5AnmaVIDIkuMq7VFcq8iLCU7h4pUfZFsV3b0UCRXQNQQ4O2K9985YTmez886B6_5BaajYuLLGpEIFRaLkw8lNh8CBF_zFWsqAvtmhJqZEbX3y3isHeA_VMtP9GrtYUCa7OoPXeko5D0zsmF92mv53fvJrfqawD617tvaR5f6WRpX1ZPetfCqq7Tbnf2MibDWuwa2vQcgeDFTh8nyRnFDmlft8gMRtNtUk2ILauffNlQOd2TRVX7-pQRHj7dRSNIprBJes18cFIAKTfOljfeZZfnL-d1m63fKu7IpXtTDhxxho6TE3p4TemiA_hqmShefGn8WMxIN4HA_yj8W_5Z_kAriFT6Qu4L8wUsm-X2rYztVcjhC9Fke5AuTlbtgWLKx0r5AzTJc_xqQX5ScfRhRkjlMvlQXbf2J06BNYW9lo8Em_qtRc_Rfm-jbpkd_C4AOC43TDGzxg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame D9B2 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:02:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 18:02:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3534 0
0 56ms
55ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023022102&jk=3905315572211278&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D9B2 0
10 B 34ms
33ms Image
text/plain 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ET8PdA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:22:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023022102&jk=3905315572211278&bg=!x8SlxJDNAAZYlHKzeJQ7ADkAdvg8WieHcgF2gfomtdc5mfahVO4B6A9y1y53m9KDN-U2o3DDSmVFxbx5CABmC8IVPGF-fS8moHcCAAAAX1IAAAADaAEHmQKcGxAt7cDTwy1_4gCIsU8ERK8z0grB8g1pMSkk0_-wD_1OjIHkSUJd8toITx-p9t2Rx0nuGS1yy1qq1fhAr_Xt1nLo2IUJSa05970SnHuy3WZLBs3tlwBspBQlTzTRHlNZLtYDG_XE9HHk7gXe6MQVxTaWg2VIJEc80zWGy9cqxJiqKG7NaTFF1TgkilU7VNyJKlnBVdCMf8tIi9XoQ0Bx6N77PO4Appy--GTzE3RUhmEs9XnHxzkSVaXp8sXCCM5HBuy_yH1dnaMfVA4FffXduBwG40yaWz5m0CBtpInbZgjvKITB6EkpM-lSLSNh7326NFHLZkGjiWal7vdowh_Fqmq2edDsaR7Bhop3E2fUBoUxyHxGCD2HP_zx2K9WR-Phwdn2SINzfeA2AKktN7IyPPyWkxgu2sPfXANhXeqLogeuVKxpuVDp253dELsYEhRczL-d5tLDTZrK-KSBoOKP5lfw-BLwE5JBfWTwzNDdpNDJD8asZ_-KU3jq1r7Jr_im6VDfNo1bYSple5k_n9yNtXHKNnO1Fxwe_32sPw71HPmGvOSBKevBydh0D1DFsdM1WZlr8RaENBckIN29iMvkv44qcdn15o4JYSrMbjzVjrq3oDxeETZcbLGLgXpik_IZuiBJHu55bFS81YLbfHTYgRwkaw6Vb20FmL9YUa2QlgL_L7e-86iGqyRFFp-8im2g4RmaIQOE_FunUorSEWZ4n32nqeq1bad7Le5wmwjHEDp1ArMi573nbQ1Zz7uorMfsljwHMfC1Xp64Cx4hLWd-se2a8yGfDEhaf_C0NarCO905yOtlEL1IrdJkr5j0GctJOSjFPJVKal3_TlhjTP8oemfjUKB1SZmiwZM686kqgldkiybaBc-KZ0ocbec
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.vat19.com/	1970-01-20 10:23:20	Name: cfid Value: be5d4dbe-681c-4cba-a461-58464e4eb2dc
www.vat19.com/	1970-01-20 10:23:20	Name: cftoken Value: 0
www.vat19.com/	1970-01-20 10:37:38	Name: CBSTORAGE_ASK_FOR_EMAIL_SIGNUP Value: 1
.vat19.com/	1970-01-20 12:04:02	Name: _fbp Value: fb.1.1677266554959.609258461
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Fte_t6LBm-4
.youtube.com/	1970-01-20 14:13:38	Name: DEVICE_INFO Value: ChxOekl3TXpnd05EazVOelV5TURnM05qY3hOUT09EPqc5J8GGPqc5J8G
.vat19.com/	1970-01-20 09:55:52	Name: _uetsid Value: 97d33590b47811edbfd05fa2a7111b5f
.vat19.com/	1970-01-20 19:16:02	Name: _uetvid Value: 97d35b30b47811ed8d12f58bc04c331a
.bing.com/	1970-01-20 19:16:02	Name: MUID Value: 24A4D24524816D023B0BC087252B6C43
.vat19.com/	1970-01-20 18:40:02	Name: zCountry Value: DE
.vat19.com/	1970-01-20 18:40:02	Name: zHello Value: 1
.vat19.com/	1970-01-20 19:30:26	Name: _ga Value: GA1.2.486326688.1677266556
.vat19.com/	1970-01-20 09:55:52	Name: _gid Value: GA1.2.1829234642.1677266556
.vat19.com/	1970-01-20 09:54:26	Name: _gat_gtag_UA_232234_1 Value: 1
.vat19.com/	1970-01-20 12:04:02	Name: _gcl_au Value: 1.1.1299288707.1677266556
.google.com/	1970-01-20 14:17:57	Name: NID Value: 511=tmuF94uLwDPifFQw8vWbw-WbyelEBGpcmp_iv4ksiMsncyBwwg8h6Der0YMbk_T9jH5pLSL_DoeVxwvE0jMt1E2yJghzHAzel7H8z6k88v-aGmW77y0sycXROeeZN0F9Hw50r2SRCAtbC29NXf6-4bJbjAQV6tJNxA1roGDlDAc
.vat19.com/	1970-01-20 19:16:02	Name: __gads Value: ID=0e6a4026b91de8ce:T=1677266555:S=ALNI_MaTQuwvCNJsEtU_W7cETaeOzB2UPw
.vat19.com/	1970-01-20 19:16:02	Name: __gpi Value: UID=00000bbbded0e343:T=1677266555:RT=1677266555:S=ALNI_MaTWDEW1BOw1MJ6F_5RHTTQS-ii9A
.doubleclick.net/	1970-01-20 19:16:02	Name: IDE Value: AHWqTUnU18gvhssV2iaRhHzc-48IJBjb2S0BHki2_1QJmr4RlgpLaoNZ-ZeZcV_DIuk
.doubleclick.net/	1970-01-20 09:54:30	Name: DSID Value: NO_DATA
.criteo.com/	1970-01-20 09:54:30	Name: zdi Value: %2A1Z5MXXIt3HDtrw6gNmDddXQ%253d%253d
.criteo.com/	1970-01-20 19:16:02	Name: uid Value: 4eba4264-f195-47cc-8608-6f06102757b5
www.vat19.com/	1970-01-20 10:04:31	Name: AWSALB Value: EM7LgERJXbaHFA9ECdTTkyAe86QwVhUmwWspRnVXuLZsHVTR9ldGp0WmnsqsfjPQFa7tE6Rkc4FRolYqqETpeeIhuccPNO8ZFi8g+Q5tdxPUxdrvH0FDeTFqZQlc
www.vat19.com/	1970-01-20 10:04:31	Name: AWSALBCORS Value: EM7LgERJXbaHFA9ECdTTkyAe86QwVhUmwWspRnVXuLZsHVTR9ldGp0WmnsqsfjPQFa7tE6Rkc4FRolYqqETpeeIhuccPNO8ZFi8g+Q5tdxPUxdrvH0FDeTFqZQlc
www.vat19.com/	1970-01-20 10:37:38	Name: CARTSESSIONID Value: 802CD0D0-AC2A-4464-A449CD4CE65D1798

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636038504806449&output=html&h=600&slotname=9724382613&adk=1589514413&adf=3407270560&pi=t.ma~as.9724382613&w=160&lmt=1677266557&format=160x600&url=https%3A%2F%2Faad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677266557387&bpp=3&bdt=208&idt=272&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=6785929175289&frm=24&ife=3&pv=2&ga_vid=416856657.1677266558&ga_sid=1677266558&ga_hid=1490071901&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=3315248091&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759876%2C44759927%2C44777877&oid=2&pvsid=4034446117423295&tmod=1592399581&uas=0&nvt=1&top=https%3A%2F%2Fwww.vat19.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l196npqp2ywn&fsb=1&dtd=293 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	Nosniff
X-Frame-Options	Deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aad2687c7f41b53a8d1e9979e7f35f8b.safeframe.googlesyndication.com
accounts.google.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
apis.google.com
bat.bing.com
cas.criteo.com
cdn.ampproject.org
cdn.jsdelivr.net
connect.facebook.net
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hello.zonos.com
i.ytimg.com
images.vat19.com
img.youtube.com
jnn-pa.googleapis.com
mug.criteo.com
pagead2.googlesyndication.com
play.google.com
securepubads.g.doubleclick.net
ssl.gstatic.com
static.cloudflareinsights.com
static.criteo.net
static.doubleclick.net
tpc.googlesyndication.com
vat19.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.vat19.com
www.youtube.com
yt3.ggpht.com
143.204.89.5
178.250.1.11
2606:4700:10::6816:21e3
2606:4700:10::ac43:72d
2606:4700::6810:3965
2606:4700::6810:5614
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2006
2a00:1450:4001:813::2008
2a00:1450:4001:828::2002
2a00:1450:400d:803::2001
2a00:1450:400d:806::2002
2a00:1450:400d:806::200e
2a00:1450:400d:806::2016
2a00:1450:400d:807::2001
2a00:1450:400d:807::200d
2a00:1450:400d:807::200e
2a00:1450:400d:808::2004
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2001
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::2003
2a00:1450:400d:80e::200a
2a00:1450:400d:80e::200e
2a02:2638:3::3
2a02:2638::12
2a02:2638::1c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
00b42b00adf06c1d3a2a21f9311a7463599963bbdbf9c334db019be2ed9dc663
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0187466117b84d23b6e0a1a057c5b840774eb2a968f9703f98f02d7ff1b33e0c
0258f92749598b55dc7dae43bb611ce3c5b3f490d62a5c96247dd94bcc9bbe7b
039c1003dfbea8c384ba2b341364c79644c0de83376c779696f4c8c963a45016
0773bf98b447c3a003af53a0eda3579abccace2a0f07bf1f48aea993eae677c8
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08ea27ee448d850cd2768639d0a151948f7c55f631281f1b1d331fb1fbad3c17
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
12e374f0364c47ae7bc5a2b753cd7e572460c2d47421187fd384f0b8d784642c
144ec9ea1fa1620c5c498df0f78e36cac2dcb285e0ec794cb493cda84ba9f125
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
250951b078f00dfd794aff77675a5892869ef3ed622ca54a000d02e2239aa1c8
253de8d10a22fa3d8e5654af4a30687356e9caa3c07e32e1ff3caf6453cbc4d8
2646648be0b548a20b39bf19ba3112b51f1ca40556e1b27b4b6507e60602ea09
2e5c4bd3fc4aeade5464e55a29a3cbc57618c058b0086198640f51f447641b25
2fa5e3775ba1d0c5efa07b048c9f8e4eeb05663caf8880589057f1a1c2c00669
33cf544ad9b2702ef8cc549ae1fbec26a2afb0ad835c0e3e863b367e18f338dc
33d4df16f023836b9886aa049f8684a7ef0d4dd8210d2ab930b4567ffb93462b
34733e6f59010024c036b2a25e711808ef85bfcca8e1afd607ba34bfa762bfb6
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
364176aeeb43243f4b0d06c638d422830da36e8377c2eddaf3f908adbeb9d2cb
37ddc324101adaf6a21cf94aeb484cdebf0b142002e061150dc1a635c41f8b93
3a15dbb65196d747a84b6bb14f5ff56e7d629a3e0b9d36c56b6e89d9adec61b8
3b8be8c25719394710df817ab48974da459912c0dc98bc177285d584751ac3e2
3bba1bb5847e0990d0d2983df61e98417272fc1aa014b09c4f8dda08e7b103ac
3bf036c5cf44011f5d8e6838f864f5d66b787d59f74e1fcb5f68afe777252555
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eca818d74c683c4fdccdffe80b6e066e2dcadbce410f733e7483c8b359db689
3f5591f60232f98dfd9e77e072ab21ed52e0ae020912b3a60d506cb3cb438268
40dc05cf20e88ad238d3f1a78365b468333a461da4f6a634b0f6801058c79700
42f517b3a4cebf14bbe5a56955ccc06f82104d7d6e7430a5a4c8f104e12026a2
45fe27e4e87ba11f6d9cc9ec52d3fc60218581748ef1a41d0c9a7eca2321f7ff
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48d963a0cd68d0143539569b8bebc84c08e3a3757443c2ed82916b547a6f10b1
491229df56983019aa4479275e754a68597c0625064ce2a854faa82b83b41ed3
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4dcb5646b20e5ae472fe2beb7f444b1e34f425ebf2e6da79cbcc986211485ad6
4e99f541f6c3e4fa1f7eea5b7d38e6082d21978c696315ff377e59fd515c540b
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
528d9f12eb386b6439db5013fcfabb73cafabd9b0a62c3fe694f6c0cf453999d
53deecd693c08e2bf4567f56666543348577a9067e7b564c87621ec5b08dad09
543627c6d7b261af870c84d6ec11eba66551541abd02e7cfdf2b3d431a24db58
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b89810df7319b3b148f9be9a85228c2492e13b5308d6bd2ab8684fc692bc9b4
5d7e2783e7a3c4f80ab5079dd75ad63fe3289cc6bf49c55a5c20fbb177e8d3b0
60ce545b2462e761f827dcfc610888fb43b6c89cbbe592e1665b6269a37e374c
61bfe20b319b96025f940b1807b38e35587fc002e9cfd0f179e6d7ff9bdc3c3a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
657ce65f87e54b2a6c1bc0db7a92f6c8a5dfa40906a7da8b7a897741ff32d3bd
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a3b1a44275d0098a4bc98a47563b2ad60ece71d7ca54e865c5e3e994f89088b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6d933b79028e78a46e98952d3ef1abd84f016f415a4b461a32fb4b37bf60cec6
6dc05612abb942f1c013091f152ff58185c1eb77cae883f3c58d19e01efc9d2e
6e3339dc26cb6017da79707cb1f0562519a1c9456bdb98e8f1a4c07fb0ff15ef
74ee7882b3f206d7787742fd8ce02032e128318386505143cb1088fb3c1df7be
787190744b5bc98a3ea54d5fb004f43638285e20333b9b7fe90a31d39db8f85b
7c1bbdd561e58e1a3e6d87a4758118326122beede06a5ef29e02a2723bc360c4
7de886a084ff33bba971a067938a541d20340782ca5a77f0e8879f6571f42fb4
7dfbe5278d2bbc1aacaec98d45b6232fc6880a5fc593240e95c880615e230103
7e30a5c2888f47ae3adae2b759599060878da807af1318dc7539457be0123ebc
7e5a350e35882205d6ffa3c8c493a2746268c8297fcd867349c95d88b93b2f15
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7fa5255c37af9f0ec1b73ec214a1f0a3eb4829742206547d679806aa3a406def
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81860b5447efec08692f8e23a0975aeaa25dc5b4359e26adfda7dea6060a873d
82015b434da430dbad5b95bec26009464522abc38a8de9a208b4e3eab01341ac
82549f1c1531e26526992fa069e2b711559c141099160f8b1322117fa2b22708
82d4153f4d36acab8688210f5fcc4dbfeafb6fc4f69d21f259f935ab48c15d2f
82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a
830690170367c88ad805418d0c6660685b9fbd00e1528ed6fca8fef70e1bdcd3
83f988a683f963b3834a15fcfcb2f81fb961f6b7a97f36771214646523c0e391
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8b54b70df930a322bd835ee2136eb757ae0f9b057f6c952375bc5ce7d8c018f2
8c36bc6a16d24f5d5dacf177d18a6810c9820c5e0d3140f9559e464f94c6b05e
8c52599ae1613db52d4f121177f7f0709d08b9e240e99c4f086faffaecf65152
8da4f668555f343b77db25255344c3acd1bbe2f468f2014aeb7a846de7823b4d
90e15748a923d8c4b3b894d772a7130b161c3058ffb743490da008ee21fd31db
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
934f1f9740a46d63dcd9be8b38b61f2a7e29cac18d9792b9c599b95976ab6c01
945d9ad6e9447b3dbfcb27bcb3435eea9ed4e6cb6ce79678bf47aff02172ccd4
96f661cd0c4595e96b40bfdba8c58e5356161fc81f3ddaafd0ad0a290089599b
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
98eef2d18ecdd2c6b0630717a857e4ef6ec084646fdd433074bdb3a83c32e094
99712eb223ed1bab636e4e3cfbe7ebcac87dac469fd4c81be75cb9540c706803
99f7ae381f50797648e967ba0d3aceb953568047301c3dee220bbf159ad17a30
9b163b2c5bfea18a974d057f4cbcdce36b9cc4d2e826bc6118d71985326eb0b7
9d0bf7277e409d17e299ed4df57ebfae207ab38314961dcb1dac2e41868b3cb6
9d993597db1d7c2badf1badb494b5148fc8d311ff208b08750111ed393ce8824
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f7f59d10d9ec877fbba24923179713b2f65fd10b1a1b360aa56deda9bfa48b4
9feb139431f6e6d58942763789bb8d4fe8e920e04a4a92d57b0340675c81b8a2
a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a3d5cba8209169cea999303b7760d06cadd2430daf2dd50af0bf2e1577ce2894
a4930e35a5561d5b923c047f4beeb181c9fb2178e72c3fc11e81918f0e6f6242
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52a97101bee7f70dcf21c6b8d56fe87a2f03533bc84370cd3650135b51d9a4b
ad8dbbfc9a0b71e4f607b20082e2babd65ee1a7ec70c401bb5e225cb0404791a
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
af187738e312ac30876d5d5e7d3382500830e7976a004c51906be52cc4444b55
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b54e46c22e1d321a4b819d62cb206462a7f0721a2b060bc5029f74a911ce1434
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
b5fc69f31976f1eb986cd9b2f12efa39c9abf44b06661a882cb0e0a86479a669
bb33d5612d12d536455056e790899ec34b632f6b5ed64cb5394b49c675a2a7b7
bb3f622fea1b75f1303033700831cd5f18c09f140aa7f433b3e0134e5f3c816b
c27e2ad21872110f0804fb91c609c4deb209fbe13960c1803227956b2e8d2eb7
c3144a9e82a3cf97b3a279b7a6435fb7fd14b44fda86f730cbcb48b8a39662ac
c4f028f5015cc4314f3e159fef5fe97797f8981448783edf211a8384424b4107
c597dd42d415ed20721af88a0b1960c390d5fc6e6c6d65c957c5b17525a115f9
c5e67f4e0345fd4a7db60777a6f1e64f667ad845eea750fb4951532e08413712
c71a4cbf4809e53598128cfb3d3ce6d0573644cefd29601ae738bf81a31106d3
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
cc3720b3ea0f52f2eb3a0627d88db74482a270aa026a559f51a0045c6ee093d8
cd524658d5829d592625cbab076b5bbce52bc5087f5ea59d4e4f4e3360cb197f
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
ce6c91bf0b99af963ee59083caf6dd67453dca8bc1d50bd0ab85e642aef21cd3
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
d4275796e9f1cfa6219c319180a5adcbf3da9c0f753c719fe4c48d43addff507
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
ddbcb355a265f81f5158072022ff479054b5f5878640be8ce592eca257895dc9
e2d2ad9b0779e88d0813ab83952362cfec9b727a772b707df6684b130ae9dad9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e56620decf4dc46291d8ca44053cb440c4f71af831977c8a8db5b897409f5146
e6f8d3f9f2e56fd5910129867513cc25550919e2cc50f8ecafd9d100fb2e44cc
e710984a4ddf83d6b0cd59feccaab8a3d2b10997bf7f12d1a506f49783d501ce
e8c71d3c4f22b12f1804fc64b1b192ebdb70f6c8e840832efd0df4a0ff05445e
ea12dfa0a21ef0aff014277a2a2f37e1cdb77aa0d12418d163d32a24236228f1
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ed849217faae9ea6ff567313ecb7766f09bfb54cd1b0f8fe72816e25bdfc771b
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee385079fcd3516a24a59ee9c883716a5ccc37512a212f73733edf76feb4e87d
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f973da93d95af2cc415e022c5481cd7e257ad7abb6c39fb49c35256e51509c49
f9c0720e7a317ea918bde5e696663977fc762930935d4c4fb42b8f5c2ef6382e
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
fdc9647e7b0e6417f6ab44679e7c95f922371946e04bc477ec21424dd0f761e8
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

www.vat19.com Open in urlscan Pro 2606:4700:10::ac43:72d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

178 Requests

98 %HTTPS

94 %IPv6

22 Domains

39 Subdomains

36 IPs

4 Countries

3892 kBTransfer

10035 kBSize

25 Cookies

14 Outgoing links

Page URL History

Redirected requests

178 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.vat19.com Open in urlscan Pro
2606:4700:10::ac43:72d Public Scan

Screenshot
Live screenshot

Full Image

178
Requests

98 %
HTTPS

94 %
IPv6

22
Domains

39
Subdomains

36
IPs

4
Countries

3892 kB
Transfer

10035 kB
Size

25
Cookies

178 HTTP transactions
4 data transactions