provisionalaccounting.com Open in urlscan Pro
199.168.114.96 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://accountingpros.jobs/
Effective URL:
http://provisionalaccounting.com/
Submission: On June 02 via automatic, source certstream-suspicious (June 2nd 2023, 11:29:06 pm UTC) — Scanned from DE

Summary HTTP 69 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 14 domains to perform 69 HTTP transactions. The main IP is 199.168.114.96, located in Los Angeles, United States and belongs to ASN-GIGENET, US. The main domain is provisionalaccounting.com.

This is the only time provisionalaccounting.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	199.168.114.96 199.168.114.96	32181 (ASN-GIGENET) (ASN-GIGENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	() ()
4	2a00:1450:400... 2a00:1450:4001:80e::2004	() ()
1	2a0b:4d07:2::1 2a0b:4d07:2::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	() ()
9	2a00:1450:400... 2a00:1450:4001:811::200e	() ()
1	192.229.163.53 192.229.163.53	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:812::200e	() ()
3	2a00:1450:400... 2a00:1450:4001:809::2003	() ()
1 4	2a00:1450:400... 2a00:1450:4001:812::2002	() ()
2	2a00:1450:400... 2a00:1450:4001:80b::2003	() ()
1		() ()
1	2a00:1450:400... 2a00:1450:4001:811::2006	() ()
4	2a00:1450:400... 2a00:1450:4001:803::200a	() ()
1	2a00:1450:400... 2a00:1450:4001:811::2016	() ()
1	2a00:1450:400... 2a00:1450:4001:82a::2001	() ()
69	18

32 199.168.114.96 (Los Angeles, United States) 1 redirects

ASN32181 (ASN-GIGENET, US)
PTR: cpanel03b.dtsrv.net

accountingpros.jobs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
provisionalaccounting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:2::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

seal-spokane.bbb.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN- ()

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.163.53 (United States)

ASN15133 (EDGECAST, US)

static.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN- ()

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 (None, )

ASN- ()

provisionalaccounting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN- ()

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN- ()

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN- ()

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN- ()

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	provisionalaccounting.com provisionalaccounting.com	1 MB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 99	956 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 static.doubleclick.net — Cisco Umbrella Rank: 311	4 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	215 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66 jnn-pa.googleapis.com — Cisco Umbrella Rank: 259	32 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3	16 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	17 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5230	563 B
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 250	2 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 122	31 KB
1	olark.com static.olark.com — Cisco Umbrella Rank: 13921	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 172	19 KB
1	bbb.org seal-spokane.bbb.org	4 KB
1	accountingpros.jobs 1 redirects accountingpros.jobs	217 B
69	14

	Domain	Requested by
32	provisionalaccounting.com	provisionalaccounting.com static.olark.com
9	www.youtube.com	provisionalaccounting.com www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
4	googleads.g.doubleclick.net	1 redirects www.googleadservices.com www.youtube.com
4	www.google.com	provisionalaccounting.com www.youtube.com
3	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	www.google-analytics.com	provisionalaccounting.com
2	www.google.de	provisionalaccounting.com
2	www.gstatic.com	www.google.com www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	static.olark.com	provisionalaccounting.com
1	www.googleadservices.com	provisionalaccounting.com
1	seal-spokane.bbb.org	provisionalaccounting.com
1	fonts.googleapis.com	provisionalaccounting.com
1	accountingpros.jobs	1 redirects
69	17

This site contains links to these domains. Also see Links.

Domain
play.google.com
itunes.apple.com
www.people20.net
twitter.com
www.facebook.com
www.linkedin.com
blog.accountingpros.jobs
www.youtube.com
www.bbb.org

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 3 frames:

Primary Page: http://provisionalaccounting.com/
Frame ID: 155CAE0523482F83180AD224DDCA0567
Requests: 47 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Wgy75CRoXIg?rel=0
Frame ID: 368609E50207CE1842CE71CEE6602D98
Requests: 20 HTTP requests in this frame

Frame: blob://http://provisionalaccounting.com/6f0af507-20ca-47f3-b877-ef2577aa0ef4
Frame ID: B328DF3178C415D83F7EB0F71E32927D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Accounting Jobs in Spokane & Seattle | Accounting Staffing Agency

Page URL History Show full URLs

https://accountingpros.jobs/ HTTP 301
http://provisionalaccounting.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

69
Requests

42 %
HTTPS

76 %
IPv6

14
Domains

17
Subdomains

18
IPs

3
Countries

2459 kB
Transfer

5613 kB
Size

10
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.provisional.mobileapp

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/provisional-job-search/id885783204

Search URL Search Domain Scan URL

URL: https://www.people20.net/prov
Title: Sign In

Search URL Search Domain Scan URL

URL: https://twitter.com/provisionalrs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ProvisionalRS?ref=ts

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/provisional-recruiting-and-staffing

Search URL Search Domain Scan URL

URL: http://blog.accountingpros.jobs/

Search URL Search Domain Scan URL

URL: http://www.youtube.com/channel/UCKcpPpZNNM1alHgLxUDKY8A?feature=watch

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/provisional-job-search/id885783204?ls=1&mt=8

Search URL Search Domain Scan URL

URL: http://www.bbb.org/eastern-washington/business-reviews/employment-agencies/provisional-services-inc-in-spokane-wa-5004386/#bbbonlineclick

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://accountingpros.jobs/ HTTP 301
http://provisionalaccounting.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

http://www.youtube.com/embed/Wgy75CRoXIg?rel=0 HTTP 307
https://www.youtube.com/embed/Wgy75CRoXIg?rel=0

Request Chain 29

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 38

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2091276105&utmhn=provisionalaccounting.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Accounting%20Jobs%20in%20Spokane%20%26%20Seattle%20%7C%20Accounting%20Staffing%20Agency&utmhid=1798939723&utmr=-&utmp=%2F&utmht=1685748540964&utmac=UA-44615094-1&utmcc=__utma%3D57820011.2023492390.1685748541.1685748541.1685748541.1%3B%2B__utmz%3D57820011.1685748541.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=860757073&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2091276105&utmhn=provisionalaccounting.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Accounting%20Jobs%20in%20Spokane%20%26%20Seattle%20%7C%20Accounting%20Staffing%20Agency&utmhid=1798939723&utmr=-&utmp=%2F&utmht=1685748540964&utmac=UA-44615094-1&utmcc=__utma%3D57820011.2023492390.1685748541.1685748541.1685748541.1%3B%2B__utmz%3D57820011.1685748541.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=860757073&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 39

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=236940199&utmhn=provisionalaccounting.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Accounting%20Jobs%20in%20Spokane%20%26%20Seattle%20%7C%20Accounting%20Staffing%20Agency&utmhid=1798939723&utmr=-&utmp=%2F&utmht=1685748540967&utmac=UA-44615094-1&utmcc=__utma%3D57820011.2023492390.1685748541.1685748541.1685748541.1%3B%2B__utmz%3D57820011.1685748541.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=568496604&utmredir=1&utmmt=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=236940199&utmhn=provisionalaccounting.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Accounting%20Jobs%20in%20Spokane%20%26%20Seattle%20%7C%20Accounting%20Staffing%20Agency&utmhid=1798939723&utmr=-&utmp=%2F&utmht=1685748540967&utmac=UA-44615094-1&utmcc=__utma%3D57820011.2023492390.1685748541.1685748541.1685748541.1%3B%2B__utmz%3D57820011.1685748541.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=568496604&utmredir=1&utmmt=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 54

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

69 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
provisionalaccounting.com/
Redirect Chain

https://accountingpros.jobs/
http://provisionalaccounting.com/

30 KB
7 KB

522ms
162ms

Document
text/html

199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: / PHP/7.3.33
Resource Hash: 4e4e3c5cd48653bdbb9f7c76419a7b0a3eae154c9c3f2f096324922950dca4cb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 02 Jun 2023 23:29:00 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/7.3.33

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 707
content-type: text/html
date: Fri, 02 Jun 2023 23:28:59 GMT
location: http://provisionalaccounting.com/

GET
H2 200 css
fonts.googleapis.com/ 3 KB
909 B 45ms
20ms Stylesheet
text/css 2a00:1450:4001:82b::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Maven+Pro:400,500,700

Requested by

Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

ESF /

Resource Hash

29401f9c5505f16b44cc0ac9cddbba8cbe8fd7ea7d1197b87987a5d13d885c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Jun 2023 23:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 02 Jun 2023 22:29:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Jun 2023 23:29:00 GMT

GET
H/1.1 200
OK magnific-popup.css
provisionalaccounting.com/lib/bower_components/magnific-popup/dist/ 8 KB
2 KB 153ms
149ms Stylesheet
text/css 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: http://provisionalaccounting.com/lib/bower_components/magnific-popup/dist/magnific-popup.css
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: bf2911b44c7fa0b1734ab6f03b8cb46245cef7df3cdf8deb0c9a1ad8c6294b7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:00 GMT
content-encoding: gzip
last-modified: Tue, 18 Nov 2014 19:23:14 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1917
expires: Fri, 09 Jun 2023 23:29:00 GMT

GET
H/1.1 200
OK bootstrap.min.css
provisionalaccounting.com/lib/bower_components/bootstrap/dist/css/ 118 KB
20 KB 153ms
149ms Stylesheet
text/css 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: http://provisionalaccounting.com/lib/bower_components/bootstrap/dist/css/bootstrap.min.css
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:00 GMT
content-encoding: gzip
last-modified: Tue, 22 Nov 2016 02:30:06 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 19714
expires: Fri, 09 Jun 2023 23:29:00 GMT

GET
H/1.1 200
OK font-awesome.min.css
provisionalaccounting.com/lib/font-awesome-4.2.0/css/ 21 KB
5 KB 300ms
149ms Stylesheet
text/css 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: http://provisionalaccounting.com/lib/font-awesome-4.2.0/css/font-awesome.min.css
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: 0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:00 GMT
content-encoding: gzip
last-modified: Wed, 26 Nov 2014 22:10:38 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 4989
expires: Fri, 09 Jun 2023 23:29:00 GMT

GET
H/1.1 200
OK jquery-ui.min.css
provisionalaccounting.com/lib/jqueryui/jquery-ui-1.11.4.custom/ 29 KB
8 KB 298ms
148ms Stylesheet
text/css 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: http://provisionalaccounting.com/lib/jqueryui/jquery-ui-1.11.4.custom/jquery-ui.min.css
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: fe262ade363bbec206ec096812c68cb071185affc97a4edcaf932e60df5615c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:00 GMT
content-encoding: gzip
last-modified: Thu, 19 Mar 2015 09:35:14 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 7458
expires: Fri, 09 Jun 2023 23:29:00 GMT

GET
H/1.1 200
OK global.css
provisionalaccounting.com/ 28 KB
6 KB 299ms
149ms Stylesheet
text/css 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: http://provisionalaccounting.com/global.css?5
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: 842fa63f4acbf6cd4dbd9527c414ba751949daff728bd65d1b2d1ef4b435e528

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:00 GMT
content-encoding: gzip
last-modified: Tue, 17 Sep 2019 18:10:54 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 5720
expires: Fri, 09 Jun 2023 23:29:00 GMT

GET
H/1.1 200
OK jquery.min.js Show response
provisionalaccounting.com/lib/bower_components/jquery/dist/ 82 KB
29 KB 298ms
148ms Script
application/javascript 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: http://provisionalaccounting.com/lib/bower_components/jquery/dist/jquery.min.js
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:00 GMT
content-encoding: gzip
last-modified: Tue, 18 Nov 2014 19:13:32 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 29643
expires: Fri, 09 Jun 2023 23:29:00 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
provisionalaccounting.com/lib/bower_components/jqueryui/ 234 KB
63 KB 299ms
148ms Script
application/javascript 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: http://provisionalaccounting.com/lib/bower_components/jqueryui/jquery-ui.min.js
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: c97b0ec64dd533ed8b8f38574746eedae88ba80d4fd81de1daf8d2512cd7d014

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:00 GMT
content-encoding: gzip
last-modified: Mon, 16 Feb 2015 19:43:52 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 64493
expires: Fri, 09 Jun 2023 23:29:00 GMT

GET
H/1.1 200
OK jquery.magnific-popup.min.js Show response
provisionalaccounting.com/lib/bower_components/magnific-popup/dist/ 20 KB
8 KB 449ms
148ms Script
application/javascript 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: http://provisionalaccounting.com/lib/bower_components/magnific-popup/dist/jquery.magnific-popup.min.js
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: c6743217c9b525646d77f69bfb8cae859c8191ec933c8f5cae459a338b00fd2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:00 GMT
content-encoding: gzip
last-modified: Tue, 18 Nov 2014 19:23:14 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 7578
expires: Fri, 09 Jun 2023 23:29:00 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
provisionalaccounting.com/lib/bower_components/bootstrap/dist/js/ 37 KB
10 KB 448ms
147ms Script
application/javascript 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: http://provisionalaccounting.com/lib/bower_components/bootstrap/dist/js/bootstrap.min.js
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: cb2c4d65219e3e96e53acd6c0bf0452178b63e9497c68cebab945ff81e078c82

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:00 GMT
content-encoding: gzip
last-modified: Tue, 22 Nov 2016 02:31:58 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 10197
expires: Fri, 09 Jun 2023 23:29:00 GMT

GET
H/1.1 200
OK jquery.validate.min.js Show response
provisionalaccounting.com/lib/ 21 KB
7 KB 450ms
150ms Script
application/javascript 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: http://provisionalaccounting.com/lib/jquery.validate.min.js
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: 806e0db9e5c58e0fb3216872f36b577c05fd85c132d2857effd68bf617c93b20

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:00 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2013 18:54:42 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 6543
expires: Fri, 09 Jun 2023 23:29:00 GMT

GET
H/1.1 200
OK jquery.noty.js Show response
provisionalaccounting.com/lib/noty/ 13 KB
4 KB 449ms
148ms Script
application/javascript 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: http://provisionalaccounting.com/lib/noty/jquery.noty.js
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: e7fa0a50ca84ec0e0cd4b07632bb1055ec8695741e97479166d5c91bfce47eb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:00 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2013 18:54:42 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 3456
expires: Fri, 09 Jun 2023 23:29:00 GMT

GET
H/1.1 200
OK center.js Show response
provisionalaccounting.com/lib/noty/layouts/ 1 KB
961 B 592ms
147ms Script
application/javascript 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: http://provisionalaccounting.com/lib/noty/layouts/center.js
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: 223c38428832673a28f1adab5b30d0b7099535b2e755abfad61beef64d85fdc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:00 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2013 18:54:44 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 596
expires: Fri, 09 Jun 2023 23:29:00 GMT

GET
H/1.1 200
OK circle.js Show response
provisionalaccounting.com/lib/noty/themes/ 9 KB
5 KB 595ms
147ms Script
application/javascript 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: http://provisionalaccounting.com/lib/noty/themes/circle.js
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: 0651ce09ae6e45b60bf069aa13c01ea8ba592fecb6ba34702ff81630dc69279c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:00 GMT
content-encoding: gzip
last-modified: Sat, 23 Jul 2016 01:49:28 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 4908
expires: Fri, 09 Jun 2023 23:29:00 GMT

GET
H/1.1 404
Not Found jquery.form.min.js
provisionalaccounting.com/lib/ 0
0 596ms
147ms Script
text/html 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: http://provisionalaccounting.com/lib/jquery.form.min.js
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 23:29:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 708
content-type: text/html

GET
H/1.1 200
OK api.js Show response
www.google.com/recaptcha/ 849 B
983 B 60ms
52ms Script
text/javascript 2a00:1450:4001:80e::2004

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/recaptcha/api.js

Requested by

Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

GSE /

Resource Hash

2ebb59a0994fe24bb45ede7637b940dd06496e1c5372062df3439f2a20499e3f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 23:29:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'
Server: GSE
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=300
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 558
X-XSS-Protection: 1; mode=block
Expires: Fri, 02 Jun 2023 23:29:00 GMT

GET
H/1.1 200
OK Google_Play_Button.png
provisionalaccounting.com/images/ 2 KB
2 KB 148ms
148ms Image
image/png 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://provisionalaccounting.com/images/Google_Play_Button.png
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: 7886363f5a7f55cec48411167695ce399eff3afd8140f78535cecee1962d2605

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:00 GMT
last-modified: Wed, 15 Aug 2018 23:00:14 GMT
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 2154
expires: Fri, 09 Jun 2023 23:29:00 GMT

GET
H/1.1 200
OK Itunes_button.png
provisionalaccounting.com/images/ 2 KB
2 KB 148ms
147ms Image
image/png 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://provisionalaccounting.com/images/Itunes_button.png
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: 83b7dd3b9cda483f699aa075575c5558278dd6177df0d75a9851bae6a4c5eaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:00 GMT
last-modified: Wed, 15 Aug 2018 23:00:14 GMT
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1694
expires: Fri, 09 Jun 2023 23:29:00 GMT

GET
H/1.1 200
OK logo.png
provisionalaccounting.com/images/ 8 KB
9 KB 150ms
147ms Image
image/png 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://provisionalaccounting.com/images/logo.png
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: ccb5d8ff0e0b77fb14e06566be20973193890b1ccb6cb99987dad2ba465e6a33

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:00 GMT
last-modified: Fri, 20 Jul 2018 22:00:42 GMT
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 8664
expires: Fri, 09 Jun 2023 23:29:00 GMT

GET
H/1.1 200
OK hp_desk-in-office.jpg
provisionalaccounting.com/images/ 35 KB
36 KB 152ms
150ms Image
image/jpeg 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://provisionalaccounting.com/images/hp_desk-in-office.jpg
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: 94b2e79c3be8033d96935d4bcbeeb1179ada14d16b490cf6726f9143c579f801

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:00 GMT
last-modified: Wed, 11 Jul 2018 23:24:12 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 36320
expires: Fri, 09 Jun 2023 23:29:00 GMT

GET
H/1.1 200
OK sbm-bestco_2018.jpg
provisionalaccounting.com/images/ 173 KB
173 KB 152ms
149ms Image
image/jpeg 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://provisionalaccounting.com/images/sbm-bestco_2018.jpg
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: 5b7e76a42fe18b3f6dacb88916f9a880f1bf85a97e9e252e1f736e8248de77aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:00 GMT
last-modified: Fri, 22 Jun 2018 16:27:14 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 177057
expires: Fri, 09 Jun 2023 23:29:00 GMT

GET
H/1.1 200
OK google-app.png
provisionalaccounting.com/images/ 3 KB
3 KB 149ms
147ms Image
image/png 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://provisionalaccounting.com/images/google-app.png
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: 2f79d712c5fc919d9803363741e80dab956b7586103e2d62679941094788d369

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:00 GMT
last-modified: Wed, 11 Jul 2018 23:54:00 GMT
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 2950
expires: Fri, 09 Jun 2023 23:29:00 GMT

GET
H/1.1 200
OK iphoneapp.png
provisionalaccounting.com/images/ 3 KB
3 KB 152ms
150ms Image
image/png 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://provisionalaccounting.com/images/iphoneapp.png
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: 5dc7a486ab81613e912e8363b2fc363e58ecdc625f606a113153b9973df96634

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:01 GMT
last-modified: Wed, 11 Jul 2018 23:54:00 GMT
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 3196
expires: Fri, 09 Jun 2023 23:29:01 GMT

GET
H/1.1 200
OK blue-seal-200-42-provisional-services-inc-5004386.png
seal-spokane.bbb.org/seals/ 4 KB
4 KB 320ms
275ms Image
image/png 2a0b:4d07:2::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://seal-spokane.bbb.org/seals/blue-seal-200-42-provisional-services-inc-5004386.png
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 2a0b:4d07:2::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine / ASP.NET
Resource Hash: c9594cab70e9d28c8701b4078c9bef6881207a3e81c054b0f3960a746e5cd1f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 23:29:01 GMT
X-AspNet-Version: 4.0.30319
X-Edge-Location: defr
X-Powered-By: ASP.NET
X-Cache: MISS
Connection: keep-alive
Content-Length: 3701
Last-Modified: Fri, 02 Jun 2023 23:28:41 GMT
Server: keycdn-engine
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
Accept-Ranges: bytes
X-Robots-Tag: noindex
X-Shield: active
Expires: Sat, 03 Jun 2023 03:29:01 GMT

GET
H/1.1 200
OK asa.png
provisionalaccounting.com/images/ 6 KB
7 KB 148ms
147ms Image
image/png 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://provisionalaccounting.com/images/asa.png
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: efd48d6f27a68ac7984f59ceb41d065a8a971b37de4eb5d5f21bfae0e2ef1fe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:01 GMT
last-modified: Tue, 05 Mar 2013 23:11:22 GMT
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 6454
expires: Fri, 09 Jun 2023 23:29:01 GMT

GET
H/1.1 200
OK conversion.js Show response
www.googleadservices.com/pagead/ 49 KB
19 KB 39ms
18ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion.js

Requested by

Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/

Protocol

HTTP/1.1

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

7d20f5572e0e3a4e175e6cf8905234bf3badf44f19409a55030003e9a6a99821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 23:29:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 16975761361242420239
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 18946
X-XSS-Protection: 0
Expires: Fri, 02 Jun 2023 23:29:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ 410 KB
164 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:80f::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js

Requested by

Host: www.google.com
URL: http://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://provisionalaccounting.com/
Origin: http://provisionalaccounting.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167800
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 May 2024 16:38:08 GMT

GET
H2

200

Wgy75CRoXIg Show response
www.youtube.com/embed/ Frame 3686
Redirect Chain

http://www.youtube.com/embed/Wgy75CRoXIg?rel=0
https://www.youtube.com/embed/Wgy75CRoXIg?rel=0

72 KB
31 KB

119ms
80ms

Document
text/html

2a00:1450:4001:811::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Wgy75CRoXIg?rel=0

Requested by

Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

ESF /

Resource Hash

509663721e14615e78dba3d3f0b72ea7d6217bc8dbc2b4007370f771683fc1ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://provisionalaccounting.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Jun 2023 23:29:01 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.youtube.com/embed/Wgy75CRoXIg?rel=0
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK loader.js Show response
static.olark.com/jsclient/ 9 KB
3 KB 207ms
86ms Script
application/javascript 192.229.163.53
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://static.olark.com/jsclient/loader.js
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/
Protocol: HTTP/1.1
Server: 192.229.163.53 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1DCD) /
Resource Hash: afd2d099307fc78c161dc1574920c7268ad8c0e8b6a896f58dae6b61d48c5a9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 23:29:01 GMT
Content-Encoding: gzip
Via: 1.1 google
Last-Modified: Thu, 01 Jun 2023 22:46:50 GMT
Server: ECS (nyb/1DCD)
Age: 5760
Etag: "64791fda-2227"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Accept-Ranges: bytes
Content-Length: 3120
Expires: Sat, 03 Jun 2023 02:29:01 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

32ms
8ms

Script
text/javascript

2a00:1450:4001:812::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/

Protocol

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Jun 2023 22:51:52 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2228
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sat, 03 Jun 2023 00:51:52 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK banner.jpg
provisionalaccounting.com/images/ 164 KB
165 KB 280ms
148ms Image
image/jpeg 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://provisionalaccounting.com/images/banner.jpg?1
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/global.css?5
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: 7ff7b284a95e4f8144dfdf465545248512788654e56cc4c8989a6ecc807f8004

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/global.css?5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:01 GMT
last-modified: Fri, 10 Aug 2018 23:37:26 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 168231
expires: Fri, 09 Jun 2023 23:29:01 GMT

GET
H/1.1 200
OK hp_categorybkg.jpg
provisionalaccounting.com/images/ 181 KB
181 KB 149ms
149ms Image
image/jpeg 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://provisionalaccounting.com/images/hp_categorybkg.jpg
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/global.css?5
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: 022945710d25fcbf274869c8572a0dacc74cfa6e63137b08c86a0eea89b6359f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/global.css?5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:01 GMT
last-modified: Tue, 17 Jul 2018 00:48:56 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 185182
expires: Fri, 09 Jun 2023 23:29:01 GMT

GET
H/1.1 200
OK 45-degree-fabric--dark-414141.png
provisionalaccounting.com/images/ 54 KB
54 KB 153ms
153ms Image
image/png 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://provisionalaccounting.com/images/45-degree-fabric--dark-414141.png
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/global.css?5
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: cc86da43ae32ade25234c35236dcf3915d91904911918b62b1a3b0f6b23d0e87

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/global.css?5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:01 GMT
last-modified: Tue, 14 Aug 2018 23:23:24 GMT
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 55226
expires: Fri, 09 Jun 2023 23:29:01 GMT

GET
H/1.1 200
OK hp_ourimpactbkg.jpg
provisionalaccounting.com/images/ 144 KB
145 KB 152ms
152ms Image
image/jpeg 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://provisionalaccounting.com/images/hp_ourimpactbkg.jpg
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/global.css?5
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: b03be4ba3abf1089706932b409c075c5ed3eebe1ce3e551361b0003965d72920

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/global.css?5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:01 GMT
last-modified: Tue, 17 Jul 2018 00:53:46 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 147797
expires: Fri, 09 Jun 2023 23:29:01 GMT

GET
H/1.1 200
OK 45-degree-fabric--dark-121212.png
provisionalaccounting.com/images/ 63 KB
64 KB 150ms
149ms Image
image/png 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://provisionalaccounting.com/images/45-degree-fabric--dark-121212.png
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/global.css?5
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: cbfa87664ffd180d5eeb804548c093616425e7193bdc195da24a0b1b3235c8e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/global.css?5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:01 GMT
last-modified: Tue, 14 Aug 2018 23:24:28 GMT
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 64769
expires: Fri, 09 Jun 2023 23:29:01 GMT

GET
H/1.1 200
OK hp_testimonialbkg.jpg
provisionalaccounting.com/images/ 75 KB
75 KB 156ms
155ms Image
image/jpeg 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://provisionalaccounting.com/images/hp_testimonialbkg.jpg
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/global.css?5
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: 87947710b45c0ad0571f243693296bbba2d55694d80de496beb92400a2a89b3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/global.css?5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:01 GMT
last-modified: Tue, 17 Jul 2018 00:52:40 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 76782
expires: Fri, 09 Jun 2023 23:29:01 GMT

GET
H2 200 7Au9p_AqnyWWAxW2Wk3GzWQI.woff2
fonts.gstatic.com/s/mavenpro/v32/ 18 KB
18 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:809::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mavenpro/v32/7Au9p_AqnyWWAxW2Wk3GzWQI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Maven+Pro:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468a7593d9eb66bc7d793c5be206ad772da00cc8be691b400ab5c2ea8108c706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://provisionalaccounting.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 14:40:22 GMT
x-content-type-options: nosniff
age: 550118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18144
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:35:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 14:40:22 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
provisionalaccounting.com/lib/font-awesome-4.2.0/fonts/ 64 KB
64 KB 290ms
148ms Font
font/woff 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: http://provisionalaccounting.com/lib/font-awesome-4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/lib/font-awesome-4.2.0/css/font-awesome.min.css
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: http://provisionalaccounting.com/lib/font-awesome-4.2.0/css/font-awesome.min.css
Origin: http://provisionalaccounting.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:01 GMT
last-modified: Wed, 26 Nov 2014 22:10:40 GMT
content-type: font/woff
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 65452
expires: Fri, 09 Jun 2023 23:29:01 GMT

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2091276105&utmhn=provisionalaccounting.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&u...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2091276105&utmhn=provisionalaccounting.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&...

35 B
197 B

16ms
15ms

Image
image/gif

2a00:1450:4001:812::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2091276105&utmhn=provisionalaccounting.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Accounting%20Jobs%20in%20Spokane%20%26%20Seattle%20%7C%20Accounting%20Staffing%20Agency&utmhid=1798939723&utmr=-&utmp=%2F&utmht=1685748540964&utmac=UA-44615094-1&utmcc=__utma%3D57820011.2023492390.1685748541.1685748541.1685748541.1%3B%2B__utmz%3D57820011.1685748541.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=860757073&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/

Protocol

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 23:29:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2091276105&utmhn=provisionalaccounting.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Accounting%20Jobs%20in%20Spokane%20%26%20Seattle%20%7C%20Accounting%20Staffing%20Agency&utmhid=1798939723&utmr=-&utmp=%2F&utmht=1685748540964&utmac=UA-44615094-1&utmcc=__utma%3D57820011.2023492390.1685748541.1685748541.1685748541.1%3B%2B__utmz%3D57820011.1685748541.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=860757073&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=236940199&utmhn=provisionalaccounting.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&ut...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=236940199&utmhn=provisionalaccounting.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&u...

35 B
99 B

22ms
22ms

Image
image/gif

2a00:1450:4001:812::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=236940199&utmhn=provisionalaccounting.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Accounting%20Jobs%20in%20Spokane%20%26%20Seattle%20%7C%20Accounting%20Staffing%20Agency&utmhid=1798939723&utmr=-&utmp=%2F&utmht=1685748540967&utmac=UA-44615094-1&utmcc=__utma%3D57820011.2023492390.1685748541.1685748541.1685748541.1%3B%2B__utmz%3D57820011.1685748541.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=568496604&utmredir=1&utmmt=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/

Protocol

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 23:29:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=236940199&utmhn=provisionalaccounting.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Accounting%20Jobs%20in%20Spokane%20%26%20Seattle%20%7C%20Accounting%20Staffing%20Agency&utmhid=1798939723&utmr=-&utmp=%2F&utmht=1685748540967&utmac=UA-44615094-1&utmcc=__utma%3D57820011.2023492390.1685748541.1685748541.1685748541.1%3B%2B__utmz%3D57820011.1685748541.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=568496604&utmredir=1&utmmt=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975861921/ 3 KB
2 KB 54ms
20ms Script
text/javascript 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975861921/?random=1685748540972&cv=9&fst=1685748540972&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fprovisionalaccounting.com%2F&tiba=Accounting%20Jobs%20in%20Spokane%20%26%20Seattle%20%7C%20Accounting%20Staffing%20Agency&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

904e2371f830b355fdd9024d6b2feee57558a8dd35bcdc17b127c3fb78a1a29e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 23:29:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1416
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975861921/ 3 KB
2 KB 52ms
20ms Script
text/javascript 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975861921/?random=1685748540975&cv=9&fst=1685748540972&num=2&label=5ODICJ63w2YQofGp0QM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fprovisionalaccounting.com%2F&tiba=Accounting%20Jobs%20in%20Spokane%20%26%20Seattle%20%7C%20Accounting%20Staffing%20Agency&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a9e99c2cc4bb07f34e2bad3a82ac5f4d678d5fc920d80acabf09be36c92dd617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 23:29:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1468
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK blog-content.php Show response
provisionalaccounting.com/common/ 636 B
633 B 532ms
467ms XHR
text/html 199.168.114.96
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL: http://provisionalaccounting.com/common/blog-content.php?_=1685748540755
Requested by: Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/lib/bower_components/jquery/dist/jquery.min.js
Protocol: HTTP/1.1
Server: 199.168.114.96 Los Angeles, United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS: cpanel03b.dtsrv.net
Software: / PHP/7.3.33
Resource Hash: 7abe7d65e15826a49395f9874e2a3f29a91b0f8bc92ef784d3a5d117913bd652

Request headers

Accept: */*
Referer: http://provisionalaccounting.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:01 GMT
content-encoding: gzip
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 387

GET
H2 200 www-player.css
www.youtube.com/s/player/f55759b8/ Frame 3686 406 KB
48 KB 9ms
7ms Stylesheet
text/css 2a00:1450:4001:811::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f55759b8/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Wgy75CRoXIg?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2da3463d43c823fbf9a6df6c58b0bca86f25083def66cd532f31b114b997df04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Wgy75CRoXIg?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 22:07:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4906
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48702
x-xss-protection: 0
last-modified: Wed, 31 May 2023 01:50:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 01 Jun 2024 22:07:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3686 15 KB
15 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:809::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Wgy75CRoXIg?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 518426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 23:28:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3686 15 KB
15 KB 11ms
8ms Font
font/woff2 2a00:1450:4001:809::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Wgy75CRoXIg?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 538876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 17:47:45 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/f55759b8/www-embed-player.vflset/ Frame 3686 306 KB
92 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:811::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f55759b8/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Wgy75CRoXIg?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ec519c0ffc41b13c1f0901a3168a6d4f8ead24fa8eae082eb1c62207a740dcbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Wgy75CRoXIg?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:17:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 695
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93948
x-xss-protection: 0
last-modified: Wed, 31 May 2023 01:50:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 01 Jun 2024 23:17:26 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/f55759b8/player_ias.vflset/de_DE/ Frame 3686 2 MB
741 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:811::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f55759b8/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Wgy75CRoXIg?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e0801ab96db2c9fea778fca02163c76db790da3a5fbc4924471d5c55d0c1e931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Wgy75CRoXIg?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 14:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203470
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 758758
x-xss-protection: 0
last-modified: Wed, 31 May 2023 01:50:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 30 May 2024 14:57:51 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/f55759b8/fetch-polyfill.vflset/ Frame 3686 9 KB
3 KB 40ms
37ms Script
text/javascript 2a00:1450:4001:811::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f55759b8/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Wgy75CRoXIg?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Wgy75CRoXIg?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 22:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2625
x-xss-protection: 0
last-modified: Wed, 31 May 2023 01:50:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 01 Jun 2024 22:30:17 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/975861921/ 42 B
455 B 49ms
19ms Image
image/gif 2a00:1450:4001:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975861921/?random=1685748540975&cv=9&fst=1685746800000&num=2&label=5ODICJ63w2YQofGp0QM&guid=ON&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=http%3A%2F%2Fprovisionalaccounting.com%2F&tiba=Accounting%20Jobs%20in%20Spokane%20%26%20Seattle%20%7C%20Accounting%20Staffing%20Agency&fmt=3&is_vtc=1&random=3324969676&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 23:29:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/975861921/ 42 B
108 B 50ms
20ms Image
image/gif 2a00:1450:4001:80b::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/975861921/?random=1685748540975&cv=9&fst=1685746800000&num=2&label=5ODICJ63w2YQofGp0QM&guid=ON&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=http%3A%2F%2Fprovisionalaccounting.com%2F&tiba=Accounting%20Jobs%20in%20Spokane%20%26%20Seattle%20%7C%20Accounting%20Staffing%20Agency&fmt=3&is_vtc=1&random=3324969676&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 23:29:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/975861921/ 42 B
108 B 52ms
22ms Image
image/gif 2a00:1450:4001:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975861921/?random=1685748540972&cv=9&fst=1685746800000&num=1&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=http%3A%2F%2Fprovisionalaccounting.com%2F&tiba=Accounting%20Jobs%20in%20Spokane%20%26%20Seattle%20%7C%20Accounting%20Staffing%20Agency&fmt=3&is_vtc=1&random=3895177136&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 23:29:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/975861921/ 42 B
455 B 48ms
18ms Image
image/gif 2a00:1450:4001:80b::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/975861921/?random=1685748540972&cv=9&fst=1685746800000&num=1&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=http%3A%2F%2Fprovisionalaccounting.com%2F&tiba=Accounting%20Jobs%20in%20Spokane%20%26%20Seattle%20%7C%20Accounting%20Staffing%20Agency&fmt=3&is_vtc=1&random=3895177136&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: provisionalaccounting.com
URL: http://provisionalaccounting.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://provisionalaccounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 23:29:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 6f0af507-20ca-47f3-b877-ef2577aa0ef4 Show response
http://provisionalaccounting.com/ Frame B328 147 B
0 Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://provisionalaccounting.com/6f0af507-20ca-47f3-b877-ef2577aa0ef4
Requested by: Host: static.olark.com
URL: http://static.olark.com/jsclient/loader.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef75b33904d93af24fa40e39bfc332becf6145911fb0715a252445b5e2bcb79e

Request headers

Referer: http://provisionalaccounting.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 147
Content-Type: text/html

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 3686
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

15ms
15ms

XHR
application/json

2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Wgy75CRoXIg?rel=0

Protocol

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

35128351bd7eacc24fd09469b0357f1811338306367bacc9e0eaf78b89b2963f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 02 Jun 2023 23:29:01 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 3686 29 B
494 B 45ms
7ms Script
text/javascript 2a00:1450:4001:811::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f55759b8/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:27:49 GMT
x-content-type-options: nosniff
age: 72
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Jun 2023 23:42:49 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 53ms
16ms Preflight
text/html 2a00:1450:4001:803::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 02 Jun 2023 23:29:01 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3686 68 KB
31 KB 28ms
27ms XHR
application/json+protobuf 2a00:1450:4001:803::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f55759b8/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

ESF /

Resource Hash

42c34715885fef7c4d70c4d47ea588fc1d31115cc98bc626d66105d6b79b4217

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 02 Jun 2023 23:29:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31721
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/f55759b8/player_ias.vflset/de_DE/ Frame 3686 116 KB
33 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f55759b8/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f55759b8/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

74ac55cfb3ec271398ef28f0d386a9b49f30b8c6fc46757a75047ade52d653bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Wgy75CRoXIg?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 14:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33628
x-xss-protection: 0
last-modified: Wed, 31 May 2023 01:50:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 30 May 2024 14:57:52 GMT

GET
H2 200 xOb0SHR0aPcqgMSeUE4kE8EFJfzXtzKzd7W6zLK3ZJ0.js Show response
www.google.com/js/th/ Frame 3686 38 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/xOb0SHR0aPcqgMSeUE4kE8EFJfzXtzKzd7W6zLK3ZJ0.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f55759b8/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c4e6f448747468f72a80c49e504e2413c10525fcd7b732b377b5baccb2b7649d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 04:17:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 155517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14651
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 04:17:04 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/Wgy75CRoXIg/ Frame 3686 31 KB
31 KB 100ms
70ms Image
image/jpeg 2a00:1450:4001:811::2016

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Wgy75CRoXIg/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Wgy75CRoXIg?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f2410bfcc23956c30634dfcbac2c9a4dac597b04839ff31db42f7d9e84530877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:01 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31254
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 03 Jun 2023 01:29:01 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/f55759b8/player_ias.vflset/de_DE/ Frame 3686 29 KB
8 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:811::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f55759b8/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f55759b8/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7ea6e97ebed435479a1a51a07fa9b206273b1a0ea6dbb8414265d2f4c37250d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Wgy75CRoXIg?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 14:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8319
x-xss-protection: 0
last-modified: Wed, 31 May 2023 01:50:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 30 May 2024 14:57:52 GMT

GET
DATA 200
OK truncated
/ Frame 3686 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AGIKgqNFsjbPCQHyR8M4-cWzVcX-_qb8_AnZUdmKoIFD=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 3686 2 KB
2 KB 434ms
395ms Image
image/jpeg 2a00:1450:4001:82a::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AGIKgqNFsjbPCQHyR8M4-cWzVcX-_qb8_AnZUdmKoIFD=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Wgy75CRoXIg?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

fife /

Resource Hash

3e0fd83eaedfa6ff49fc5377736a21c1b56f74507c761c7bf8dd26ce32c515d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v12"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1572
x-xss-protection: 0
expires: Sat, 03 Jun 2023 23:29:01 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 19ms
18ms Preflight
text/html 2a00:1450:4001:803::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 02 Jun 2023 23:29:01 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3686 90 B
134 B 19ms
18ms XHR
application/json+protobuf 2a00:1450:4001:803::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f55759b8/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

ESF /

Resource Hash

764fdcd5912e397a7d1533c04f97bb672651dbb7449357d7e6dd9f907df78450

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 02 Jun 2023 23:29:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 3686 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:811::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?ynQVZA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/Wgy75CRoXIg?rel=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Wgy75CRoXIg?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 3686 4 KB
2 KB 39ms
21ms Script
text/javascript 2a00:1450:4001:80f::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f55759b8/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:29:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 02 Jun 2023 23:29:01 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 3686 28 B
54 B 22ms
22ms XHR
application/json 2a00:1450:4001:811::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f55759b8/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
X-Goog-Request-Time: 1685748543181
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Wgy75CRoXIg?rel=0
X-YouTube-Client-Version: 1.20230530.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt0OFVqVDczbFhWMCi89umjBg%3D%3D
X-YouTube-Ad-Signals: dt=1685748541074&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C445%2C214&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 02 Jun 2023 23:29:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 02 Jun 2023 23:29:03 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
provisionalaccounting.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 14509f05a82c3b641e9c242e001648e6
.provisionalaccounting.com/	1970-01-20 21:51:48	Name: __utma Value: 57820011.2023492390.1685748541.1685748541.1685748541.1
.provisionalaccounting.com/	1969-12-31 23:59:59	Name: __utmc Value: 57820011
.provisionalaccounting.com/	1970-01-20 16:38:36	Name: __utmz Value: 57820011.1685748541.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.provisionalaccounting.com/	1970-01-20 12:15:49	Name: __utmt Value: 1
.provisionalaccounting.com/	1970-01-20 12:15:49	Name: __utmt_~1 Value: 1
.provisionalaccounting.com/	1970-01-20 12:15:50	Name: __utmb Value: 57820011.2.10.1685748541
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: -0ASg4WdBpk
.youtube.com/	1970-01-20 16:35:00	Name: VISITOR_INFO1_LIVE Value: t8UjT73lXV0
.doubleclick.net/	1970-01-20 12:15:49	Name: test_cookie Value: CheckForPermission

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://provisionalaccounting.com/lib/jquery.form.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: http://provisionalaccounting.com/(Line 547) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://provisionalaccounting.com/(Line 547) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accountingpros.jobs
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
provisionalaccounting.com
seal-spokane.bbb.org
static.doubleclick.net
static.olark.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com

172.217.18.98
192.229.163.53
199.168.114.96
2a00:1450:4001:803::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2006
2a00:1450:4001:811::200e
2a00:1450:4001:811::2016
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200a
2a0b:4d07:2::1
022945710d25fcbf274869c8572a0dacc74cfa6e63137b08c86a0eea89b6359f
0651ce09ae6e45b60bf069aa13c01ea8ba592fecb6ba34702ff81630dc69279c
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
223c38428832673a28f1adab5b30d0b7099535b2e755abfad61beef64d85fdc6
29401f9c5505f16b44cc0ac9cddbba8cbe8fd7ea7d1197b87987a5d13d885c85
2da3463d43c823fbf9a6df6c58b0bca86f25083def66cd532f31b114b997df04
2ebb59a0994fe24bb45ede7637b940dd06496e1c5372062df3439f2a20499e3f
2f79d712c5fc919d9803363741e80dab956b7586103e2d62679941094788d369
35128351bd7eacc24fd09469b0357f1811338306367bacc9e0eaf78b89b2963f
3e0fd83eaedfa6ff49fc5377736a21c1b56f74507c761c7bf8dd26ce32c515d0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42c34715885fef7c4d70c4d47ea588fc1d31115cc98bc626d66105d6b79b4217
468a7593d9eb66bc7d793c5be206ad772da00cc8be691b400ab5c2ea8108c706
4e4e3c5cd48653bdbb9f7c76419a7b0a3eae154c9c3f2f096324922950dca4cb
509663721e14615e78dba3d3f0b72ea7d6217bc8dbc2b4007370f771683fc1ac
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b7e76a42fe18b3f6dacb88916f9a880f1bf85a97e9e252e1f736e8248de77aa
5dc7a486ab81613e912e8363b2fc363e58ecdc625f606a113153b9973df96634
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46
74ac55cfb3ec271398ef28f0d386a9b49f30b8c6fc46757a75047ade52d653bf
764fdcd5912e397a7d1533c04f97bb672651dbb7449357d7e6dd9f907df78450
7886363f5a7f55cec48411167695ce399eff3afd8140f78535cecee1962d2605
7abe7d65e15826a49395f9874e2a3f29a91b0f8bc92ef784d3a5d117913bd652
7d20f5572e0e3a4e175e6cf8905234bf3badf44f19409a55030003e9a6a99821
7ea6e97ebed435479a1a51a07fa9b206273b1a0ea6dbb8414265d2f4c37250d0
7ff7b284a95e4f8144dfdf465545248512788654e56cc4c8989a6ecc807f8004
806e0db9e5c58e0fb3216872f36b577c05fd85c132d2857effd68bf617c93b20
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b7dd3b9cda483f699aa075575c5558278dd6177df0d75a9851bae6a4c5eaeb
842fa63f4acbf6cd4dbd9527c414ba751949daff728bd65d1b2d1ef4b435e528
87947710b45c0ad0571f243693296bbba2d55694d80de496beb92400a2a89b3a
904e2371f830b355fdd9024d6b2feee57558a8dd35bcdc17b127c3fb78a1a29e
94b2e79c3be8033d96935d4bcbeeb1179ada14d16b490cf6726f9143c579f801
a9e99c2cc4bb07f34e2bad3a82ac5f4d678d5fc920d80acabf09be36c92dd617
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
afd2d099307fc78c161dc1574920c7268ad8c0e8b6a896f58dae6b61d48c5a9d
b03be4ba3abf1089706932b409c075c5ed3eebe1ce3e551361b0003965d72920
bf2911b44c7fa0b1734ab6f03b8cb46245cef7df3cdf8deb0c9a1ad8c6294b7b
c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079
c4e6f448747468f72a80c49e504e2413c10525fcd7b732b377b5baccb2b7649d
c6743217c9b525646d77f69bfb8cae859c8191ec933c8f5cae459a338b00fd2b
c9594cab70e9d28c8701b4078c9bef6881207a3e81c054b0f3960a746e5cd1f8
c97b0ec64dd533ed8b8f38574746eedae88ba80d4fd81de1daf8d2512cd7d014
cb2c4d65219e3e96e53acd6c0bf0452178b63e9497c68cebab945ff81e078c82
cbfa87664ffd180d5eeb804548c093616425e7193bdc195da24a0b1b3235c8e2
cc86da43ae32ade25234c35236dcf3915d91904911918b62b1a3b0f6b23d0e87
ccb5d8ff0e0b77fb14e06566be20973193890b1ccb6cb99987dad2ba465e6a33
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e0801ab96db2c9fea778fca02163c76db790da3a5fbc4924471d5c55d0c1e931
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7fa0a50ca84ec0e0cd4b07632bb1055ec8695741e97479166d5c91bfce47eb4
ec519c0ffc41b13c1f0901a3168a6d4f8ead24fa8eae082eb1c62207a740dcbc
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef75b33904d93af24fa40e39bfc332becf6145911fb0715a252445b5e2bcb79e
efd48d6f27a68ac7984f59ceb41d065a8a971b37de4eb5d5f21bfae0e2ef1fe4
f2410bfcc23956c30634dfcbac2c9a4dac597b04839ff31db42f7d9e84530877
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fe262ade363bbec206ec096812c68cb071185affc97a4edcaf932e60df5615c3

provisionalaccounting.com Open in urlscan Pro 199.168.114.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

42 %HTTPS

76 %IPv6

14 Domains

17 Subdomains

18 IPs

3 Countries

2459 kBTransfer

5613 kBSize

10 Cookies

10 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

provisionalaccounting.com Open in urlscan Pro
199.168.114.96 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

42 %
HTTPS

76 %
IPv6

14
Domains

17
Subdomains

18
IPs

3
Countries

2459 kB
Transfer

5613 kB
Size

10
Cookies

69 HTTP transactions
1 data transactions